npm - @poolzin/pool-bot - Versions diffs - 2026.2.25 → 2026.2.26 - Mend

@poolzin/pool-bot 2026.2.25 → 2026.2.26

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (506) hide show

package/dist/acp/event-mapper.js +87 -22
package/dist/acp/meta.js +12 -6
package/dist/agents/agent-paths.js +8 -9
package/dist/agents/agent-scope.js +7 -5
package/dist/agents/auth-profiles/oauth.js +148 -64
package/dist/agents/auth-profiles/session-override.js +13 -7
package/dist/agents/bash-tools.exec-host-gateway.js +14 -4
package/dist/agents/bash-tools.exec-runtime.js +2 -25
package/dist/agents/bedrock-discovery.js +3 -1
package/dist/agents/byteplus-models.js +97 -0
package/dist/agents/chutes-oauth.js +1 -0
package/dist/agents/cli-runner/helpers.js +4 -0
package/dist/agents/compaction.js +41 -14
package/dist/agents/doubao-models.js +121 -0
package/dist/agents/failover-error.js +2 -0
package/dist/agents/huggingface-models.js +5 -3
package/dist/agents/live-model-filter.js +5 -0
package/dist/agents/minimax-vlm.js +10 -8
package/dist/agents/model-auth.js +6 -0
package/dist/agents/model-catalog.js +3 -1
package/dist/agents/model-selection.js +7 -1
package/dist/agents/models-config.providers.js +93 -11
package/dist/agents/ollama-stream.js +117 -4
package/dist/agents/opencode-zen-models.js +22 -11
package/dist/agents/pi-embedded-helpers/errors.js +55 -33
package/dist/agents/pi-embedded-helpers/messaging-dedupe.js +10 -5
package/dist/agents/pi-embedded-helpers/thinking.js +10 -5
package/dist/agents/pi-embedded-helpers.js +1 -1
package/dist/agents/pi-embedded-runner/compact.js +29 -7
package/dist/agents/pi-embedded-runner/extensions.js +28 -26
package/dist/agents/pi-embedded-runner/google.js +20 -8
package/dist/agents/pi-embedded-runner/run/attempt.js +95 -36
package/dist/agents/pi-embedded-runner/run.js +71 -12
package/dist/agents/pi-embedded-runner/run.overflow-compaction.mocks.shared.js +11 -2
package/dist/agents/pi-embedded-runner/session-manager-cache.js +11 -7
package/dist/agents/pi-embedded-runner/system-prompt.js +2 -0
package/dist/agents/pi-embedded-runner/thinking.js +42 -0
package/dist/agents/pi-embedded-runner/tool-name-allowlist.js +19 -0
package/dist/agents/pi-embedded-runner/utils.js +7 -10
package/dist/agents/pi-embedded-subscribe.handlers.lifecycle.js +45 -56
package/dist/agents/pi-embedded-subscribe.handlers.tools.js +2 -2
package/dist/agents/pi-embedded-subscribe.js +9 -4
package/dist/agents/pi-embedded-subscribe.tools.js +68 -14
package/dist/agents/pi-embedded-utils.js +3 -0
package/dist/agents/pi-extensions/compaction-safeguard-runtime.js +4 -20
package/dist/agents/pi-extensions/compaction-safeguard.js +75 -33
package/dist/agents/pi-settings.js +40 -0
package/dist/agents/pi-tools.policy.js +2 -1
package/dist/agents/provider/config-loader.js +1 -1
package/dist/agents/sandbox/browser.js +170 -33
package/dist/agents/sandbox/config-hash.js +14 -27
package/dist/agents/sandbox/config.js +21 -2
package/dist/agents/sandbox/constants.js +2 -0
package/dist/agents/sandbox/docker.js +16 -2
package/dist/agents/sandbox/novnc-auth.js +62 -0
package/dist/agents/sandbox/sanitize-env-vars.js +1 -1
package/dist/agents/sandbox/shared.js +10 -6
package/dist/agents/sandbox-paths.js +24 -11
package/dist/agents/schema/clean-for-gemini.js +132 -85
package/dist/agents/session-slug.js +10 -5
package/dist/agents/session-tool-result-guard-wrapper.js +1 -0
package/dist/agents/session-tool-result-guard.js +3 -1
package/dist/agents/session-transcript-repair.js +40 -6
package/dist/agents/skills/bundled-dir.js +19 -5
package/dist/agents/skills/env-overrides.js +124 -43
package/dist/agents/skills/frontmatter.js +6 -6
package/dist/agents/skills/plugin-skills.js +14 -7
package/dist/agents/skills/workspace.js +1 -0
package/dist/agents/subagent-announce.js +251 -49
package/dist/agents/subagent-lifecycle-events.js +19 -0
package/dist/agents/subagent-registry-cleanup.js +31 -0
package/dist/agents/subagent-registry-completion.js +68 -0
package/dist/agents/subagent-registry-queries.js +117 -0
package/dist/agents/subagent-registry-state.js +46 -0
package/dist/agents/subagent-registry.js +252 -221
package/dist/agents/subagent-registry.store.js +1 -0
package/dist/agents/subagent-registry.types.js +1 -0
package/dist/agents/subagent-spawn.js +195 -7
package/dist/agents/system-prompt.js +22 -6
package/dist/agents/test-helpers/fast-coding-tools.js +1 -18
package/dist/agents/test-helpers/fast-core-tools.js +1 -17
package/dist/agents/timeout.js +18 -6
package/dist/agents/tool-call-id.js +1 -1
package/dist/agents/tool-display-common.js +162 -29
package/dist/agents/tool-images.js +82 -9
package/dist/agents/tool-policy.js +51 -26
package/dist/agents/tools/browser-tool.js +2 -2
package/dist/agents/tools/canvas-tool.js +27 -1
package/dist/agents/tools/common.js +45 -0
package/dist/agents/tools/discord-actions-guild.js +4 -1
package/dist/agents/tools/gateway-tool.js +3 -1
package/dist/agents/tools/nodes-utils.js +1 -10
package/dist/agents/tools/sessions-send-helpers.js +12 -6
package/dist/agents/tools/sessions-spawn-tool.js +8 -2
package/dist/agents/tools/subagents-tool.js +2 -1
package/dist/agents/tools/whatsapp-actions.js +10 -2
package/dist/agents/tools/whatsapp-target-auth.js +18 -0
package/dist/agents/transcript-policy.js +22 -8
package/dist/agents/venice-models.js +11 -3
package/dist/auto-reply/commands-registry.data.js +51 -0
package/dist/auto-reply/commands-registry.js +4 -3
package/dist/auto-reply/group-activation.js +10 -5
package/dist/auto-reply/inbound-debounce.js +10 -5
package/dist/auto-reply/reply/abort.js +1 -1
package/dist/auto-reply/reply/agent-runner-execution.js +4 -1
package/dist/auto-reply/reply/bash-command.js +41 -39
package/dist/auto-reply/reply/command-gates.js +25 -0
package/dist/auto-reply/reply/commands-allowlist.js +111 -72
package/dist/auto-reply/reply/commands-bash.js +6 -5
package/dist/auto-reply/reply/commands-config.js +30 -28
package/dist/auto-reply/reply/commands-core.js +2 -1
package/dist/auto-reply/reply/commands-info.js +1 -0
package/dist/auto-reply/reply/commands-models.js +65 -14
package/dist/auto-reply/reply/commands-session.js +237 -82
package/dist/auto-reply/reply/commands-setunset.js +45 -0
package/dist/auto-reply/reply/commands-subagents/action-agents.js +44 -0
package/dist/auto-reply/reply/commands-subagents/action-focus.js +64 -0
package/dist/auto-reply/reply/commands-subagents/action-help.js +4 -0
package/dist/auto-reply/reply/commands-subagents/action-info.js +45 -0
package/dist/auto-reply/reply/commands-subagents/action-kill.js +60 -0
package/dist/auto-reply/reply/commands-subagents/action-list.js +44 -0
package/dist/auto-reply/reply/commands-subagents/action-log.js +29 -0
package/dist/auto-reply/reply/commands-subagents/action-send.js +119 -0
package/dist/auto-reply/reply/commands-subagents/action-spawn.js +52 -0
package/dist/auto-reply/reply/commands-subagents/action-unfocus.js +30 -0
package/dist/auto-reply/reply/commands-subagents/shared.js +303 -0
package/dist/auto-reply/reply/commands-subagents.js +51 -587
package/dist/auto-reply/reply/commands-tts.js +10 -5
package/dist/auto-reply/reply/config-value.js +10 -5
package/dist/auto-reply/reply/directive-handling.model-picker.js +12 -6
package/dist/auto-reply/reply/directive-handling.persist.js +9 -21
package/dist/auto-reply/reply/directive-handling.shared.js +24 -4
package/dist/auto-reply/reply/followup-runner.js +1 -0
package/dist/auto-reply/reply/get-reply-directives-utils.js +23 -14
package/dist/auto-reply/reply/get-reply-directives.js +17 -28
package/dist/auto-reply/reply/get-reply-inline-actions.js +1 -0
package/dist/auto-reply/reply/get-reply.js +71 -12
package/dist/auto-reply/reply/model-selection.js +80 -39
package/dist/auto-reply/reply/queue/enqueue.js +10 -5
package/dist/auto-reply/reply/queue/state.js +13 -12
package/dist/auto-reply/reply/reply-payloads.js +67 -36
package/dist/auto-reply/reply/reply-reference.js +9 -8
package/dist/auto-reply/reply/route-reply.js +15 -8
package/dist/auto-reply/reply/session-reset-prompt.js +1 -1
package/dist/auto-reply/reply/session.js +22 -6
package/dist/auto-reply/reply/strip-inbound-meta.js +147 -0
package/dist/auto-reply/reply/subagents-utils.js +56 -30
package/dist/auto-reply/reply/typing.js +46 -21
package/dist/auto-reply/send-policy.js +14 -7
package/dist/auto-reply/status.js +140 -16
package/dist/auto-reply/templating.js +10 -5
package/dist/auto-reply/thinking.js +7 -16
package/dist/auto-reply/tokens.js +21 -5
package/dist/browser/bridge-server.js +36 -20
package/dist/browser/cdp.helpers.js +7 -14
package/dist/browser/cdp.js +35 -15
package/dist/browser/chrome.profile-decoration.js +7 -4
package/dist/browser/config.js +4 -0
package/dist/browser/extension-relay-auth.js +55 -0
package/dist/browser/extension-relay.js +74 -29
package/dist/browser/navigation-guard.js +9 -1
package/dist/browser/paths.js +77 -0
package/dist/browser/profiles.js +13 -8
package/dist/browser/pw-ai-module.js +10 -5
package/dist/browser/pw-session.js +76 -39
package/dist/browser/pw-tools-core.interactions.js +14 -7
package/dist/browser/pw-tools-core.state.js +12 -6
package/dist/browser/routes/agent.act.js +2 -2
package/dist/browser/server-context.js +7 -0
package/dist/build-info.json +3 -3
package/dist/channels/allow-from.js +2 -1
package/dist/channels/allowlists/resolve-utils.js +43 -19
package/dist/channels/channel-config.js +14 -7
package/dist/channels/draft-stream-loop.js +7 -0
package/dist/channels/model-overrides.js +82 -0
package/dist/channels/plugins/normalize/imessage.js +14 -7
package/dist/channels/plugins/normalize/slack.js +10 -5
package/dist/channels/plugins/normalize/telegram.js +14 -7
package/dist/channels/plugins/outbound/discord.js +80 -8
package/dist/channels/plugins/outbound/signal.js +11 -11
package/dist/channels/plugins/setup-helpers.js +10 -5
package/dist/channels/sender-label.js +14 -7
package/dist/channels/session.js +4 -2
package/dist/channels/status-reactions.js +297 -0
package/dist/cli/banner.js +1 -1
package/dist/cli/browser-cli-actions-input/register.files-downloads.js +65 -56
package/dist/cli/cli-name.js +11 -11
package/dist/cli/cli-utils.js +13 -3
package/dist/cli/command-format.js +1 -1
package/dist/cli/config-cli.js +1 -1
package/dist/cli/daemon-cli/lifecycle-core.js +31 -19
package/dist/cli/daemon-cli/lifecycle.js +64 -2
package/dist/cli/daemon-cli/restart-health.js +126 -0
package/dist/cli/daemon-cli/status.gather.js +9 -13
package/dist/cli/daemon-cli/status.print.js +2 -10
package/dist/cli/deps.js +27 -22
package/dist/cli/gateway-cli/run-loop.js +23 -5
package/dist/cli/node-cli/register.js +14 -5
package/dist/cli/nodes-media-utils.js +7 -2
package/dist/cli/outbound-send-deps.js +2 -9
package/dist/cli/outbound-send-mapping.js +11 -0
package/dist/cli/pairing-cli.js +40 -14
package/dist/cli/plugins-cli.js +34 -41
package/dist/cli/ports.js +11 -10
package/dist/cli/program/command-registry.js +2 -11
package/dist/cli/program/command-tree.js +16 -0
package/dist/cli/program/preaction.js +13 -9
package/dist/cli/program/register.configure.js +3 -18
package/dist/cli/program/register.maintenance.js +2 -2
package/dist/cli/program/register.onboard.js +2 -0
package/dist/cli/program/register.status-health-sessions.js +16 -17
package/dist/cli/program/register.subclis.js +93 -52
package/dist/cli/route.js +11 -7
package/dist/cli/system-cli.js +36 -46
package/dist/cli/update-cli/shared.js +22 -9
package/dist/cli/update-cli/update-command.js +89 -14
package/dist/cli/update-cli/wizard.js +6 -12
package/dist/commands/agent/run-context.js +18 -5
package/dist/commands/agent/session-store.js +17 -4
package/dist/commands/agent.js +22 -2
package/dist/commands/agents.bindings.js +14 -7
package/dist/commands/agents.commands.add.js +13 -9
package/dist/commands/agents.commands.identity.js +12 -6
package/dist/commands/agents.commands.list.js +11 -6
package/dist/commands/agents.config.js +8 -10
package/dist/commands/agents.providers.js +12 -6
package/dist/commands/auth-choice-options.js +103 -75
package/dist/commands/auth-choice.apply.byteplus.js +55 -0
package/dist/commands/auth-choice.apply.js +4 -0
package/dist/commands/auth-choice.apply.minimax.js +61 -13
package/dist/commands/auth-choice.apply.openai.js +3 -1
package/dist/commands/auth-choice.apply.volcengine.js +55 -0
package/dist/commands/auth-choice.preferred-provider.js +2 -0
package/dist/commands/channels/remove.js +13 -6
package/dist/commands/channels/shared.js +4 -14
package/dist/commands/configure.commands.js +14 -0
package/dist/commands/configure.gateway.js +2 -4
package/dist/commands/configure.js +1 -1
package/dist/commands/configure.shared.js +11 -0
package/dist/commands/daemon-install-helpers.js +2 -2
package/dist/commands/dashboard.js +12 -10
package/dist/commands/docs.js +14 -8
package/dist/commands/doctor-config-flow.js +11 -9
package/dist/commands/doctor-legacy-config.js +281 -0
package/dist/commands/doctor-state-integrity.js +99 -23
package/dist/commands/doctor-update.js +12 -9
package/dist/commands/models/list.list-command.js +7 -5
package/dist/commands/models/set-image.js +2 -21
package/dist/commands/node-daemon-install-helpers.js +10 -8
package/dist/commands/onboard-auth.config-minimax.js +54 -80
package/dist/commands/onboard-auth.config-opencode.js +2 -18
package/dist/commands/onboard-auth.credentials.js +90 -13
package/dist/commands/onboard-auth.js +1 -1
package/dist/commands/onboard-auth.models.js +6 -5
package/dist/commands/onboard-hooks.js +1 -1
package/dist/commands/onboard-non-interactive/api-keys.js +14 -7
package/dist/commands/onboard-non-interactive/local/auth-choice.js +64 -49
package/dist/commands/onboard-provider-auth-flags.js +14 -0
package/dist/commands/onboard-remote.js +14 -7
package/dist/commands/onboard.js +11 -13
package/dist/commands/sandbox-display.js +6 -5
package/dist/commands/status-all/diagnosis.js +14 -10
package/dist/commands/status-all/format.js +1 -0
package/dist/commands/status.gateway-probe.js +1 -16
package/dist/commands/systemd-linger.js +12 -6
package/dist/config/agent-limits.js +2 -0
package/dist/config/commands.js +30 -16
package/dist/config/config-paths.js +9 -11
package/dist/config/defaults.js +22 -2
package/dist/config/discord-preview-streaming.js +104 -0
package/dist/config/env-vars.js +37 -8
package/dist/config/includes.js +4 -0
package/dist/config/io.js +97 -12
package/dist/config/legacy.migrations.part-1.js +189 -78
package/dist/config/legacy.shared.js +3 -1
package/dist/config/merge-patch.js +4 -0
package/dist/config/prototype-keys.js +4 -0
package/dist/config/schema.help.js +44 -7
package/dist/config/schema.labels.js +38 -6
package/dist/config/sessions/delivery-info.js +10 -3
package/dist/config/sessions/main-session.js +10 -5
package/dist/config/sessions/session-file.js +33 -0
package/dist/config/sessions/session-key.js +10 -5
package/dist/config/sessions/store.js +1 -1
package/dist/config/sessions.js +1 -0
package/dist/config/zod-schema.agent-runtime.js +11 -0
package/dist/config/zod-schema.js +148 -13
package/dist/config/zod-schema.providers-core.js +78 -4
package/dist/config/zod-schema.providers.js +6 -1
package/dist/config/zod-schema.session.js +41 -2
package/dist/cron/run-log.js +3 -0
package/dist/cron/schedule.js +21 -10
package/dist/cron/service/ops.js +35 -21
package/dist/cron/service/timer.js +116 -16
package/dist/cron/stagger.js +3 -1
package/dist/discord/api.js +12 -6
package/dist/discord/draft-chunking.js +22 -0
package/dist/discord/draft-stream.js +124 -0
package/dist/discord/monitor/agent-components.js +1 -1
package/dist/discord/monitor/commands.js +5 -0
package/dist/discord/monitor/gateway-plugin.js +2 -1
package/dist/discord/monitor/listeners.js +37 -27
package/dist/discord/monitor/message-handler.js +4 -1
package/dist/discord/monitor/message-handler.preflight.js +65 -8
package/dist/discord/monitor/message-handler.process.js +246 -217
package/dist/discord/monitor/message-utils.js +143 -6
package/dist/discord/monitor/model-picker-preferences.js +143 -0
package/dist/discord/monitor/model-picker.js +651 -0
package/dist/discord/monitor/native-command.js +573 -16
package/dist/discord/monitor/provider.allowlist.js +223 -0
package/dist/discord/monitor/provider.js +275 -347
package/dist/discord/monitor/provider.lifecycle.js +100 -0
package/dist/discord/monitor/reply-delivery.js +123 -16
package/dist/discord/monitor/thread-bindings.discord-api.js +215 -0
package/dist/discord/monitor/thread-bindings.js +4 -0
package/dist/discord/monitor/thread-bindings.lifecycle.js +177 -0
package/dist/discord/monitor/thread-bindings.manager.js +423 -0
package/dist/discord/monitor/thread-bindings.messages.js +55 -0
package/dist/discord/monitor/thread-bindings.state.js +358 -0
package/dist/discord/monitor/thread-bindings.types.js +6 -0
package/dist/discord/resolve-users.js +33 -21
package/dist/discord/send.channels.js +15 -0
package/dist/discord/send.js +3 -2
package/dist/discord/send.outbound.js +82 -26
package/dist/discord/send.permissions.js +83 -30
package/dist/discord/send.reactions.js +8 -4
package/dist/discord/token.js +10 -5
package/dist/discord/voice/command.js +263 -0
package/dist/discord/voice/manager.js +531 -0
package/dist/gateway/auth.js +34 -10
package/dist/gateway/call.js +4 -16
package/dist/gateway/client.js +28 -4
package/dist/gateway/config-reload.js +3 -4
package/dist/gateway/control-ui.js +219 -96
package/dist/gateway/hooks-mapping.js +88 -38
package/dist/gateway/http-auth-helpers.js +3 -2
package/dist/gateway/http-endpoint-helpers.js +1 -0
package/dist/gateway/net.js +54 -12
package/dist/gateway/node-invoke-system-run-approval.js +14 -35
package/dist/gateway/node-registry.js +10 -5
package/dist/gateway/openai-http.js +1 -0
package/dist/gateway/openresponses-http.js +1 -0
package/dist/gateway/origin-check.js +1 -18
package/dist/gateway/protocol/index.js +4 -3
package/dist/gateway/protocol/schema/cron.js +1 -0
package/dist/gateway/protocol/schema/devices.js +1 -0
package/dist/gateway/protocol/schema/protocol-schemas.js +2 -1
package/dist/gateway/protocol/schema/sessions.js +6 -0
package/dist/gateway/role-policy.js +17 -0
package/dist/gateway/server/ws-connection/connect-policy.js +37 -0
package/dist/gateway/server/ws-connection/message-handler.js +175 -148
package/dist/gateway/server-chat.js +83 -25
package/dist/gateway/server-constants.js +10 -9
package/dist/gateway/server-cron.js +1 -0
package/dist/gateway/server-http.js +16 -7
package/dist/gateway/server-maintenance.js +20 -5
package/dist/gateway/server-methods/chat.js +10 -6
package/dist/gateway/server-methods/config.js +12 -14
package/dist/gateway/server-methods/devices.js +17 -3
package/dist/gateway/server-methods/models.js +11 -1
package/dist/gateway/server-methods/sessions.js +64 -8
package/dist/gateway/server-methods/usage.js +162 -75
package/dist/gateway/server-node-events.js +29 -0
package/dist/gateway/server-runtime-config.js +34 -13
package/dist/gateway/server-startup-memory.js +17 -11
package/dist/gateway/session-utils.fs.js +32 -34
package/dist/gateway/sessions-resolve.js +17 -5
package/dist/gateway/test-helpers.openai-mock.js +14 -7
package/dist/gateway/tools-invoke-http.js +21 -10
package/dist/hooks/bundled/bootstrap-extra-files/handler.js +3 -1
package/dist/hooks/bundled/command-logger/handler.js +7 -2
package/dist/hooks/bundled/session-memory/handler.js +6 -5
package/dist/hooks/frontmatter.js +6 -6
package/dist/hooks/gmail-watcher.js +11 -6
package/dist/hooks/internal-hooks.js +11 -1
package/dist/hooks/llm-slug-generator.js +4 -1
package/dist/hooks/workspace.js +47 -17
package/dist/imessage/accounts.js +9 -20
package/dist/imessage/monitor/inbound-processing.js +2 -1
package/dist/infra/archive.js +174 -73
package/dist/infra/control-ui-assets.js +14 -6
package/dist/infra/device-pairing.js +108 -29
package/dist/infra/env.js +10 -5
package/dist/infra/exec-approvals-allowlist.js +122 -0
package/dist/infra/exec-approvals-analysis.js +34 -3
package/dist/infra/exec-approvals.js +5 -17
package/dist/infra/exec-safe-bin-policy.js +53 -45
package/dist/infra/fs-safe.js +71 -39
package/dist/infra/gateway-lock.js +6 -2
package/dist/infra/heartbeat-wake.js +6 -12
package/dist/infra/host-env-security-policy.json +19 -0
package/dist/infra/host-env-security.js +66 -0
package/dist/infra/net/ssrf.js +131 -38
package/dist/infra/outbound/bound-delivery-router.js +88 -0
package/dist/infra/outbound/channel-selection.js +12 -6
package/dist/infra/outbound/envelope.js +1 -1
package/dist/infra/outbound/format.js +12 -6
package/dist/infra/outbound/payloads.js +14 -7
package/dist/infra/outbound/session-binding-service.js +123 -0
package/dist/infra/path-guards.js +25 -0
package/dist/infra/provider-usage.fetch.codex.js +7 -15
package/dist/infra/provider-usage.fetch.gemini.js +14 -11
package/dist/infra/provider-usage.fetch.shared.js +30 -1
package/dist/infra/provider-usage.fetch.zai.js +10 -9
package/dist/infra/retry-policy.js +4 -2
package/dist/infra/retry.js +9 -5
package/dist/infra/session-cost-usage.js +107 -59
package/dist/infra/session-maintenance-warning.js +3 -1
package/dist/infra/shell-env.js +98 -34
package/dist/infra/ssh-config.js +12 -6
package/dist/infra/system-run-command.js +49 -4
package/dist/infra/update-channels.js +10 -5
package/dist/line/accounts.js +5 -7
package/dist/line/bot-access.js +8 -20
package/dist/line/bot-handlers.js +3 -1
package/dist/link-understanding/detect.js +15 -7
package/dist/media/constants.js +15 -6
package/dist/media/image-ops.js +7 -0
package/dist/media/local-roots.js +3 -2
package/dist/media-understanding/apply.js +4 -1
package/dist/media-understanding/concurrency.js +8 -20
package/dist/memory/backend-config.js +45 -6
package/dist/memory/embeddings.js +10 -4
package/dist/memory/fs-utils.js +23 -0
package/dist/memory/manager-search.js +12 -6
package/dist/memory/manager-sync-ops.js +12 -2
package/dist/memory/qmd-manager.js +466 -53
package/dist/memory/query-expansion.js +167 -3
package/dist/memory/status-format.js +10 -5
package/dist/memory/sync-memory-files.js +1 -1
package/dist/node-host/invoke-system-run.js +281 -0
package/dist/node-host/invoke.js +55 -337
package/dist/pairing/pairing-store.js +22 -0
package/dist/plugin-sdk/allow-from.js +1 -1
package/dist/plugin-sdk/command-auth.js +3 -1
package/dist/plugin-sdk/index.js +6 -3
package/dist/plugin-sdk/webhook-targets.js +32 -0
package/dist/plugins/bundled-dir.js +9 -6
package/dist/plugins/hooks.js +50 -0
package/dist/plugins/install.js +28 -16
package/dist/plugins/runtime.js +3 -17
package/dist/plugins/update.js +78 -12
package/dist/process/spawn-utils.js +14 -7
package/dist/providers/github-copilot-token.js +11 -6
package/dist/providers/qwen-portal-oauth.js +14 -6
package/dist/routing/account-id.js +30 -0
package/dist/routing/resolve-route.js +3 -7
package/dist/routing/session-key.js +2 -16
package/dist/security/audit-channel.js +93 -2
package/dist/security/audit-extra.async.js +159 -5
package/dist/security/audit-extra.js +1 -1
package/dist/security/audit-extra.sync.js +85 -6
package/dist/security/audit.js +40 -4
package/dist/security/dm-policy-shared.js +44 -0
package/dist/security/external-content.js +26 -6
package/dist/shared/entry-status.js +6 -0
package/dist/shared/frontmatter.js +5 -5
package/dist/shared/node-match.js +11 -4
package/dist/shared/operator-scope-compat.js +8 -3
package/dist/signal/accounts.js +7 -20
package/dist/signal/monitor/event-handler.js +3 -1
package/dist/slack/accounts.js +6 -19
package/dist/slack/actions.js +11 -3
package/dist/slack/monitor/auth.js +1 -1
package/dist/slack/monitor/message-handler/dispatch.js +50 -29
package/dist/slack/monitor/replies.js +15 -7
package/dist/slack/monitor/slash.js +22 -13
package/dist/slack/resolve-channels.js +10 -5
package/dist/slack/send.js +102 -12
package/dist/slack/stream-mode.js +10 -0
package/dist/slack/streaming.js +4 -2
package/dist/telegram/accounts.js +19 -14
package/dist/telegram/bot/helpers.js +3 -5
package/dist/telegram/bot-access.js +35 -36
package/dist/telegram/bot-handlers.js +120 -148
package/dist/telegram/bot-message-context.js +68 -9
package/dist/telegram/bot-message-dispatch.js +155 -90
package/dist/telegram/bot-native-commands.js +16 -0
package/dist/telegram/draft-stream.js +14 -1
package/dist/telegram/inline-buttons.js +5 -15
package/dist/telegram/monitor.js +11 -7
package/dist/telegram/network-config.js +19 -7
package/dist/telegram/send.js +3 -2
package/dist/telegram/sent-message-cache.js +5 -6
package/dist/telegram/status-reaction-variants.js +208 -0
package/dist/telegram/sticker-cache.js +11 -9
package/dist/terminal/theme.js +12 -12
package/dist/tts/tts.js +80 -567
package/dist/tui/components/chat-log.js +41 -8
package/dist/tui/theme/theme.js +10 -12
package/dist/tui/tui-local-shell.js +16 -6
package/dist/tui/tui.js +58 -6
package/dist/utils/account-id.js +2 -4
package/dist/utils/boolean.js +10 -5
package/dist/utils/directive-tags.js +11 -0
package/dist/utils/queue-helpers.js +67 -12
package/dist/web/auto-reply/deliver-reply.js +8 -4
package/dist/web/auto-reply/mentions.js +10 -5
package/dist/web/auto-reply/monitor/group-members.js +14 -7
package/dist/web/auto-reply/monitor/process-message.js +45 -24
package/dist/web/inbound/access-control.js +5 -2
package/dist/web/login-qr.js +12 -6
package/dist/web/media.js +123 -16
package/extensions/bluebubbles/src/monitor-processing.ts +580 -139
package/extensions/bluebubbles/src/monitor.ts +208 -1950
package/package.json +1 -1

package/dist/gateway/server-methods/sessions.js CHANGED Viewed

@@ -6,8 +6,10 @@ import { stopSubagentsForRequester } from "../../auto-reply/reply/abort.js";
 import { clearSessionQueues } from "../../auto-reply/reply/queue.js";
 import { loadConfig } from "../../config/config.js";
 import { loadSessionStore, snapshotSessionOrigin, resolveMainSessionKey, updateSessionStore, } from "../../config/sessions.js";
+import { unbindThreadBindingsBySessionKey } from "../../discord/monitor/thread-bindings.js";
 import { createInternalHookEvent, triggerInternalHook } from "../../hooks/internal-hooks.js";
-import { normalizeAgentId, parseAgentSessionKey } from "../../routing/session-key.js";
+import { getGlobalHookRunner } from "../../plugins/hook-runner-global.js";
+import { isSubagentSessionKey, normalizeAgentId, parseAgentSessionKey, } from "../../routing/session-key.js";
 import { ErrorCodes, errorShape, validateSessionsCompactParams, validateSessionsDeleteParams, validateSessionsListParams, validateSessionsPatchParams, validateSessionsPreviewParams, validateSessionsResetParams, validateSessionsResolveParams, } from "../protocol/index.js";
 import { archiveFileOnDisk, archiveSessionTranscripts, listSessionsFromStore, loadCombinedSessionStoreForGateway, loadSessionEntry, pruneLegacyStoreKeys, readSessionPreviewItemsFromTranscript, resolveGatewaySessionStoreTarget, resolveSessionModelRef, resolveSessionTranscriptCandidates, } from "../session-utils.js";
 import { applySessionsPatchToStore } from "../sessions-patch.js";
@@ -33,6 +35,13 @@ function resolveGatewaySessionTargetFromKey(key) {
     const target = resolveGatewaySessionStoreTarget({ cfg, key });
     return { cfg, target, storePath: target.storePath };
 }
+function rejectWebchatSessionMutation(params) {
+    if (!params.client?.connect || !params.isWebchatConnect(params.client.connect)) {
+        return false;
+    }
+    params.respond(false, undefined, errorShape(ErrorCodes.INVALID_REQUEST, `webchat clients cannot ${params.action} sessions; use chat.send for session-scoped updates`));
+    return true;
+}
 function migrateAndPruneSessionStoreKey(params) {
     const target = resolveGatewaySessionStoreTarget({
         cfg: params.cfg,
@@ -65,6 +74,31 @@ function archiveSessionTranscriptsForSession(params) {
         reason: params.reason,
     });
 }
+async function emitSessionUnboundLifecycleEvent(params) {
+    const targetKind = isSubagentSessionKey(params.targetSessionKey) ? "subagent" : "acp";
+    unbindThreadBindingsBySessionKey({
+        targetSessionKey: params.targetSessionKey,
+        targetKind,
+        reason: params.reason,
+        sendFarewell: true,
+    });
+    if (params.emitHooks === false) {
+        return;
+    }
+    const hookRunner = getGlobalHookRunner();
+    if (!hookRunner?.hasHooks("subagent_ended")) {
+        return;
+    }
+    await hookRunner.runSubagentEnded({
+        targetSessionKey: params.targetSessionKey,
+        targetKind,
+        reason: params.reason,
+        sendFarewell: true,
+        outcome: params.reason === "session-reset" ? "reset" : "deleted",
+    }, {
+        childSessionKey: params.targetSessionKey,
+    });
+}
 async function ensureSessionRuntimeCleanup(params) {
     const queueKeys = new Set(params.target.storeKeys);
     queueKeys.add(params.target.canonicalKey);
@@ -161,7 +195,7 @@ export const sessionsHandlers = {
         }
         respond(true, { ok: true, key: resolved.key }, undefined);
     },
-    "sessions.patch": async ({ params, respond, context }) => {
+    "sessions.patch": async ({ params, respond, context, client, isWebchatConnect }) => {
         if (!assertValidParams(params, validateSessionsPatchParams, "sessions.patch", respond)) {
             return;
         }
@@ -170,6 +204,9 @@ export const sessionsHandlers = {
         if (!key) {
             return;
         }
+        if (rejectWebchatSessionMutation({ action: "patch", client, isWebchatConnect, respond })) {
+            return;
+        }
         const { cfg, target, storePath } = resolveGatewaySessionTargetFromKey(key);
         const applied = await updateSessionStore(storePath, async (store) => {
             const { primaryKey } = migrateAndPruneSessionStoreKey({ cfg, key, store });
@@ -211,6 +248,7 @@ export const sessionsHandlers = {
         }
         const { cfg, target, storePath } = resolveGatewaySessionTargetFromKey(key);
         const { entry } = loadSessionEntry(key);
+        const hadExistingEntry = Boolean(entry);
         const commandReason = p.reason === "new" ? "new" : "reset";
         const hookEvent = createInternalHookEvent("command", commandReason, target.canonicalKey ?? key, {
             sessionEntry: entry,
@@ -267,9 +305,15 @@ export const sessionsHandlers = {
             agentId: target.agentId,
             reason: "reset",
         });
+        if (hadExistingEntry) {
+            await emitSessionUnboundLifecycleEvent({
+                targetSessionKey: target.canonicalKey ?? key,
+                reason: "session-reset",
+            });
+        }
         respond(true, { ok: true, key: target.canonicalKey, entry: next }, undefined);
     },
-    "sessions.delete": async ({ params, respond }) => {
+    "sessions.delete": async ({ params, respond, client, isWebchatConnect }) => {
         if (!assertValidParams(params, validateSessionsDeleteParams, "sessions.delete", respond)) {
             return;
         }
@@ -278,6 +322,9 @@ export const sessionsHandlers = {
         if (!key) {
             return;
         }
+        if (rejectWebchatSessionMutation({ action: "delete", client, isWebchatConnect, respond })) {
+            return;
+        }
         const { cfg, target, storePath } = resolveGatewaySessionTargetFromKey(key);
         const mainKey = resolveMainSessionKey(cfg);
         if (target.canonicalKey === mainKey) {
@@ -287,19 +334,20 @@ export const sessionsHandlers = {
         const deleteTranscript = typeof p.deleteTranscript === "boolean" ? p.deleteTranscript : true;
         const { entry } = loadSessionEntry(key);
         const sessionId = entry?.sessionId;
-        const existed = Boolean(entry);
         const cleanupError = await ensureSessionRuntimeCleanup({ cfg, key, target, sessionId });
         if (cleanupError) {
             respond(false, undefined, cleanupError);
             return;
         }
-        await updateSessionStore(storePath, (store) => {
+        const deleted = await updateSessionStore(storePath, (store) => {
             const { primaryKey } = migrateAndPruneSessionStoreKey({ cfg, key, store });
-            if (store[primaryKey]) {
+            const hadEntry = Boolean(store[primaryKey]);
+            if (hadEntry) {
                 delete store[primaryKey];
             }
+            return hadEntry;
         });
-        const archived = deleteTranscript
+        const archived = deleted && deleteTranscript
             ? archiveSessionTranscriptsForSession({
                 sessionId,
                 storePath,
@@ -308,7 +356,15 @@ export const sessionsHandlers = {
                 reason: "deleted",
             })
             : [];
-        respond(true, { ok: true, key: target.canonicalKey, deleted: existed, archived }, undefined);
+        if (deleted) {
+            const emitLifecycleHooks = p.emitLifecycleHooks !== false;
+            await emitSessionUnboundLifecycleEvent({
+                targetSessionKey: target.canonicalKey ?? key,
+                reason: "session-delete",
+                emitHooks: emitLifecycleHooks,
+            });
+        }
+        respond(true, { ok: true, key: target.canonicalKey, deleted, archived }, undefined);
     },
     "sessions.compact": async ({ params, respond }) => {
         if (!assertValidParams(params, validateSessionsCompactParams, "sessions.compact", respond)) {

package/dist/gateway/server-methods/usage.js CHANGED Viewed

@@ -1,32 +1,122 @@
 import fs from "node:fs";
 import { loadConfig } from "../../config/config.js";
-import { resolveSessionFilePath } from "../../config/sessions/paths.js";
+import { resolveSessionFilePath, resolveSessionFilePathOptions, } from "../../config/sessions/paths.js";
 import { loadProviderUsageSummary } from "../../infra/provider-usage.js";
 import { loadCostUsageSummary, loadSessionCostSummary, loadSessionUsageTimeSeries, discoverAllSessions, } from "../../infra/session-cost-usage.js";
 import { parseAgentSessionKey } from "../../routing/session-key.js";
+import { buildUsageAggregateTail } from "../../shared/usage-aggregates.js";
 import { ErrorCodes, errorShape, formatValidationErrors, validateSessionsUsageParams, } from "../protocol/index.js";
 import { listAgentsForGateway, loadCombinedSessionStoreForGateway, loadSessionEntry, } from "../session-utils.js";
 const COST_USAGE_CACHE_TTL_MS = 30_000;
+const DAY_MS = 24 * 60 * 60 * 1000;
 const costUsageCache = new Map();
+function resolveSessionUsageFileOrRespond(key, respond) {
+    const config = loadConfig();
+    const { entry, storePath } = loadSessionEntry(key);
+    // For discovered sessions (not in store), try using key as sessionId directly
+    const parsed = parseAgentSessionKey(key);
+    const agentId = parsed?.agentId;
+    const rawSessionId = parsed?.rest ?? key;
+    const sessionId = entry?.sessionId ?? rawSessionId;
+    let sessionFile;
+    try {
+        const pathOpts = resolveSessionFilePathOptions({ storePath, agentId });
+        sessionFile = resolveSessionFilePath(sessionId, entry, pathOpts);
+    }
+    catch {
+        respond(false, undefined, errorShape(ErrorCodes.INVALID_REQUEST, `Invalid session key: ${key}`));
+        return null;
+    }
+    return { config, entry, agentId, sessionId, sessionFile };
+}
+const parseDateParts = (raw) => {
+    if (typeof raw !== "string" || !raw.trim()) {
+        return undefined;
+    }
+    const match = /^(\d{4})-(\d{2})-(\d{2})$/.exec(raw.trim());
+    if (!match) {
+        return undefined;
+    }
+    const [, yearStr, monthStr, dayStr] = match;
+    const year = Number(yearStr);
+    const monthIndex = Number(monthStr) - 1;
+    const day = Number(dayStr);
+    if (!Number.isFinite(year) || !Number.isFinite(monthIndex) || !Number.isFinite(day)) {
+        return undefined;
+    }
+    return { year, monthIndex, day };
+};
 /**
- * Parse a date string (YYYY-MM-DD) to start of day timestamp in UTC.
- * Returns undefined if invalid.
+ * Parse a UTC offset string in the format UTC+H, UTC-H, UTC+HH, UTC-HH, UTC+H:MM, UTC-HH:MM.
+ * Returns the UTC offset in minutes (east-positive), or undefined if invalid.
  */
-const parseDateToMs = (raw) => {
+const parseUtcOffsetToMinutes = (raw) => {
     if (typeof raw !== "string" || !raw.trim()) {
         return undefined;
     }
-    const match = /^(\d{4})-(\d{2})-(\d{2})$/.exec(raw.trim());
+    const match = /^UTC([+-])(\d{1,2})(?::([0-5]\d))?$/.exec(raw.trim());
     if (!match) {
         return undefined;
     }
-    const [, year, month, day] = match;
-    // Use UTC to ensure consistent behavior across timezones
-    const ms = Date.UTC(parseInt(year), parseInt(month) - 1, parseInt(day));
-    if (Number.isNaN(ms)) {
+    const sign = match[1] === "+" ? 1 : -1;
+    const hours = Number(match[2]);
+    const minutes = Number(match[3] ?? "0");
+    if (!Number.isInteger(hours) || !Number.isInteger(minutes)) {
+        return undefined;
+    }
+    if (hours > 14 || (hours === 14 && minutes !== 0)) {
+        return undefined;
+    }
+    const totalMinutes = sign * (hours * 60 + minutes);
+    if (totalMinutes < -12 * 60 || totalMinutes > 14 * 60) {
+        return undefined;
+    }
+    return totalMinutes;
+};
+const resolveDateInterpretation = (params) => {
+    if (params.mode === "gateway") {
+        return { mode: "gateway" };
+    }
+    if (params.mode === "specific") {
+        const utcOffsetMinutes = parseUtcOffsetToMinutes(params.utcOffset);
+        if (utcOffsetMinutes !== undefined) {
+            return { mode: "specific", utcOffsetMinutes };
+        }
+    }
+    // Backward compatibility: when mode is missing (or invalid), keep current UTC interpretation.
+    return { mode: "utc" };
+};
+/**
+ * Parse a date string (YYYY-MM-DD) to start-of-day timestamp based on interpretation mode.
+ * Returns undefined if invalid.
+ */
+const parseDateToMs = (raw, interpretation = { mode: "utc" }) => {
+    const parts = parseDateParts(raw);
+    if (!parts) {
         return undefined;
     }
-    return ms;
+    const { year, monthIndex, day } = parts;
+    if (interpretation.mode === "gateway") {
+        const ms = new Date(year, monthIndex, day).getTime();
+        return Number.isNaN(ms) ? undefined : ms;
+    }
+    if (interpretation.mode === "specific") {
+        const ms = Date.UTC(year, monthIndex, day) - interpretation.utcOffsetMinutes * 60 * 1000;
+        return Number.isNaN(ms) ? undefined : ms;
+    }
+    const ms = Date.UTC(year, monthIndex, day);
+    return Number.isNaN(ms) ? undefined : ms;
+};
+const getTodayStartMs = (now, interpretation) => {
+    if (interpretation.mode === "gateway") {
+        return new Date(now.getFullYear(), now.getMonth(), now.getDate()).getTime();
+    }
+    if (interpretation.mode === "specific") {
+        const shifted = new Date(now.getTime() + interpretation.utcOffsetMinutes * 60 * 1000);
+        return (Date.UTC(shifted.getUTCFullYear(), shifted.getUTCMonth(), shifted.getUTCDate()) -
+            interpretation.utcOffsetMinutes * 60 * 1000);
+    }
+    return Date.UTC(now.getUTCFullYear(), now.getUTCMonth(), now.getUTCDate());
 };
 const parseDays = (raw) => {
     if (typeof raw === "number" && Number.isFinite(raw)) {
@@ -46,25 +136,34 @@ const parseDays = (raw) => {
  */
 const parseDateRange = (params) => {
     const now = new Date();
-    // Use UTC for consistent date handling
-    const todayStartMs = Date.UTC(now.getUTCFullYear(), now.getUTCMonth(), now.getUTCDate());
-    const todayEndMs = todayStartMs + 24 * 60 * 60 * 1000 - 1;
-    const startMs = parseDateToMs(params.startDate);
-    const endMs = parseDateToMs(params.endDate);
+    const interpretation = resolveDateInterpretation(params);
+    const todayStartMs = getTodayStartMs(now, interpretation);
+    const todayEndMs = todayStartMs + DAY_MS - 1;
+    const startMs = parseDateToMs(params.startDate, interpretation);
+    const endMs = parseDateToMs(params.endDate, interpretation);
     if (startMs !== undefined && endMs !== undefined) {
         // endMs should be end of day
-        return { startMs, endMs: endMs + 24 * 60 * 60 * 1000 - 1 };
+        return { startMs, endMs: endMs + DAY_MS - 1 };
     }
     const days = parseDays(params.days);
     if (days !== undefined) {
         const clampedDays = Math.max(1, days);
-        const start = todayStartMs - (clampedDays - 1) * 24 * 60 * 60 * 1000;
+        const start = todayStartMs - (clampedDays - 1) * DAY_MS;
         return { startMs: start, endMs: todayEndMs };
     }
     // Default to last 30 days
-    const defaultStartMs = todayStartMs - 29 * 24 * 60 * 60 * 1000;
+    const defaultStartMs = todayStartMs - 29 * DAY_MS;
     return { startMs: defaultStartMs, endMs: todayEndMs };
 };
+function buildStoreBySessionId(store) {
+    const storeBySessionId = new Map();
+    for (const [key, entry] of Object.entries(store)) {
+        if (entry?.sessionId) {
+            storeBySessionId.set(entry.sessionId, { key, entry });
+        }
+    }
+    return storeBySessionId;
+}
 async function discoverAllSessionsForUsage(params) {
     const agents = listAgentsForGateway(params.config).agents;
     const results = await Promise.all(agents.map(async (agent) => {
@@ -122,7 +221,11 @@ async function loadCostUsageSummaryCached(params) {
 }
 // Exposed for unit tests (kept as a single export to avoid widening the public API surface).
 export const __test = {
+    parseDateParts,
+    parseUtcOffsetToMinutes,
+    resolveDateInterpretation,
     parseDateToMs,
+    getTodayStartMs,
     parseDays,
     parseDateRange,
     discoverAllSessionsForUsage,
@@ -140,6 +243,8 @@ export const usageHandlers = {
             startDate: params?.startDate,
             endDate: params?.endDate,
             days: params?.days,
+            mode: params?.mode,
+            utcOffset: params?.utcOffset,
         });
         const summary = await loadCostUsageSummaryCached({ startMs, endMs, config });
         respond(true, summary, undefined);
@@ -154,12 +259,14 @@ export const usageHandlers = {
         const { startMs, endMs } = parseDateRange({
             startDate: p.startDate,
             endDate: p.endDate,
+            mode: p.mode,
+            utcOffset: p.utcOffset,
         });
         const limit = typeof p.limit === "number" && Number.isFinite(p.limit) ? p.limit : 50;
         const includeContextWeight = p.includeContextWeight ?? false;
         const specificKey = typeof p.key === "string" ? p.key.trim() : null;
         // Load session store for named sessions
-        const { store } = loadCombinedSessionStoreForGateway(config);
+        const { storePath, store } = loadCombinedSessionStoreForGateway(config);
         const now = Date.now();
         const mergedEntries = [];
         // Optimization: If a specific key is requested, skip full directory scan
@@ -169,12 +276,7 @@ export const usageHandlers = {
             const keyRest = parsed?.rest ?? specificKey;
             // Prefer the store entry when available, even if the caller provides a discovered key
             // (`agent:<id>:<sessionId>`) for a session that now has a canonical store key.
-            const storeBySessionId = new Map();
-            for (const [key, entry] of Object.entries(store)) {
-                if (entry?.sessionId) {
-                    storeBySessionId.set(entry.sessionId, { key, entry });
-                }
-            }
+            const storeBySessionId = buildStoreBySessionId(store);
             const storeMatch = store[specificKey]
                 ? { key: specificKey, entry: store[specificKey] }
                 : null;
@@ -183,9 +285,18 @@ export const usageHandlers = {
             const storeEntry = storeMatch?.entry ?? storeByIdMatch?.entry;
             const sessionId = storeEntry?.sessionId ?? keyRest;
             // Resolve the session file path
-            const sessionFile = resolveSessionFilePath(sessionId, storeEntry, {
-                agentId: agentIdFromKey,
-            });
+            let sessionFile;
+            try {
+                const pathOpts = resolveSessionFilePathOptions({
+                    storePath: storePath !== "(multiple)" ? storePath : undefined,
+                    agentId: agentIdFromKey,
+                });
+                sessionFile = resolveSessionFilePath(sessionId, storeEntry, pathOpts);
+            }
+            catch {
+                respond(false, undefined, errorShape(ErrorCodes.INVALID_REQUEST, `Invalid session reference: ${specificKey}`));
+                return;
+            }
             try {
                 const stats = fs.statSync(sessionFile);
                 if (stats.isFile()) {
@@ -211,12 +322,7 @@ export const usageHandlers = {
                 endMs,
             });
             // Build a map of sessionId -> store entry for quick lookup
-            const storeBySessionId = new Map();
-            for (const [key, entry] of Object.entries(store)) {
-                if (entry?.sessionId) {
-                    storeBySessionId.set(entry.sessionId, { key, entry });
-                }
-            }
+            const storeBySessionId = buildStoreBySessionId(store);
             for (const discovered of discoveredSessions) {
                 const storeMatch = storeBySessionId.get(discovered.sessionId);
                 if (storeMatch) {
@@ -312,11 +418,13 @@ export const usageHandlers = {
             target.missingCostEntries += source.missingCostEntries;
         };
         for (const merged of limitedEntries) {
+            const agentId = parseAgentSessionKey(merged.key)?.agentId;
             const usage = await loadSessionCostSummary({
                 sessionId: merged.sessionId,
                 sessionEntry: merged.storeEntry,
                 sessionFile: merged.sessionFile,
                 config,
+                agentId,
                 startMs,
                 endMs,
             });
@@ -333,7 +441,6 @@ export const usageHandlers = {
                 aggregateTotals.cacheWriteCost += usage.cacheWriteCost;
                 aggregateTotals.missingCostEntries += usage.missingCostEntries;
             }
-            const agentId = parseAgentSessionKey(merged.key)?.agentId;
             const channel = merged.storeEntry?.channel ?? merged.storeEntry?.origin?.provider;
             const chatType = merged.storeEntry?.chatType ?? merged.storeEntry?.origin?.chatType;
             if (usage) {
@@ -488,6 +595,13 @@ export const usageHandlers = {
             const d = new Date(ms);
             return `${d.getUTCFullYear()}-${String(d.getUTCMonth() + 1).padStart(2, "0")}-${String(d.getUTCDate()).padStart(2, "0")}`;
         };
+        const tail = buildUsageAggregateTail({
+            byChannelMap: byChannelMap,
+            latencyTotals,
+            dailyLatencyMap,
+            modelDailyMap,
+            dailyMap: dailyAggregateMap,
+        });
         const aggregates = {
             messages: aggregateMessages,
             tools: {
@@ -514,30 +628,7 @@ export const usageHandlers = {
             byAgent: Array.from(byAgentMap.entries())
                 .map(([id, totals]) => ({ agentId: id, totals }))
                 .toSorted((a, b) => b.totals.totalCost - a.totals.totalCost),
-            byChannel: Array.from(byChannelMap.entries())
-                .map(([name, totals]) => ({ channel: name, totals }))
-                .toSorted((a, b) => b.totals.totalCost - a.totals.totalCost),
-            latency: latencyTotals.count > 0
-                ? {
-                    count: latencyTotals.count,
-                    avgMs: latencyTotals.sum / latencyTotals.count,
-                    minMs: latencyTotals.min === Number.POSITIVE_INFINITY ? 0 : latencyTotals.min,
-                    maxMs: latencyTotals.max,
-                    p95Ms: latencyTotals.p95Max,
-                }
-                : undefined,
-            dailyLatency: Array.from(dailyLatencyMap.values())
-                .map((entry) => ({
-                date: entry.date,
-                count: entry.count,
-                avgMs: entry.count ? entry.sum / entry.count : 0,
-                minMs: entry.min === Number.POSITIVE_INFINITY ? 0 : entry.min,
-                maxMs: entry.max,
-                p95Ms: entry.p95Max,
-            }))
-                .toSorted((a, b) => a.date.localeCompare(b.date)),
-            modelDaily: Array.from(modelDailyMap.values()).toSorted((a, b) => a.date.localeCompare(b.date) || b.cost - a.cost),
-            daily: Array.from(dailyAggregateMap.values()).toSorted((a, b) => a.date.localeCompare(b.date)),
+            ...tail,
         };
         const result = {
             updatedAt: now,
@@ -555,19 +646,17 @@ export const usageHandlers = {
             respond(false, undefined, errorShape(ErrorCodes.INVALID_REQUEST, "key is required for timeseries"));
             return;
         }
-        const config = loadConfig();
-        const { entry } = loadSessionEntry(key);
-        // For discovered sessions (not in store), try using key as sessionId directly
-        const parsed = parseAgentSessionKey(key);
-        const agentId = parsed?.agentId;
-        const rawSessionId = parsed?.rest ?? key;
-        const sessionId = entry?.sessionId ?? rawSessionId;
-        const sessionFile = entry?.sessionFile ?? resolveSessionFilePath(rawSessionId, entry, { agentId });
+        const resolved = resolveSessionUsageFileOrRespond(key, respond);
+        if (!resolved) {
+            return;
+        }
+        const { config, entry, agentId, sessionId, sessionFile } = resolved;
         const timeseries = await loadSessionUsageTimeSeries({
             sessionId,
             sessionEntry: entry,
             sessionFile,
             config,
+            agentId,
             maxPoints: 200,
         });
         if (!timeseries) {
@@ -585,20 +674,18 @@ export const usageHandlers = {
         const limit = typeof params?.limit === "number" && Number.isFinite(params.limit)
             ? Math.min(params.limit, 1000)
             : 200;
-        const config = loadConfig();
-        const { entry } = loadSessionEntry(key);
-        // For discovered sessions (not in store), try using key as sessionId directly
-        const parsed = parseAgentSessionKey(key);
-        const agentId = parsed?.agentId;
-        const rawSessionId = parsed?.rest ?? key;
-        const sessionId = entry?.sessionId ?? rawSessionId;
-        const sessionFile = entry?.sessionFile ?? resolveSessionFilePath(rawSessionId, entry, { agentId });
+        const resolved = resolveSessionUsageFileOrRespond(key, respond);
+        if (!resolved) {
+            return;
+        }
+        const { config, entry, agentId, sessionId, sessionFile } = resolved;
         const { loadSessionLogs } = await import("../../infra/session-cost-usage.js");
         const logs = await loadSessionLogs({
             sessionId,
             sessionEntry: entry,
             sessionFile,
             config,
+            agentId,
             limit,
         });
         respond(true, { logs: logs ?? [] }, undefined);

package/dist/gateway/server-node-events.js CHANGED Viewed

@@ -8,6 +8,7 @@ import { updateSessionStore } from "../config/sessions.js";
 import { requestHeartbeatNow } from "../infra/heartbeat-wake.js";
 import { deliverOutboundPayloads } from "../infra/outbound/deliver.js";
 import { resolveOutboundTarget } from "../infra/outbound/targets.js";
+import { registerApnsToken } from "../infra/push-apns.js";
 import { enqueueSystemEvent } from "../infra/system-events.js";
 import { normalizeMainKey } from "../routing/session-key.js";
 import { defaultRuntime } from "../runtime.js";
@@ -410,6 +411,34 @@ export const handleNodeEvent = async (ctx, nodeId, evt) => {
             requestHeartbeatNow({ reason: "exec-event" });
             return;
         }
+        case "push.apns.register": {
+            if (!evt.payloadJSON) {
+                return;
+            }
+            let payload;
+            try {
+                payload = JSON.parse(evt.payloadJSON);
+            }
+            catch {
+                return;
+            }
+            const obj = typeof payload === "object" && payload !== null ? payload : {};
+            const token = typeof obj.token === "string" ? obj.token : "";
+            const topic = typeof obj.topic === "string" ? obj.topic : "";
+            const environment = obj.environment;
+            try {
+                await registerApnsToken({
+                    nodeId,
+                    token,
+                    topic,
+                    environment,
+                });
+            }
+            catch (err) {
+                ctx.logGateway.warn(`push apns register failed node=${nodeId}: ${formatForLog(err)}`);
+            }
+            return;
+        }
         default:
             return;
     }

package/dist/gateway/server-runtime-config.js CHANGED Viewed

@@ -1,11 +1,27 @@
 import { assertGatewayAuthConfigured, resolveGatewayAuth, } from "./auth.js";
 import { normalizeControlUiBasePath } from "./control-ui-shared.js";
 import { resolveHooksConfig } from "./hooks.js";
-import { isLoopbackHost, resolveGatewayBindHost } from "./net.js";
+import { isLoopbackHost, isTrustedProxyAddress, isValidIPv4, resolveGatewayBindHost, } from "./net.js";
+import { mergeGatewayTailscaleConfig } from "./startup-auth.js";
 export async function resolveGatewayRuntimeConfig(params) {
     const bindMode = params.bind ?? params.cfg.gateway?.bind ?? "loopback";
     const customBindHost = params.cfg.gateway?.customBindHost;
     const bindHost = params.host ?? (await resolveGatewayBindHost(bindMode, customBindHost));
+    if (bindMode === "loopback" && !isLoopbackHost(bindHost)) {
+        throw new Error(`gateway bind=loopback resolved to non-loopback host ${bindHost}; refusing fallback to a network bind`);
+    }
+    if (bindMode === "custom") {
+        const configuredCustomBindHost = customBindHost?.trim();
+        if (!configuredCustomBindHost) {
+            throw new Error("gateway.bind=custom requires gateway.customBindHost");
+        }
+        if (!isValidIPv4(configuredCustomBindHost)) {
+            throw new Error(`gateway.bind=custom requires a valid IPv4 customBindHost (got ${configuredCustomBindHost})`);
+        }
+        if (bindHost !== configuredCustomBindHost) {
+            throw new Error(`gateway bind=custom requested ${configuredCustomBindHost} but resolved ${bindHost}; refusing fallback`);
+        }
+    }
     const controlUiEnabled = params.controlUiEnabled ?? params.cfg.gateway?.controlUi?.enabled ?? true;
     const openAiChatCompletionsEnabled = params.openAiChatCompletionsEnabled ??
         params.cfg.gateway?.http?.endpoints?.chatCompletions?.enabled ??
@@ -17,21 +33,13 @@ export async function resolveGatewayRuntimeConfig(params) {
     const controlUiRoot = typeof controlUiRootRaw === "string" && controlUiRootRaw.trim().length > 0
         ? controlUiRootRaw.trim()
         : undefined;
-    const authBase = params.cfg.gateway?.auth ?? {};
-    const authOverrides = params.auth ?? {};
-    const authConfig = {
-        ...authBase,
-        ...authOverrides,
-    };
     const tailscaleBase = params.cfg.gateway?.tailscale ?? {};
     const tailscaleOverrides = params.tailscale ?? {};
-    const tailscaleConfig = {
-        ...tailscaleBase,
-        ...tailscaleOverrides,
-    };
+    const tailscaleConfig = mergeGatewayTailscaleConfig(tailscaleBase, tailscaleOverrides);
     const tailscaleMode = tailscaleConfig.mode ?? "off";
     const resolvedAuth = resolveGatewayAuth({
-        authConfig,
+        authConfig: params.cfg.gateway?.auth,
+        authOverride: params.auth,
         env: process.env,
         tailscaleMode,
     });
@@ -41,6 +49,7 @@ export async function resolveGatewayRuntimeConfig(params) {
     const hasSharedSecret = (authMode === "token" && hasToken) || (authMode === "password" && hasPassword);
     const hooksConfig = resolveHooksConfig(params.cfg);
     const canvasHostEnabled = process.env.CLAWDBOT_SKIP_CANVAS_HOST !== "1" && params.cfg.canvasHost?.enabled !== false;
+    const trustedProxies = params.cfg.gateway?.trustedProxies ?? [];
     assertGatewayAuthConfigured(resolvedAuth);
     if (tailscaleMode === "funnel" && authMode !== "password") {
         throw new Error("tailscale funnel requires gateway auth mode=password (set gateway.auth.password or POOLBOT_GATEWAY_PASSWORD)");
@@ -48,9 +57,21 @@ export async function resolveGatewayRuntimeConfig(params) {
     if (tailscaleMode !== "off" && !isLoopbackHost(bindHost)) {
         throw new Error("tailscale serve/funnel requires gateway bind=loopback (127.0.0.1)");
     }
-    if (!isLoopbackHost(bindHost) && !hasSharedSecret) {
+    if (!isLoopbackHost(bindHost) && !hasSharedSecret && authMode !== "trusted-proxy") {
         throw new Error(`refusing to bind gateway to ${bindHost}:${params.port} without auth (set gateway.auth.token/password, or set POOLBOT_GATEWAY_TOKEN/POOLBOT_GATEWAY_PASSWORD)`);
     }
+    if (authMode === "trusted-proxy") {
+        if (trustedProxies.length === 0) {
+            throw new Error("gateway auth mode=trusted-proxy requires gateway.trustedProxies to be configured with at least one proxy IP");
+        }
+        if (isLoopbackHost(bindHost)) {
+            const hasLoopbackTrustedProxy = isTrustedProxyAddress("127.0.0.1", trustedProxies) ||
+                isTrustedProxyAddress("::1", trustedProxies);
+            if (!hasLoopbackTrustedProxy) {
+                throw new Error("gateway auth mode=trusted-proxy with bind=loopback requires gateway.trustedProxies to include 127.0.0.1, ::1, or a loopback CIDR");
+            }
+        }
+    }
     return {
         bindHost,
         controlUiEnabled,