npm - @poolzin/pool-bot - Versions diffs - 2026.2.25 → 2026.2.26 - Mend

@poolzin/pool-bot 2026.2.25 → 2026.2.26

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (506) hide show

package/dist/acp/event-mapper.js +87 -22
package/dist/acp/meta.js +12 -6
package/dist/agents/agent-paths.js +8 -9
package/dist/agents/agent-scope.js +7 -5
package/dist/agents/auth-profiles/oauth.js +148 -64
package/dist/agents/auth-profiles/session-override.js +13 -7
package/dist/agents/bash-tools.exec-host-gateway.js +14 -4
package/dist/agents/bash-tools.exec-runtime.js +2 -25
package/dist/agents/bedrock-discovery.js +3 -1
package/dist/agents/byteplus-models.js +97 -0
package/dist/agents/chutes-oauth.js +1 -0
package/dist/agents/cli-runner/helpers.js +4 -0
package/dist/agents/compaction.js +41 -14
package/dist/agents/doubao-models.js +121 -0
package/dist/agents/failover-error.js +2 -0
package/dist/agents/huggingface-models.js +5 -3
package/dist/agents/live-model-filter.js +5 -0
package/dist/agents/minimax-vlm.js +10 -8
package/dist/agents/model-auth.js +6 -0
package/dist/agents/model-catalog.js +3 -1
package/dist/agents/model-selection.js +7 -1
package/dist/agents/models-config.providers.js +93 -11
package/dist/agents/ollama-stream.js +117 -4
package/dist/agents/opencode-zen-models.js +22 -11
package/dist/agents/pi-embedded-helpers/errors.js +55 -33
package/dist/agents/pi-embedded-helpers/messaging-dedupe.js +10 -5
package/dist/agents/pi-embedded-helpers/thinking.js +10 -5
package/dist/agents/pi-embedded-helpers.js +1 -1
package/dist/agents/pi-embedded-runner/compact.js +29 -7
package/dist/agents/pi-embedded-runner/extensions.js +28 -26
package/dist/agents/pi-embedded-runner/google.js +20 -8
package/dist/agents/pi-embedded-runner/run/attempt.js +95 -36
package/dist/agents/pi-embedded-runner/run.js +71 -12
package/dist/agents/pi-embedded-runner/run.overflow-compaction.mocks.shared.js +11 -2
package/dist/agents/pi-embedded-runner/session-manager-cache.js +11 -7
package/dist/agents/pi-embedded-runner/system-prompt.js +2 -0
package/dist/agents/pi-embedded-runner/thinking.js +42 -0
package/dist/agents/pi-embedded-runner/tool-name-allowlist.js +19 -0
package/dist/agents/pi-embedded-runner/utils.js +7 -10
package/dist/agents/pi-embedded-subscribe.handlers.lifecycle.js +45 -56
package/dist/agents/pi-embedded-subscribe.handlers.tools.js +2 -2
package/dist/agents/pi-embedded-subscribe.js +9 -4
package/dist/agents/pi-embedded-subscribe.tools.js +68 -14
package/dist/agents/pi-embedded-utils.js +3 -0
package/dist/agents/pi-extensions/compaction-safeguard-runtime.js +4 -20
package/dist/agents/pi-extensions/compaction-safeguard.js +75 -33
package/dist/agents/pi-settings.js +40 -0
package/dist/agents/pi-tools.policy.js +2 -1
package/dist/agents/provider/config-loader.js +1 -1
package/dist/agents/sandbox/browser.js +170 -33
package/dist/agents/sandbox/config-hash.js +14 -27
package/dist/agents/sandbox/config.js +21 -2
package/dist/agents/sandbox/constants.js +2 -0
package/dist/agents/sandbox/docker.js +16 -2
package/dist/agents/sandbox/novnc-auth.js +62 -0
package/dist/agents/sandbox/sanitize-env-vars.js +1 -1
package/dist/agents/sandbox/shared.js +10 -6
package/dist/agents/sandbox-paths.js +24 -11
package/dist/agents/schema/clean-for-gemini.js +132 -85
package/dist/agents/session-slug.js +10 -5
package/dist/agents/session-tool-result-guard-wrapper.js +1 -0
package/dist/agents/session-tool-result-guard.js +3 -1
package/dist/agents/session-transcript-repair.js +40 -6
package/dist/agents/skills/bundled-dir.js +19 -5
package/dist/agents/skills/env-overrides.js +124 -43
package/dist/agents/skills/frontmatter.js +6 -6
package/dist/agents/skills/plugin-skills.js +14 -7
package/dist/agents/skills/workspace.js +1 -0
package/dist/agents/subagent-announce.js +251 -49
package/dist/agents/subagent-lifecycle-events.js +19 -0
package/dist/agents/subagent-registry-cleanup.js +31 -0
package/dist/agents/subagent-registry-completion.js +68 -0
package/dist/agents/subagent-registry-queries.js +117 -0
package/dist/agents/subagent-registry-state.js +46 -0
package/dist/agents/subagent-registry.js +252 -221
package/dist/agents/subagent-registry.store.js +1 -0
package/dist/agents/subagent-registry.types.js +1 -0
package/dist/agents/subagent-spawn.js +195 -7
package/dist/agents/system-prompt.js +22 -6
package/dist/agents/test-helpers/fast-coding-tools.js +1 -18
package/dist/agents/test-helpers/fast-core-tools.js +1 -17
package/dist/agents/timeout.js +18 -6
package/dist/agents/tool-call-id.js +1 -1
package/dist/agents/tool-display-common.js +162 -29
package/dist/agents/tool-images.js +82 -9
package/dist/agents/tool-policy.js +51 -26
package/dist/agents/tools/browser-tool.js +2 -2
package/dist/agents/tools/canvas-tool.js +27 -1
package/dist/agents/tools/common.js +45 -0
package/dist/agents/tools/discord-actions-guild.js +4 -1
package/dist/agents/tools/gateway-tool.js +3 -1
package/dist/agents/tools/nodes-utils.js +1 -10
package/dist/agents/tools/sessions-send-helpers.js +12 -6
package/dist/agents/tools/sessions-spawn-tool.js +8 -2
package/dist/agents/tools/subagents-tool.js +2 -1
package/dist/agents/tools/whatsapp-actions.js +10 -2
package/dist/agents/tools/whatsapp-target-auth.js +18 -0
package/dist/agents/transcript-policy.js +22 -8
package/dist/agents/venice-models.js +11 -3
package/dist/auto-reply/commands-registry.data.js +51 -0
package/dist/auto-reply/commands-registry.js +4 -3
package/dist/auto-reply/group-activation.js +10 -5
package/dist/auto-reply/inbound-debounce.js +10 -5
package/dist/auto-reply/reply/abort.js +1 -1
package/dist/auto-reply/reply/agent-runner-execution.js +4 -1
package/dist/auto-reply/reply/bash-command.js +41 -39
package/dist/auto-reply/reply/command-gates.js +25 -0
package/dist/auto-reply/reply/commands-allowlist.js +111 -72
package/dist/auto-reply/reply/commands-bash.js +6 -5
package/dist/auto-reply/reply/commands-config.js +30 -28
package/dist/auto-reply/reply/commands-core.js +2 -1
package/dist/auto-reply/reply/commands-info.js +1 -0
package/dist/auto-reply/reply/commands-models.js +65 -14
package/dist/auto-reply/reply/commands-session.js +237 -82
package/dist/auto-reply/reply/commands-setunset.js +45 -0
package/dist/auto-reply/reply/commands-subagents/action-agents.js +44 -0
package/dist/auto-reply/reply/commands-subagents/action-focus.js +64 -0
package/dist/auto-reply/reply/commands-subagents/action-help.js +4 -0
package/dist/auto-reply/reply/commands-subagents/action-info.js +45 -0
package/dist/auto-reply/reply/commands-subagents/action-kill.js +60 -0
package/dist/auto-reply/reply/commands-subagents/action-list.js +44 -0
package/dist/auto-reply/reply/commands-subagents/action-log.js +29 -0
package/dist/auto-reply/reply/commands-subagents/action-send.js +119 -0
package/dist/auto-reply/reply/commands-subagents/action-spawn.js +52 -0
package/dist/auto-reply/reply/commands-subagents/action-unfocus.js +30 -0
package/dist/auto-reply/reply/commands-subagents/shared.js +303 -0
package/dist/auto-reply/reply/commands-subagents.js +51 -587
package/dist/auto-reply/reply/commands-tts.js +10 -5
package/dist/auto-reply/reply/config-value.js +10 -5
package/dist/auto-reply/reply/directive-handling.model-picker.js +12 -6
package/dist/auto-reply/reply/directive-handling.persist.js +9 -21
package/dist/auto-reply/reply/directive-handling.shared.js +24 -4
package/dist/auto-reply/reply/followup-runner.js +1 -0
package/dist/auto-reply/reply/get-reply-directives-utils.js +23 -14
package/dist/auto-reply/reply/get-reply-directives.js +17 -28
package/dist/auto-reply/reply/get-reply-inline-actions.js +1 -0
package/dist/auto-reply/reply/get-reply.js +71 -12
package/dist/auto-reply/reply/model-selection.js +80 -39
package/dist/auto-reply/reply/queue/enqueue.js +10 -5
package/dist/auto-reply/reply/queue/state.js +13 -12
package/dist/auto-reply/reply/reply-payloads.js +67 -36
package/dist/auto-reply/reply/reply-reference.js +9 -8
package/dist/auto-reply/reply/route-reply.js +15 -8
package/dist/auto-reply/reply/session-reset-prompt.js +1 -1
package/dist/auto-reply/reply/session.js +22 -6
package/dist/auto-reply/reply/strip-inbound-meta.js +147 -0
package/dist/auto-reply/reply/subagents-utils.js +56 -30
package/dist/auto-reply/reply/typing.js +46 -21
package/dist/auto-reply/send-policy.js +14 -7
package/dist/auto-reply/status.js +140 -16
package/dist/auto-reply/templating.js +10 -5
package/dist/auto-reply/thinking.js +7 -16
package/dist/auto-reply/tokens.js +21 -5
package/dist/browser/bridge-server.js +36 -20
package/dist/browser/cdp.helpers.js +7 -14
package/dist/browser/cdp.js +35 -15
package/dist/browser/chrome.profile-decoration.js +7 -4
package/dist/browser/config.js +4 -0
package/dist/browser/extension-relay-auth.js +55 -0
package/dist/browser/extension-relay.js +74 -29
package/dist/browser/navigation-guard.js +9 -1
package/dist/browser/paths.js +77 -0
package/dist/browser/profiles.js +13 -8
package/dist/browser/pw-ai-module.js +10 -5
package/dist/browser/pw-session.js +76 -39
package/dist/browser/pw-tools-core.interactions.js +14 -7
package/dist/browser/pw-tools-core.state.js +12 -6
package/dist/browser/routes/agent.act.js +2 -2
package/dist/browser/server-context.js +7 -0
package/dist/build-info.json +3 -3
package/dist/channels/allow-from.js +2 -1
package/dist/channels/allowlists/resolve-utils.js +43 -19
package/dist/channels/channel-config.js +14 -7
package/dist/channels/draft-stream-loop.js +7 -0
package/dist/channels/model-overrides.js +82 -0
package/dist/channels/plugins/normalize/imessage.js +14 -7
package/dist/channels/plugins/normalize/slack.js +10 -5
package/dist/channels/plugins/normalize/telegram.js +14 -7
package/dist/channels/plugins/outbound/discord.js +80 -8
package/dist/channels/plugins/outbound/signal.js +11 -11
package/dist/channels/plugins/setup-helpers.js +10 -5
package/dist/channels/sender-label.js +14 -7
package/dist/channels/session.js +4 -2
package/dist/channels/status-reactions.js +297 -0
package/dist/cli/banner.js +1 -1
package/dist/cli/browser-cli-actions-input/register.files-downloads.js +65 -56
package/dist/cli/cli-name.js +11 -11
package/dist/cli/cli-utils.js +13 -3
package/dist/cli/command-format.js +1 -1
package/dist/cli/config-cli.js +1 -1
package/dist/cli/daemon-cli/lifecycle-core.js +31 -19
package/dist/cli/daemon-cli/lifecycle.js +64 -2
package/dist/cli/daemon-cli/restart-health.js +126 -0
package/dist/cli/daemon-cli/status.gather.js +9 -13
package/dist/cli/daemon-cli/status.print.js +2 -10
package/dist/cli/deps.js +27 -22
package/dist/cli/gateway-cli/run-loop.js +23 -5
package/dist/cli/node-cli/register.js +14 -5
package/dist/cli/nodes-media-utils.js +7 -2
package/dist/cli/outbound-send-deps.js +2 -9
package/dist/cli/outbound-send-mapping.js +11 -0
package/dist/cli/pairing-cli.js +40 -14
package/dist/cli/plugins-cli.js +34 -41
package/dist/cli/ports.js +11 -10
package/dist/cli/program/command-registry.js +2 -11
package/dist/cli/program/command-tree.js +16 -0
package/dist/cli/program/preaction.js +13 -9
package/dist/cli/program/register.configure.js +3 -18
package/dist/cli/program/register.maintenance.js +2 -2
package/dist/cli/program/register.onboard.js +2 -0
package/dist/cli/program/register.status-health-sessions.js +16 -17
package/dist/cli/program/register.subclis.js +93 -52
package/dist/cli/route.js +11 -7
package/dist/cli/system-cli.js +36 -46
package/dist/cli/update-cli/shared.js +22 -9
package/dist/cli/update-cli/update-command.js +89 -14
package/dist/cli/update-cli/wizard.js +6 -12
package/dist/commands/agent/run-context.js +18 -5
package/dist/commands/agent/session-store.js +17 -4
package/dist/commands/agent.js +22 -2
package/dist/commands/agents.bindings.js +14 -7
package/dist/commands/agents.commands.add.js +13 -9
package/dist/commands/agents.commands.identity.js +12 -6
package/dist/commands/agents.commands.list.js +11 -6
package/dist/commands/agents.config.js +8 -10
package/dist/commands/agents.providers.js +12 -6
package/dist/commands/auth-choice-options.js +103 -75
package/dist/commands/auth-choice.apply.byteplus.js +55 -0
package/dist/commands/auth-choice.apply.js +4 -0
package/dist/commands/auth-choice.apply.minimax.js +61 -13
package/dist/commands/auth-choice.apply.openai.js +3 -1
package/dist/commands/auth-choice.apply.volcengine.js +55 -0
package/dist/commands/auth-choice.preferred-provider.js +2 -0
package/dist/commands/channels/remove.js +13 -6
package/dist/commands/channels/shared.js +4 -14
package/dist/commands/configure.commands.js +14 -0
package/dist/commands/configure.gateway.js +2 -4
package/dist/commands/configure.js +1 -1
package/dist/commands/configure.shared.js +11 -0
package/dist/commands/daemon-install-helpers.js +2 -2
package/dist/commands/dashboard.js +12 -10
package/dist/commands/docs.js +14 -8
package/dist/commands/doctor-config-flow.js +11 -9
package/dist/commands/doctor-legacy-config.js +281 -0
package/dist/commands/doctor-state-integrity.js +99 -23
package/dist/commands/doctor-update.js +12 -9
package/dist/commands/models/list.list-command.js +7 -5
package/dist/commands/models/set-image.js +2 -21
package/dist/commands/node-daemon-install-helpers.js +10 -8
package/dist/commands/onboard-auth.config-minimax.js +54 -80
package/dist/commands/onboard-auth.config-opencode.js +2 -18
package/dist/commands/onboard-auth.credentials.js +90 -13
package/dist/commands/onboard-auth.js +1 -1
package/dist/commands/onboard-auth.models.js +6 -5
package/dist/commands/onboard-hooks.js +1 -1
package/dist/commands/onboard-non-interactive/api-keys.js +14 -7
package/dist/commands/onboard-non-interactive/local/auth-choice.js +64 -49
package/dist/commands/onboard-provider-auth-flags.js +14 -0
package/dist/commands/onboard-remote.js +14 -7
package/dist/commands/onboard.js +11 -13
package/dist/commands/sandbox-display.js +6 -5
package/dist/commands/status-all/diagnosis.js +14 -10
package/dist/commands/status-all/format.js +1 -0
package/dist/commands/status.gateway-probe.js +1 -16
package/dist/commands/systemd-linger.js +12 -6
package/dist/config/agent-limits.js +2 -0
package/dist/config/commands.js +30 -16
package/dist/config/config-paths.js +9 -11
package/dist/config/defaults.js +22 -2
package/dist/config/discord-preview-streaming.js +104 -0
package/dist/config/env-vars.js +37 -8
package/dist/config/includes.js +4 -0
package/dist/config/io.js +97 -12
package/dist/config/legacy.migrations.part-1.js +189 -78
package/dist/config/legacy.shared.js +3 -1
package/dist/config/merge-patch.js +4 -0
package/dist/config/prototype-keys.js +4 -0
package/dist/config/schema.help.js +44 -7
package/dist/config/schema.labels.js +38 -6
package/dist/config/sessions/delivery-info.js +10 -3
package/dist/config/sessions/main-session.js +10 -5
package/dist/config/sessions/session-file.js +33 -0
package/dist/config/sessions/session-key.js +10 -5
package/dist/config/sessions/store.js +1 -1
package/dist/config/sessions.js +1 -0
package/dist/config/zod-schema.agent-runtime.js +11 -0
package/dist/config/zod-schema.js +148 -13
package/dist/config/zod-schema.providers-core.js +78 -4
package/dist/config/zod-schema.providers.js +6 -1
package/dist/config/zod-schema.session.js +41 -2
package/dist/cron/run-log.js +3 -0
package/dist/cron/schedule.js +21 -10
package/dist/cron/service/ops.js +35 -21
package/dist/cron/service/timer.js +116 -16
package/dist/cron/stagger.js +3 -1
package/dist/discord/api.js +12 -6
package/dist/discord/draft-chunking.js +22 -0
package/dist/discord/draft-stream.js +124 -0
package/dist/discord/monitor/agent-components.js +1 -1
package/dist/discord/monitor/commands.js +5 -0
package/dist/discord/monitor/gateway-plugin.js +2 -1
package/dist/discord/monitor/listeners.js +37 -27
package/dist/discord/monitor/message-handler.js +4 -1
package/dist/discord/monitor/message-handler.preflight.js +65 -8
package/dist/discord/monitor/message-handler.process.js +246 -217
package/dist/discord/monitor/message-utils.js +143 -6
package/dist/discord/monitor/model-picker-preferences.js +143 -0
package/dist/discord/monitor/model-picker.js +651 -0
package/dist/discord/monitor/native-command.js +573 -16
package/dist/discord/monitor/provider.allowlist.js +223 -0
package/dist/discord/monitor/provider.js +275 -347
package/dist/discord/monitor/provider.lifecycle.js +100 -0
package/dist/discord/monitor/reply-delivery.js +123 -16
package/dist/discord/monitor/thread-bindings.discord-api.js +215 -0
package/dist/discord/monitor/thread-bindings.js +4 -0
package/dist/discord/monitor/thread-bindings.lifecycle.js +177 -0
package/dist/discord/monitor/thread-bindings.manager.js +423 -0
package/dist/discord/monitor/thread-bindings.messages.js +55 -0
package/dist/discord/monitor/thread-bindings.state.js +358 -0
package/dist/discord/monitor/thread-bindings.types.js +6 -0
package/dist/discord/resolve-users.js +33 -21
package/dist/discord/send.channels.js +15 -0
package/dist/discord/send.js +3 -2
package/dist/discord/send.outbound.js +82 -26
package/dist/discord/send.permissions.js +83 -30
package/dist/discord/send.reactions.js +8 -4
package/dist/discord/token.js +10 -5
package/dist/discord/voice/command.js +263 -0
package/dist/discord/voice/manager.js +531 -0
package/dist/gateway/auth.js +34 -10
package/dist/gateway/call.js +4 -16
package/dist/gateway/client.js +28 -4
package/dist/gateway/config-reload.js +3 -4
package/dist/gateway/control-ui.js +219 -96
package/dist/gateway/hooks-mapping.js +88 -38
package/dist/gateway/http-auth-helpers.js +3 -2
package/dist/gateway/http-endpoint-helpers.js +1 -0
package/dist/gateway/net.js +54 -12
package/dist/gateway/node-invoke-system-run-approval.js +14 -35
package/dist/gateway/node-registry.js +10 -5
package/dist/gateway/openai-http.js +1 -0
package/dist/gateway/openresponses-http.js +1 -0
package/dist/gateway/origin-check.js +1 -18
package/dist/gateway/protocol/index.js +4 -3
package/dist/gateway/protocol/schema/cron.js +1 -0
package/dist/gateway/protocol/schema/devices.js +1 -0
package/dist/gateway/protocol/schema/protocol-schemas.js +2 -1
package/dist/gateway/protocol/schema/sessions.js +6 -0
package/dist/gateway/role-policy.js +17 -0
package/dist/gateway/server/ws-connection/connect-policy.js +37 -0
package/dist/gateway/server/ws-connection/message-handler.js +175 -148
package/dist/gateway/server-chat.js +83 -25
package/dist/gateway/server-constants.js +10 -9
package/dist/gateway/server-cron.js +1 -0
package/dist/gateway/server-http.js +16 -7
package/dist/gateway/server-maintenance.js +20 -5
package/dist/gateway/server-methods/chat.js +10 -6
package/dist/gateway/server-methods/config.js +12 -14
package/dist/gateway/server-methods/devices.js +17 -3
package/dist/gateway/server-methods/models.js +11 -1
package/dist/gateway/server-methods/sessions.js +64 -8
package/dist/gateway/server-methods/usage.js +162 -75
package/dist/gateway/server-node-events.js +29 -0
package/dist/gateway/server-runtime-config.js +34 -13
package/dist/gateway/server-startup-memory.js +17 -11
package/dist/gateway/session-utils.fs.js +32 -34
package/dist/gateway/sessions-resolve.js +17 -5
package/dist/gateway/test-helpers.openai-mock.js +14 -7
package/dist/gateway/tools-invoke-http.js +21 -10
package/dist/hooks/bundled/bootstrap-extra-files/handler.js +3 -1
package/dist/hooks/bundled/command-logger/handler.js +7 -2
package/dist/hooks/bundled/session-memory/handler.js +6 -5
package/dist/hooks/frontmatter.js +6 -6
package/dist/hooks/gmail-watcher.js +11 -6
package/dist/hooks/internal-hooks.js +11 -1
package/dist/hooks/llm-slug-generator.js +4 -1
package/dist/hooks/workspace.js +47 -17
package/dist/imessage/accounts.js +9 -20
package/dist/imessage/monitor/inbound-processing.js +2 -1
package/dist/infra/archive.js +174 -73
package/dist/infra/control-ui-assets.js +14 -6
package/dist/infra/device-pairing.js +108 -29
package/dist/infra/env.js +10 -5
package/dist/infra/exec-approvals-allowlist.js +122 -0
package/dist/infra/exec-approvals-analysis.js +34 -3
package/dist/infra/exec-approvals.js +5 -17
package/dist/infra/exec-safe-bin-policy.js +53 -45
package/dist/infra/fs-safe.js +71 -39
package/dist/infra/gateway-lock.js +6 -2
package/dist/infra/heartbeat-wake.js +6 -12
package/dist/infra/host-env-security-policy.json +19 -0
package/dist/infra/host-env-security.js +66 -0
package/dist/infra/net/ssrf.js +131 -38
package/dist/infra/outbound/bound-delivery-router.js +88 -0
package/dist/infra/outbound/channel-selection.js +12 -6
package/dist/infra/outbound/envelope.js +1 -1
package/dist/infra/outbound/format.js +12 -6
package/dist/infra/outbound/payloads.js +14 -7
package/dist/infra/outbound/session-binding-service.js +123 -0
package/dist/infra/path-guards.js +25 -0
package/dist/infra/provider-usage.fetch.codex.js +7 -15
package/dist/infra/provider-usage.fetch.gemini.js +14 -11
package/dist/infra/provider-usage.fetch.shared.js +30 -1
package/dist/infra/provider-usage.fetch.zai.js +10 -9
package/dist/infra/retry-policy.js +4 -2
package/dist/infra/retry.js +9 -5
package/dist/infra/session-cost-usage.js +107 -59
package/dist/infra/session-maintenance-warning.js +3 -1
package/dist/infra/shell-env.js +98 -34
package/dist/infra/ssh-config.js +12 -6
package/dist/infra/system-run-command.js +49 -4
package/dist/infra/update-channels.js +10 -5
package/dist/line/accounts.js +5 -7
package/dist/line/bot-access.js +8 -20
package/dist/line/bot-handlers.js +3 -1
package/dist/link-understanding/detect.js +15 -7
package/dist/media/constants.js +15 -6
package/dist/media/image-ops.js +7 -0
package/dist/media/local-roots.js +3 -2
package/dist/media-understanding/apply.js +4 -1
package/dist/media-understanding/concurrency.js +8 -20
package/dist/memory/backend-config.js +45 -6
package/dist/memory/embeddings.js +10 -4
package/dist/memory/fs-utils.js +23 -0
package/dist/memory/manager-search.js +12 -6
package/dist/memory/manager-sync-ops.js +12 -2
package/dist/memory/qmd-manager.js +466 -53
package/dist/memory/query-expansion.js +167 -3
package/dist/memory/status-format.js +10 -5
package/dist/memory/sync-memory-files.js +1 -1
package/dist/node-host/invoke-system-run.js +281 -0
package/dist/node-host/invoke.js +55 -337
package/dist/pairing/pairing-store.js +22 -0
package/dist/plugin-sdk/allow-from.js +1 -1
package/dist/plugin-sdk/command-auth.js +3 -1
package/dist/plugin-sdk/index.js +6 -3
package/dist/plugin-sdk/webhook-targets.js +32 -0
package/dist/plugins/bundled-dir.js +9 -6
package/dist/plugins/hooks.js +50 -0
package/dist/plugins/install.js +28 -16
package/dist/plugins/runtime.js +3 -17
package/dist/plugins/update.js +78 -12
package/dist/process/spawn-utils.js +14 -7
package/dist/providers/github-copilot-token.js +11 -6
package/dist/providers/qwen-portal-oauth.js +14 -6
package/dist/routing/account-id.js +30 -0
package/dist/routing/resolve-route.js +3 -7
package/dist/routing/session-key.js +2 -16
package/dist/security/audit-channel.js +93 -2
package/dist/security/audit-extra.async.js +159 -5
package/dist/security/audit-extra.js +1 -1
package/dist/security/audit-extra.sync.js +85 -6
package/dist/security/audit.js +40 -4
package/dist/security/dm-policy-shared.js +44 -0
package/dist/security/external-content.js +26 -6
package/dist/shared/entry-status.js +6 -0
package/dist/shared/frontmatter.js +5 -5
package/dist/shared/node-match.js +11 -4
package/dist/shared/operator-scope-compat.js +8 -3
package/dist/signal/accounts.js +7 -20
package/dist/signal/monitor/event-handler.js +3 -1
package/dist/slack/accounts.js +6 -19
package/dist/slack/actions.js +11 -3
package/dist/slack/monitor/auth.js +1 -1
package/dist/slack/monitor/message-handler/dispatch.js +50 -29
package/dist/slack/monitor/replies.js +15 -7
package/dist/slack/monitor/slash.js +22 -13
package/dist/slack/resolve-channels.js +10 -5
package/dist/slack/send.js +102 -12
package/dist/slack/stream-mode.js +10 -0
package/dist/slack/streaming.js +4 -2
package/dist/telegram/accounts.js +19 -14
package/dist/telegram/bot/helpers.js +3 -5
package/dist/telegram/bot-access.js +35 -36
package/dist/telegram/bot-handlers.js +120 -148
package/dist/telegram/bot-message-context.js +68 -9
package/dist/telegram/bot-message-dispatch.js +155 -90
package/dist/telegram/bot-native-commands.js +16 -0
package/dist/telegram/draft-stream.js +14 -1
package/dist/telegram/inline-buttons.js +5 -15
package/dist/telegram/monitor.js +11 -7
package/dist/telegram/network-config.js +19 -7
package/dist/telegram/send.js +3 -2
package/dist/telegram/sent-message-cache.js +5 -6
package/dist/telegram/status-reaction-variants.js +208 -0
package/dist/telegram/sticker-cache.js +11 -9
package/dist/terminal/theme.js +12 -12
package/dist/tts/tts.js +80 -567
package/dist/tui/components/chat-log.js +41 -8
package/dist/tui/theme/theme.js +10 -12
package/dist/tui/tui-local-shell.js +16 -6
package/dist/tui/tui.js +58 -6
package/dist/utils/account-id.js +2 -4
package/dist/utils/boolean.js +10 -5
package/dist/utils/directive-tags.js +11 -0
package/dist/utils/queue-helpers.js +67 -12
package/dist/web/auto-reply/deliver-reply.js +8 -4
package/dist/web/auto-reply/mentions.js +10 -5
package/dist/web/auto-reply/monitor/group-members.js +14 -7
package/dist/web/auto-reply/monitor/process-message.js +45 -24
package/dist/web/inbound/access-control.js +5 -2
package/dist/web/login-qr.js +12 -6
package/dist/web/media.js +123 -16
package/extensions/bluebubbles/src/monitor-processing.ts +580 -139
package/extensions/bluebubbles/src/monitor.ts +208 -1950
package/package.json +1 -1

package/dist/memory/query-expansion.js CHANGED Viewed

@@ -116,6 +116,157 @@ const STOP_WORDS_EN = new Set([
     "tell",
     "give",
 ]);
+const STOP_WORDS_KO = new Set([
+    // Particles (조사)
+    "은",
+    "는",
+    "이",
+    "가",
+    "을",
+    "를",
+    "의",
+    "에",
+    "에서",
+    "로",
+    "으로",
+    "와",
+    "과",
+    "도",
+    "만",
+    "까지",
+    "부터",
+    "한테",
+    "에게",
+    "께",
+    "처럼",
+    "같이",
+    "보다",
+    "마다",
+    "밖에",
+    "대로",
+    // Pronouns (대명사)
+    "나",
+    "나는",
+    "내가",
+    "나를",
+    "너",
+    "우리",
+    "저",
+    "저희",
+    "그",
+    "그녀",
+    "그들",
+    "이것",
+    "저것",
+    "그것",
+    "여기",
+    "저기",
+    "거기",
+    // Common verbs / auxiliaries (일반 동사/보조 동사)
+    "있다",
+    "없다",
+    "하다",
+    "되다",
+    "이다",
+    "아니다",
+    "보다",
+    "주다",
+    "오다",
+    "가다",
+    // Nouns (의존 명사 / vague)
+    "것",
+    "거",
+    "등",
+    "수",
+    "때",
+    "곳",
+    "중",
+    "분",
+    // Adverbs
+    "잘",
+    "더",
+    "또",
+    "매우",
+    "정말",
+    "아주",
+    "많이",
+    "너무",
+    "좀",
+    // Conjunctions
+    "그리고",
+    "하지만",
+    "그래서",
+    "그런데",
+    "그러나",
+    "또는",
+    "그러면",
+    // Question words
+    "왜",
+    "어떻게",
+    "뭐",
+    "언제",
+    "어디",
+    "누구",
+    "무엇",
+    "어떤",
+    // Time (vague)
+    "어제",
+    "오늘",
+    "내일",
+    "최근",
+    "지금",
+    "아까",
+    "나중",
+    "전에",
+    // Request words
+    "제발",
+    "부탁",
+]);
+// Common Korean trailing particles to strip from words for tokenization
+// Sorted by descending length so longest-match-first is guaranteed.
+const KO_TRAILING_PARTICLES = [
+    "에서",
+    "으로",
+    "에게",
+    "한테",
+    "처럼",
+    "같이",
+    "보다",
+    "까지",
+    "부터",
+    "마다",
+    "밖에",
+    "대로",
+    "은",
+    "는",
+    "이",
+    "가",
+    "을",
+    "를",
+    "의",
+    "에",
+    "로",
+    "와",
+    "과",
+    "도",
+    "만",
+].toSorted((a, b) => b.length - a.length);
+function stripKoreanTrailingParticle(token) {
+    for (const particle of KO_TRAILING_PARTICLES) {
+        if (token.length > particle.length && token.endsWith(particle)) {
+            return token.slice(0, -particle.length);
+        }
+    }
+    return null;
+}
+function isUsefulKoreanStem(stem) {
+    // Prevent bogus one-syllable stems from words like "논의" -> "논".
+    if (/[\uac00-\ud7af]/.test(stem)) {
+        return stem.length >= 2;
+    }
+    // Keep stripped ASCII stems for mixed tokens like "API를" -> "api".
+    return /^[a-z0-9_]+$/i.test(stem);
+}
 const STOP_WORDS_ZH = new Set([
     // Pronouns
     "我",
@@ -236,7 +387,7 @@ function isValidKeyword(token) {
     return true;
 }
 /**
- * Simple tokenizer that handles both English and Chinese text.
+ * Simple tokenizer that handles English, Chinese, and Korean text.
  * For Chinese, we do character-based splitting since we don't have a proper segmenter.
  * For English, we split on whitespace and punctuation.
  */
@@ -246,7 +397,7 @@ function tokenize(text) {
     // Split into segments (English words, Chinese character sequences, etc.)
     const segments = normalized.split(/[\s\p{P}]+/u).filter(Boolean);
     for (const segment of segments) {
-        // Check if segment contains CJK characters
+        // Check if segment contains CJK characters (Chinese)
         if (/[\u4e00-\u9fff]/.test(segment)) {
             // For Chinese, extract character n-grams (unigrams and bigrams)
             const chars = Array.from(segment).filter((c) => /[\u4e00-\u9fff]/.test(c));
@@ -257,6 +408,19 @@ function tokenize(text) {
                 tokens.push(chars[i] + chars[i + 1]);
             }
         }
+        else if (/[\uac00-\ud7af\u3131-\u3163]/.test(segment)) {
+            // For Korean (Hangul syllables and jamo), keep the word as-is unless it is
+            // effectively a stop word once trailing particles are removed.
+            const stem = stripKoreanTrailingParticle(segment);
+            const stemIsStopWord = stem !== null && STOP_WORDS_KO.has(stem);
+            if (!STOP_WORDS_KO.has(segment) && !stemIsStopWord) {
+                tokens.push(segment);
+            }
+            // Also emit particle-stripped stems when they are useful keywords.
+            if (stem && !STOP_WORDS_KO.has(stem) && isUsefulKoreanStem(stem)) {
+                tokens.push(stem);
+            }
+        }
         else {
             // For non-CJK, keep as single token
             tokens.push(segment);
@@ -278,7 +442,7 @@ export function extractKeywords(query) {
     const seen = new Set();
     for (const token of tokens) {
         // Skip stop words
-        if (STOP_WORDS_EN.has(token) || STOP_WORDS_ZH.has(token)) {
+        if (STOP_WORDS_EN.has(token) || STOP_WORDS_ZH.has(token) || STOP_WORDS_KO.has(token)) {
             continue;
         }
         // Skip invalid keywords

package/dist/memory/status-format.js CHANGED Viewed

@@ -1,20 +1,25 @@
 export function resolveMemoryVectorState(vector) {
-    if (vector.enabled === false)
+    if (!vector.enabled) {
         return { tone: "muted", state: "disabled" };
-    if (vector.available === true)
+    }
+    if (vector.available === true) {
         return { tone: "ok", state: "ready" };
-    if (vector.available === false)
+    }
+    if (vector.available === false) {
         return { tone: "warn", state: "unavailable" };
+    }
     return { tone: "muted", state: "unknown" };
 }
 export function resolveMemoryFtsState(fts) {
-    if (fts.enabled === false)
+    if (!fts.enabled) {
         return { tone: "muted", state: "disabled" };
+    }
     return fts.available ? { tone: "ok", state: "ready" } : { tone: "warn", state: "unavailable" };
 }
 export function resolveMemoryCacheSummary(cache) {
-    if (!cache.enabled)
+    if (!cache.enabled) {
         return { tone: "muted", text: "cache off" };
+    }
     const suffix = typeof cache.entries === "number" ? ` (${cache.entries})` : "";
     return { tone: "ok", text: `cache on${suffix}` };
 }

package/dist/memory/sync-memory-files.js CHANGED Viewed

@@ -3,7 +3,7 @@ import { buildFileEntry, listMemoryFiles } from "./internal.js";
 const log = createSubsystemLogger("memory");
 export async function syncMemoryFiles(params) {
     const files = await listMemoryFiles(params.workspaceDir);
-    const fileEntries = await Promise.all(files.map(async (file) => buildFileEntry(file, params.workspaceDir)));
+    const fileEntries = (await Promise.all(files.map(async (file) => buildFileEntry(file, params.workspaceDir)))).filter((entry) => entry !== null);
     log.debug("memory sync: indexing memory files", {
         files: fileEntries.length,
         needsFullReindex: params.needsFullReindex,

package/dist/node-host/invoke-system-run.js ADDED Viewed

@@ -0,0 +1,281 @@
+import crypto from "node:crypto";
+import { resolveAgentConfig } from "../agents/agent-scope.js";
+import { loadConfig } from "../config/config.js";
+import { addAllowlistEntry, analyzeArgvCommand, evaluateExecAllowlist, evaluateShellAllowlist, recordAllowlistUse, requiresExecApproval, resolveAllowAlwaysPatterns, resolveExecApprovals, resolveSafeBins, } from "../infra/exec-approvals.js";
+import { getTrustedSafeBinDirs } from "../infra/exec-safe-bin-trust.js";
+import { resolveSystemRunCommand } from "../infra/system-run-command.js";
+export async function handleSystemRunInvoke(opts) {
+    const command = resolveSystemRunCommand({
+        command: opts.params.command,
+        rawCommand: opts.params.rawCommand,
+    });
+    if (!command.ok) {
+        await opts.sendInvokeResult({
+            ok: false,
+            error: { code: "INVALID_REQUEST", message: command.message },
+        });
+        return;
+    }
+    if (command.argv.length === 0) {
+        await opts.sendInvokeResult({
+            ok: false,
+            error: { code: "INVALID_REQUEST", message: "command required" },
+        });
+        return;
+    }
+    const argv = command.argv;
+    const rawCommand = command.rawCommand ?? "";
+    const shellCommand = command.shellCommand;
+    const cmdText = command.cmdText;
+    const agentId = opts.params.agentId?.trim() || undefined;
+    const cfg = loadConfig();
+    const agentExec = agentId ? resolveAgentConfig(cfg, agentId)?.tools?.exec : undefined;
+    const configuredSecurity = opts.resolveExecSecurity(agentExec?.security ?? cfg.tools?.exec?.security);
+    const configuredAsk = opts.resolveExecAsk(agentExec?.ask ?? cfg.tools?.exec?.ask);
+    const approvals = resolveExecApprovals(agentId, {
+        security: configuredSecurity,
+        ask: configuredAsk,
+    });
+    const security = approvals.agent.security;
+    const ask = approvals.agent.ask;
+    const autoAllowSkills = approvals.agent.autoAllowSkills;
+    const sessionKey = opts.params.sessionKey?.trim() || "node";
+    const runId = opts.params.runId?.trim() || crypto.randomUUID();
+    const env = opts.sanitizeEnv(opts.params.env ?? undefined);
+    const safeBins = resolveSafeBins(agentExec?.safeBins ?? cfg.tools?.exec?.safeBins);
+    const trustedSafeBinDirs = getTrustedSafeBinDirs();
+    const bins = autoAllowSkills ? await opts.skillBins.current() : new Set();
+    let analysisOk = false;
+    let allowlistMatches = [];
+    let allowlistSatisfied = false;
+    let segments = [];
+    if (shellCommand) {
+        const allowlistEval = evaluateShellAllowlist({
+            command: shellCommand,
+            allowlist: approvals.allowlist,
+            safeBins,
+            cwd: opts.params.cwd ?? undefined,
+            env,
+            trustedSafeBinDirs,
+            skillBins: bins,
+            autoAllowSkills,
+            platform: process.platform,
+        });
+        analysisOk = allowlistEval.analysisOk;
+        allowlistMatches = allowlistEval.allowlistMatches;
+        allowlistSatisfied =
+            security === "allowlist" && analysisOk ? allowlistEval.allowlistSatisfied : false;
+        segments = allowlistEval.segments;
+    }
+    else {
+        const analysis = analyzeArgvCommand({ argv, cwd: opts.params.cwd ?? undefined, env });
+        const allowlistEval = evaluateExecAllowlist({
+            analysis,
+            allowlist: approvals.allowlist,
+            safeBins,
+            cwd: opts.params.cwd ?? undefined,
+            trustedSafeBinDirs,
+            skillBins: bins,
+            autoAllowSkills,
+        });
+        analysisOk = analysis.ok;
+        allowlistMatches = allowlistEval.allowlistMatches;
+        allowlistSatisfied =
+            security === "allowlist" && analysisOk ? allowlistEval.allowlistSatisfied : false;
+        segments = analysis.segments;
+    }
+    const isWindows = process.platform === "win32";
+    const cmdInvocation = shellCommand
+        ? opts.isCmdExeInvocation(segments[0]?.argv ?? [])
+        : opts.isCmdExeInvocation(argv);
+    if (security === "allowlist" && isWindows && cmdInvocation) {
+        analysisOk = false;
+        allowlistSatisfied = false;
+    }
+    const useMacAppExec = process.platform === "darwin";
+    if (useMacAppExec) {
+        const approvalDecision = opts.params.approvalDecision === "allow-once" ||
+            opts.params.approvalDecision === "allow-always"
+            ? opts.params.approvalDecision
+            : null;
+        const execRequest = {
+            command: argv,
+            rawCommand: rawCommand || shellCommand || null,
+            cwd: opts.params.cwd ?? null,
+            env: opts.params.env ?? null,
+            timeoutMs: opts.params.timeoutMs ?? null,
+            needsScreenRecording: opts.params.needsScreenRecording ?? null,
+            agentId: agentId ?? null,
+            sessionKey: sessionKey ?? null,
+            approvalDecision,
+        };
+        const response = await opts.runViaMacAppExecHost({ approvals, request: execRequest });
+        if (!response) {
+            if (opts.execHostEnforced || !opts.execHostFallbackAllowed) {
+                await opts.sendNodeEvent(opts.client, "exec.denied", opts.buildExecEventPayload({
+                    sessionKey,
+                    runId,
+                    host: "node",
+                    command: cmdText,
+                    reason: "companion-unavailable",
+                }));
+                await opts.sendInvokeResult({
+                    ok: false,
+                    error: {
+                        code: "UNAVAILABLE",
+                        message: "COMPANION_APP_UNAVAILABLE: macOS app exec host unreachable",
+                    },
+                });
+                return;
+            }
+        }
+        else if (!response.ok) {
+            const reason = response.error.reason ?? "approval-required";
+            await opts.sendNodeEvent(opts.client, "exec.denied", opts.buildExecEventPayload({
+                sessionKey,
+                runId,
+                host: "node",
+                command: cmdText,
+                reason,
+            }));
+            await opts.sendInvokeResult({
+                ok: false,
+                error: { code: "UNAVAILABLE", message: response.error.message },
+            });
+            return;
+        }
+        else {
+            const result = response.payload;
+            await opts.sendExecFinishedEvent({ sessionKey, runId, cmdText, result });
+            await opts.sendInvokeResult({
+                ok: true,
+                payloadJSON: JSON.stringify(result),
+            });
+            return;
+        }
+    }
+    if (security === "deny") {
+        await opts.sendNodeEvent(opts.client, "exec.denied", opts.buildExecEventPayload({
+            sessionKey,
+            runId,
+            host: "node",
+            command: cmdText,
+            reason: "security=deny",
+        }));
+        await opts.sendInvokeResult({
+            ok: false,
+            error: { code: "UNAVAILABLE", message: "SYSTEM_RUN_DISABLED: security=deny" },
+        });
+        return;
+    }
+    const requiresAsk = requiresExecApproval({
+        ask,
+        security,
+        analysisOk,
+        allowlistSatisfied,
+    });
+    const approvalDecision = opts.params.approvalDecision === "allow-once" || opts.params.approvalDecision === "allow-always"
+        ? opts.params.approvalDecision
+        : null;
+    const approvedByAsk = approvalDecision !== null || opts.params.approved === true;
+    if (requiresAsk && !approvedByAsk) {
+        await opts.sendNodeEvent(opts.client, "exec.denied", opts.buildExecEventPayload({
+            sessionKey,
+            runId,
+            host: "node",
+            command: cmdText,
+            reason: "approval-required",
+        }));
+        await opts.sendInvokeResult({
+            ok: false,
+            error: { code: "UNAVAILABLE", message: "SYSTEM_RUN_DENIED: approval required" },
+        });
+        return;
+    }
+    if (approvalDecision === "allow-always" && security === "allowlist") {
+        if (analysisOk) {
+            const patterns = resolveAllowAlwaysPatterns({
+                segments,
+                cwd: opts.params.cwd ?? undefined,
+                env,
+                platform: process.platform,
+            });
+            for (const pattern of patterns) {
+                if (pattern) {
+                    addAllowlistEntry(approvals.file, agentId, pattern);
+                }
+            }
+        }
+    }
+    if (security === "allowlist" && (!analysisOk || !allowlistSatisfied) && !approvedByAsk) {
+        await opts.sendNodeEvent(opts.client, "exec.denied", opts.buildExecEventPayload({
+            sessionKey,
+            runId,
+            host: "node",
+            command: cmdText,
+            reason: "allowlist-miss",
+        }));
+        await opts.sendInvokeResult({
+            ok: false,
+            error: { code: "UNAVAILABLE", message: "SYSTEM_RUN_DENIED: allowlist miss" },
+        });
+        return;
+    }
+    if (allowlistMatches.length > 0) {
+        const seen = new Set();
+        for (const match of allowlistMatches) {
+            if (!match?.pattern || seen.has(match.pattern)) {
+                continue;
+            }
+            seen.add(match.pattern);
+            recordAllowlistUse(approvals.file, agentId, match, cmdText, segments[0]?.resolution?.resolvedPath);
+        }
+    }
+    if (opts.params.needsScreenRecording === true) {
+        await opts.sendNodeEvent(opts.client, "exec.denied", opts.buildExecEventPayload({
+            sessionKey,
+            runId,
+            host: "node",
+            command: cmdText,
+            reason: "permission:screenRecording",
+        }));
+        await opts.sendInvokeResult({
+            ok: false,
+            error: { code: "UNAVAILABLE", message: "PERMISSION_MISSING: screenRecording" },
+        });
+        return;
+    }
+    let execArgv = argv;
+    if (security === "allowlist" &&
+        isWindows &&
+        !approvedByAsk &&
+        shellCommand &&
+        analysisOk &&
+        allowlistSatisfied &&
+        segments.length === 1 &&
+        segments[0]?.argv.length > 0) {
+        execArgv = segments[0].argv;
+    }
+    const result = await opts.runCommand(execArgv, opts.params.cwd?.trim() || undefined, env, opts.params.timeoutMs ?? undefined);
+    if (result.truncated) {
+        const suffix = "... (truncated)";
+        if (result.stderr.trim().length > 0) {
+            result.stderr = `${result.stderr}\n${suffix}`;
+        }
+        else {
+            result.stdout = `${result.stdout}\n${suffix}`;
+        }
+    }
+    await opts.sendExecFinishedEvent({ sessionKey, runId, cmdText, result });
+    await opts.sendInvokeResult({
+        ok: true,
+        payloadJSON: JSON.stringify({
+            exitCode: result.exitCode,
+            timedOut: result.timedOut,
+            success: result.success,
+            stdout: result.stdout,
+            stderr: result.stderr,
+            error: result.error ?? null,
+        }),
+    });
+}