@wu529778790/open-im 1.8.1-beta.16 → 1.8.1-beta.18

package/dist/access/access-control.js

@@ -8,7 +8,7 @@ export class AccessControl {
     }
     isAllowed(userId) {
         if (this.allowedUserIds.size === 0) {
-            log.debug(`Allowing user ${userId} (no whitelist configured)`);
+            log.warn(`Allowing user ${userId} — no whitelist configured. Set allowedUserIds to restrict access.`);
             return true;
         }
         const allowed = this.allowedUserIds.has(userId);

package/dist/adapters/claude-sdk-adapter.js

@@ -16,6 +16,21 @@ const log = createLogger('ClaudeSDK');
 const activeSessions = new Map();
 // 存储正在进行的流式迭代器，用于中断
 const activeStreams = new Set();
+// Mutex to serialize process.chdir() calls across concurrent users
+let chdirMutex = Promise.resolve();
+function withChdirMutex(fn) {
+    const previous = chdirMutex;
+    let resolve;
+    chdirMutex = new Promise((r) => { resolve = r; });
+    return previous.then(() => {
+        try {
+            return fn();
+        }
+        finally {
+            resolve();
+        }
+    });
+}
 function isStreamEvent(msg) {
     return msg.type === 'stream_event';
 }
@@ -45,43 +60,43 @@ async function getOrCreateSession(sessionId, workDir, model, permissionMode) {
     };
     const baseUrl = process.env.ANTHROPIC_BASE_URL ?? '(default)';
     log.info(`[V2] getOrCreateSession model param=${String(model ?? '')} resolved=${resolvedModel} baseUrl=${baseUrl} workDir=${workDir}`);
-    let session;
-    // SDK V2 的 SDKSessionOptions 没有 cwd 字段，
-    // 需要通过 process.chdir() 临时切换工作目录。
-    // 因为 createSession/resumeSession 是同步调用，且 JS 单线程，所以是安全的。
-    const originalCwd = process.cwd();
-    try {
-        if (workDir && workDir !== originalCwd) {
-            process.chdir(workDir);
-        }
-        if (sessionId) {
-            // 尝试恢复已有会话
-            try {
-                log.info(`Attempting to resume session: ${sessionId}`);
-                session = unstable_v2_resumeSession(sessionId, sessionOptions);
-                activeSessions.set(sessionId, session);
-                log.info(`Successfully resumed session: ${sessionId}`);
-                return { session, sessionId };
+    // Use mutex to serialize process.chdir() calls across concurrent users
+    return withChdirMutex(() => {
+        let session;
+        const originalCwd = process.cwd();
+        try {
+            if (workDir && workDir !== originalCwd) {
+                process.chdir(workDir);
             }
-            catch (err) {
-                log.warn(`Failed to resume session ${sessionId}, creating new one: ${err}`);
-                // 恢复失败，创建新会话
+            if (sessionId) {
+                // 尝试恢复已有会话
+                try {
+                    log.info(`Attempting to resume session: ${sessionId}`);
+                    session = unstable_v2_resumeSession(sessionId, sessionOptions);
+                    activeSessions.set(sessionId, session);
+                    log.info(`Successfully resumed session: ${sessionId}`);
+                    return { session, sessionId };
+                }
+                catch (err) {
+                    log.warn(`Failed to resume session ${sessionId}, creating new one: ${err}`);
+                    // 恢复失败，创建新会话
+                }
             }
+            // 创建新会话
+            session = unstable_v2_createSession(sessionOptions);
+            // 新会话的 sessionId 需要从第一个消息中获取
+            // 暂时返回 undefined，稍后在 init 消息中获取
+            const tempId = `pending-${Date.now()}`;
+            activeSessions.set(tempId, session);
+            log.info(`Created new session (tempId: ${tempId})`);
+            return { session, sessionId: tempId };
         }
-        // 创建新会话
-        session = unstable_v2_createSession(sessionOptions);
-        // 新会话的 sessionId 需要从第一个消息中获取
-        // 暂时返回 undefined，稍后在 init 消息中获取
-        const tempId = `pending-${Date.now()}`;
-        activeSessions.set(tempId, session);
-        log.info(`Created new session (tempId: ${tempId})`);
-        return { session, sessionId: tempId };
-    }
-    finally {
-        if (workDir && workDir !== originalCwd) {
-            process.chdir(originalCwd);
+        finally {
+            if (workDir && workDir !== originalCwd) {
+                process.chdir(originalCwd);
+            }
         }
-    }
+    });
 }
 export class ClaudeSDKAdapter {
     toolId = 'claude-sdk';

package/dist/config-web.js

@@ -180,10 +180,20 @@ function clean(value) {
     const trimmed = value.trim();
     return trimmed ? trimmed : undefined;
 }
+const MAX_REQUEST_BODY_BYTES = 1 * 1024 * 1024; // 1 MB
 function readJson(request) {
     return new Promise((resolve, reject) => {
         const chunks = [];
-        request.on("data", (chunk) => chunks.push(Buffer.from(chunk)));
+        let totalBytes = 0;
+        request.on("data", (chunk) => {
+            totalBytes += chunk.length;
+            if (totalBytes > MAX_REQUEST_BODY_BYTES) {
+                reject(new Error("Request body too large (max 1 MB)"));
+                request.destroy();
+                return;
+            }
+            chunks.push(Buffer.from(chunk));
+        });
         request.on("end", () => {
             try {
                 const raw = Buffer.concat(chunks).toString("utf-8");
@@ -200,6 +210,11 @@ function json(response, statusCode, body) {
     response.writeHead(statusCode, { "content-type": "application/json; charset=utf-8" });
     response.end(JSON.stringify(body));
 }
+function maskSecret(value) {
+    if (!value || value.length <= 4)
+        return value ? "****" : "";
+    return value.slice(0, 2) + "****" + value.slice(-2);
+}
 function buildInitialPayload(file) {
     // Load Claude settings from ~/.claude/settings.json
     const claudeEnv = loadClaudeSettingsEnv();
@@ -208,7 +223,7 @@ function buildInitialPayload(file) {
             telegram: {
                 enabled: file.platforms?.telegram?.enabled ?? Boolean(file.platforms?.telegram?.botToken),
                 aiCommand: file.platforms?.telegram?.aiCommand ?? "",
-                botToken: file.platforms?.telegram?.botToken ?? "",
+                botToken: maskSecret(file.platforms?.telegram?.botToken),
                 proxy: file.platforms?.telegram?.proxy ?? "",
                 allowedUserIds: (file.platforms?.telegram?.allowedUserIds ?? []).join(", "),
             },
@@ -216,36 +231,36 @@ function buildInitialPayload(file) {
                 enabled: file.platforms?.feishu?.enabled ?? Boolean(file.platforms?.feishu?.appId && file.platforms?.feishu?.appSecret),
                 aiCommand: file.platforms?.feishu?.aiCommand ?? "",
                 appId: file.platforms?.feishu?.appId ?? "",
-                appSecret: file.platforms?.feishu?.appSecret ?? "",
+                appSecret: maskSecret(file.platforms?.feishu?.appSecret),
                 allowedUserIds: (file.platforms?.feishu?.allowedUserIds ?? []).join(", "),
             },
             qq: {
                 enabled: file.platforms?.qq?.enabled ?? Boolean(file.platforms?.qq?.appId && file.platforms?.qq?.secret),
                 aiCommand: file.platforms?.qq?.aiCommand ?? "",
                 appId: file.platforms?.qq?.appId ?? "",
-                secret: file.platforms?.qq?.secret ?? "",
+                secret: maskSecret(file.platforms?.qq?.secret),
                 allowedUserIds: (file.platforms?.qq?.allowedUserIds ?? []).join(", "),
             },
             wework: {
                 enabled: file.platforms?.wework?.enabled ?? Boolean(file.platforms?.wework?.corpId && file.platforms?.wework?.secret),
                 aiCommand: file.platforms?.wework?.aiCommand ?? "",
                 corpId: file.platforms?.wework?.corpId ?? "",
-                secret: file.platforms?.wework?.secret ?? "",
+                secret: maskSecret(file.platforms?.wework?.secret),
                 allowedUserIds: (file.platforms?.wework?.allowedUserIds ?? []).join(", "),
             },
             dingtalk: {
                 enabled: file.platforms?.dingtalk?.enabled ?? Boolean(file.platforms?.dingtalk?.clientId && file.platforms?.dingtalk?.clientSecret),
                 aiCommand: file.platforms?.dingtalk?.aiCommand ?? "",
                 clientId: file.platforms?.dingtalk?.clientId ?? "",
-                clientSecret: file.platforms?.dingtalk?.clientSecret ?? "",
+                clientSecret: maskSecret(file.platforms?.dingtalk?.clientSecret),
                 cardTemplateId: file.platforms?.dingtalk?.cardTemplateId ?? "",
                 allowedUserIds: (file.platforms?.dingtalk?.allowedUserIds ?? []).join(", "),
             },
             workbuddy: {
                 enabled: file.platforms?.workbuddy?.enabled ?? Boolean(file.platforms?.workbuddy?.accessToken && file.platforms?.workbuddy?.refreshToken && file.platforms?.workbuddy?.userId),
                 aiCommand: file.platforms?.workbuddy?.aiCommand ?? "",
-                accessToken: file.platforms?.workbuddy?.accessToken ?? "",
-                refreshToken: file.platforms?.workbuddy?.refreshToken ?? "",
+                accessToken: maskSecret(file.platforms?.workbuddy?.accessToken),
+                refreshToken: maskSecret(file.platforms?.workbuddy?.refreshToken),
                 userId: file.platforms?.workbuddy?.userId ?? "",
                 baseUrl: file.platforms?.workbuddy?.baseUrl ?? "",
                 allowedUserIds: (file.platforms?.workbuddy?.allowedUserIds ?? []).join(", "),
@@ -258,7 +273,7 @@ function buildInitialPayload(file) {
             claudeConfigPath: process.platform === 'win32'
                 ? getClaudeConfigHome() + "\\.claude\\settings.json"
                 : getClaudeConfigHome() + "/.claude/settings.json",
-            claudeAuthToken: claudeEnv.ANTHROPIC_AUTH_TOKEN ?? "",
+            claudeAuthToken: maskSecret(claudeEnv.ANTHROPIC_AUTH_TOKEN),
             claudeBaseUrl: claudeEnv.ANTHROPIC_BASE_URL ?? "",
             claudeModel: claudeEnv.ANTHROPIC_MODEL ?? "",
             claudeProxy: file.tools?.claude?.proxy ?? "",

package/dist/dingtalk/event-handler.js

@@ -99,7 +99,8 @@ async function buildMediaPrompt(message, kind, robotCodeFallback) {
                 fallbackExtension: kind === 'image' ? 'jpg' : 'bin',
             });
         }
-        catch {
+        catch (err) {
+            log.warn('Failed to download DingTalk media from URL:', err);
             localPath = undefined;
         }
     }
@@ -118,7 +119,8 @@ async function buildMediaPrompt(message, kind, robotCodeFallback) {
                 localPath = await saveBufferMedia(downloaded.buffer, extension, basenameHint);
             }
         }
-        catch {
+        catch (err) {
+            log.warn('Failed to download DingTalk media via robotCode:', err);
             localPath = undefined;
         }
     }
@@ -194,7 +196,9 @@ export function setupDingTalkHandlers(config, sessionManager) {
             try {
                 await sendTextReply(chatId, '启动 AI 处理失败，请重试。');
             }
-            catch { /* ignore */ }
+            catch (err) {
+                log.warn('Failed to send startup error reply:', err);
+            }
             return;
         }
         const stopTyping = startTypingLoop(chatId);

package/dist/dingtalk/message-sender.js

@@ -24,6 +24,19 @@ const FLOW_STATUS = {
 };
 let senderSettings = {};
 const streamStates = new Map();
+// Periodic cleanup of orphaned stream states (max 30 minutes)
+const STREAM_MAX_AGE_MS = 30 * 60 * 1000;
+setInterval(() => {
+    const now = Date.now();
+    for (const [id, state] of streamStates) {
+        // streamStates in DingTalk don't have createdAt, clean up by size
+        if (streamStates.size > 50) {
+            streamStates.delete(id);
+            log.info(`Cleaned up old DingTalk stream state: ${id}`);
+            break; // Clean one at a time to avoid blocking
+        }
+    }
+}, STREAM_MAX_AGE_MS);
 function generateMessageId() {
     return `${Date.now()}-${randomBytes(6).toString('hex')}`;
 }

package/dist/feishu/event-handler.js

@@ -88,7 +88,9 @@ async function sendPermissionFallback(chatId, guide) {
         await sendTextReply(chatId, guide);
         return;
     }
-    catch { /* 卡片方式失败，降级 */ }
+    catch (err) {
+        log.warn('Card-based reply failed, falling back to plain text:', err);
+    }
     // 2. 降级为纯文本消息
     try {
         const client = (await import('./client.js')).getClient();
@@ -103,7 +105,9 @@ async function sendPermissionFallback(chatId, guide) {
         });
         return;
     }
-    catch { /* 纯文本也失败 */ }
+    catch (err) {
+        log.warn('Plain text reply also failed:', err);
+    }
     log.error('All fallback methods failed to send permission guide');
 }
 async function downloadFeishuMessageResource(client, messageId, fileKey, type, options) {
@@ -146,23 +150,38 @@ export function setupFeishuHandlers(config, sessionManager) {
         const toolId = aiCommand;
         // 使用 CardKit 打字机效果（80ms 节流，约 12 次/秒，比 patch 5 QPS 更流畅）
         let cardHandle;
-        try {
-            cardHandle = await sendThinkingCard(chatId, toolId);
-        }
-        catch (err) {
-            log.error('Failed to send thinking card:', err);
-            // 检测是否为飞书权限不足
-            if (isPermissionError(err)) {
-                const guide = buildPermissionGuideMessage(err);
-                await sendPermissionFallback(chatId, guide).catch(() => { });
+        const MAX_SEND_RETRIES = 3;
+        for (let attempt = 1; attempt <= MAX_SEND_RETRIES; attempt++) {
+            try {
+                cardHandle = await sendThinkingCard(chatId, toolId);
+                break;
             }
-            else {
-                try {
-                    await sendTextReply(chatId, '启动 AI 处理失败，请重试。');
+            catch (err) {
+                const isRetryable = err && typeof err === 'object' && 'code' in err &&
+                    (err.code === 'ETIMEDOUT' || err.code === 'ECONNRESET' || err.code === 'ECONNREFUSED');
+                if (isRetryable && attempt < MAX_SEND_RETRIES) {
+                    log.warn(`sendThinkingCard attempt ${attempt}/${MAX_SEND_RETRIES} failed (${err.code}), retrying...`);
+                    await new Promise((r) => setTimeout(r, 1000 * attempt));
+                    continue;
+                }
+                log.error(`Failed to send thinking card after ${attempt} attempts:`, err);
+                // 检测是否为飞书权限不足
+                if (isPermissionError(err)) {
+                    const guide = buildPermissionGuideMessage(err);
+                    await sendPermissionFallback(chatId, guide).catch((err) => {
+                        log.warn('Permission fallback send failed:', err);
+                    });
                 }
-                catch { /* ignore */ }
+                else {
+                    try {
+                        await sendTextReply(chatId, '启动 AI 处理失败，请重试。');
+                    }
+                    catch (err) {
+                        log.warn('Failed to send startup error reply:', err);
+                    }
+                }
+                return;
             }
-            return;
         }
         const { messageId: msgId, cardId } = cardHandle;
         const stopTyping = startTypingLoop(chatId);
@@ -219,7 +238,8 @@ export function setupFeishuHandlers(config, sessionManager) {
             try {
                 obj = JSON.parse(raw);
             }
-            catch {
+            catch (err) {
+                log.debug('Failed to parse action value as JSON:', err);
                 return null;
             }
         }
@@ -272,8 +292,8 @@ export function setupFeishuHandlers(config, sessionManager) {
             }
             actionData = parsed;
         }
-        catch {
-            /* ignore */
+        catch (err) {
+            log.debug('Failed to parse card action data:', err);
         }
         if (actionData?.action === 'stop' && actionData.card_id) {
             const cardId = actionData.card_id;

package/dist/index.js

@@ -306,6 +306,15 @@ export async function main() {
     };
     process.on("SIGINT", () => shutdown().catch(() => process.exit(1)));
     process.on("SIGTERM", () => shutdown().catch(() => process.exit(1)));
+    // Global error handlers to prevent unhandled crashes
+    process.on("unhandledRejection", (reason) => {
+        log.error("Unhandled Promise rejection:", reason);
+    });
+    process.on("uncaughtException", (err) => {
+        log.error("Uncaught exception (process will exit):", err);
+        closeLogger();
+        process.exit(1);
+    });
 }
 const isEntry = process.argv[1]?.replace(/\\/g, "/").endsWith("/index.js") ||
     process.argv[1]?.replace(/\\/g, "/").endsWith("/index.ts");

package/dist/manager-control.js

@@ -6,6 +6,10 @@ import { APP_HOME } from "./constants.js";
 const __dirname = dirname(fileURLToPath(import.meta.url));
 const PID_FILE = join(APP_HOME, "open-im.pid");
 const READY_FILE = join(APP_HOME, "open-im.ready");
+function logError(prefix, err) {
+    const msg = err instanceof Error ? err.message : String(err);
+    process.stderr.write(`[manager-control] ${prefix} ${msg}\n`);
+}
 function getManagerEntry() {
     const extension = extname(fileURLToPath(import.meta.url));
     if (extension === ".ts") {
@@ -106,6 +110,9 @@ export async function startManagerProcess(cwd) {
         env: process.env,
         windowsHide: process.platform === "win32",
     });
+    child.on("error", (err) => {
+        logError("Manager process spawn failed:", err);
+    });
     child.unref();
     if (!child.pid) {
         throw new Error("Failed to start manager process.");

package/dist/qq/client.js

@@ -144,7 +144,12 @@ function startHeartbeat(intervalMs) {
     heartbeatTimer = setInterval(() => {
         if (!ws || ws.readyState !== WebSocket.OPEN)
             return;
-        ws.send(JSON.stringify({ op: 1, d: seq }));
+        try {
+            ws.send(JSON.stringify({ op: 1, d: seq }));
+        }
+        catch (err) {
+            log.warn('QQ heartbeat send failed:', err);
+        }
     }, intervalMs);
 }
 async function connectWebSocket(config, handler) {

package/dist/qq/event-handler.js

@@ -62,7 +62,8 @@ async function buildAttachmentPrompt(event) {
                                 : "bin",
                 });
             }
-            catch {
+            catch (err) {
+                log.warn('Failed to download QQ media attachment:', err);
                 localPath = undefined;
             }
         }
@@ -153,7 +154,9 @@ export function setupQQHandlers(config, sessionManager) {
             try {
                 await sendTextReply(chatId, "启动 AI 处理失败，请重试。");
             }
-            catch { /* ignore */ }
+            catch (err) {
+                log.warn('Failed to send startup error reply:', err);
+            }
             return;
         }
         const stopTyping = startTypingLoop();

package/dist/qq/message-sender.js

@@ -7,6 +7,17 @@ import { buildDirectoryMessage } from "../shared/system-messages.js";
 const log = createLogger("QQSender");
 const MAX_QQ_MESSAGE_LENGTH = 1500;
 const pendingReplies = new Map();
+// Periodic cleanup of orphaned pending replies
+const PENDING_MAX_AGE_MS = 10 * 60 * 1000; // 10 minutes
+setInterval(() => {
+    const now = Date.now();
+    for (const [id, state] of pendingReplies) {
+        // pendingReplies don't have timestamps, but we can clear old ones based on size
+        if (pendingReplies.size > 100) {
+            pendingReplies.delete(id);
+        }
+    }
+}, PENDING_MAX_AGE_MS);
 function parseChatTarget(chatId) {
     if (chatId.startsWith("group:")) {
         return { kind: "group", id: chatId.slice("group:".length) };

package/dist/service-control.js

@@ -93,6 +93,10 @@ export function startBackgroundService(cwd) {
         env: process.env,
         windowsHide: process.platform === "win32",
     });
+    child.on("error", (err) => {
+        // Spawn failure (ENOENT etc.) — report via stderr since logger may not be initialized
+        process.stderr.write(`[service-control] Spawn failed: ${err.message}\n`);
+    });
     child.unref();
     if (!child.pid) {
         throw new Error("Failed to start background service.");

package/dist/session/session-manager.js

@@ -236,7 +236,17 @@ export class SessionManager {
         const resolved = resolveWorkDirInput(baseDir, targetDir);
         if (!existsSync(resolved))
             throw new Error(`目录不存在: \`${resolved}\``);
-        return realpath(resolved);
+        const real = await realpath(resolved);
+        // Block access to sensitive system directories
+        const blockedPrefixes = process.platform === 'win32'
+            ? ['C:\\Windows', 'C:\\Program Files', 'C:\\Program Files (x86)', 'C:\\ProgramData']
+            : ['/etc', '/proc', '/sys', '/dev', '/boot', '/root', '/sbin', '/usr/sbin'];
+        for (const prefix of blockedPrefixes) {
+            if (real.toLowerCase().startsWith(prefix.toLowerCase())) {
+                throw new Error(`不允许访问系统目录: \`${real}\``);
+            }
+        }
+        return real;
     }
     load(previousDefaultWorkDir) {
         try {

package/dist/shared/chat-user-map.js

@@ -4,6 +4,17 @@
  */
 const chatToUser = new Map();
 const chatToPlatform = new Map();
+// Periodic cleanup to prevent unbounded growth (keep last 1000 entries)
+const CHAT_MAP_MAX_SIZE = 1000;
+setInterval(() => {
+    if (chatToUser.size > CHAT_MAP_MAX_SIZE) {
+        const keysToDelete = [...chatToUser.keys()].slice(0, chatToUser.size - CHAT_MAP_MAX_SIZE);
+        for (const key of keysToDelete) {
+            chatToUser.delete(key);
+            chatToPlatform.delete(key);
+        }
+    }
+}, 60 * 60 * 1000); // Check every hour
 export function setChatUser(chatId, userId, platform) {
     chatToUser.set(chatId, userId);
     if (platform)

package/dist/shared/media-storage.js

@@ -131,6 +131,33 @@ export async function saveBase64Media(base64, extension, basenameHint) {
     return saveBufferMedia(Buffer.from(base64, "base64"), extension, basenameHint);
 }
 export async function downloadMediaFromUrl(url, options) {
+    // SSRF protection: validate URL before fetching
+    const BLOCKED_HOSTS = ['127.0.0.1', 'localhost', '0.0.0.0', '[::1]', '169.254.169.254'];
+    let parsedUrl;
+    try {
+        parsedUrl = new URL(url);
+    }
+    catch {
+        throw new Error(`Invalid URL: ${url}`);
+    }
+    const protocol = parsedUrl.protocol.toLowerCase();
+    if (protocol !== 'https:' && protocol !== 'http:') {
+        throw new Error(`Unsupported URL protocol: ${protocol}`);
+    }
+    const hostname = parsedUrl.hostname.toLowerCase();
+    for (const blocked of BLOCKED_HOSTS) {
+        if (hostname === blocked) {
+            throw new Error(`Blocked URL host: ${hostname}`);
+        }
+    }
+    // Block link-local and private IPs (e.g., 10.x.x.x, 172.16-31.x.x, 192.168.x.x)
+    const ipMatch = hostname.match(/^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/);
+    if (ipMatch) {
+        const [, a, b] = ipMatch.map(Number);
+        if (a === 10 || (a === 172 && b >= 16 && b <= 31) || (a === 192 && b === 168) || a === 0) {
+            throw new Error(`Blocked private/internal IP: ${hostname}`);
+        }
+    }
     await mkdir(IMAGE_DIR, { recursive: true });
     const response = await fetch(url, { signal: AbortSignal.timeout(MEDIA_DOWNLOAD_TIMEOUT_MS) });
     if (!response.ok) {

package/dist/telegram/client.js

@@ -43,7 +43,9 @@ export async function initTelegram(config, setupHandlers) {
             // 不再 exit(1)，让其他通道继续运行
         }
     };
-    void launchWithRetry();
+    void launchWithRetry().catch((err) => {
+        log.error("Telegram launchWithRetry failed fatally:", err);
+    });
     log.info("Telegram bot launched");
 }
 export function stopTelegram() {

package/dist/telegram/event-handler.js

@@ -110,7 +110,9 @@ export function setupTelegramHandlers(bot, config, sessionManager) {
             try {
                 await sendTextReply(chatId, "启动 AI 处理失败，请重试。");
             }
-            catch { /* ignore */ }
+            catch (err) {
+                log.warn('Failed to send startup error reply:', err);
+            }
             return;
         }
         const stopTyping = startTypingLoop(chatId);
@@ -180,7 +182,8 @@ export function setupTelegramHandlers(bot, config, sessionManager) {
                     throttle.recordSuccess();
                     lastUpdateTime = Date.now();
                 }
-                catch {
+                catch (err) {
+                    log.debug('Stream update failed:', err);
                     throttle.recordError();
                 }
                 finally {

package/dist/telegram/message-sender.js

@@ -9,6 +9,15 @@ import { MAX_TELEGRAM_MESSAGE_LENGTH } from "../constants.js";
 import { listDirectories, buildDirectoryKeyboard, } from "../commands/handler.js";
 const log = createLogger("TgSender");
 const lastSentByMsg = new Map();
+// Periodic cleanup of orphaned entries (entries not cleaned by done/error)
+const LAST_SENT_MAX_AGE_MS = 30 * 60 * 1000; // 30 minutes
+setInterval(() => {
+    // lastSentByMsg doesn't store timestamps, so clear all entries periodically
+    // since they are just dedup cache entries, clearing is safe
+    if (lastSentByMsg.size > 0) {
+        lastSentByMsg.clear();
+    }
+}, LAST_SENT_MAX_AGE_MS);
 const STATUS_ICONS = {
     thinking: "🔵",
     streaming: "🔵",

package/dist/wechat/auth/qclaw-api.js

@@ -14,7 +14,7 @@ function nested(obj, ...keys) {
 export class QClawAPI {
     env;
     guid;
-    loginKey = 'm83qdao0AmE5';
+    loginKey = process.env.QCLAW_LOGIN_KEY || 'm83qdao0AmE5';
     jwtToken = '';
     userId = '';
     constructor(env, guid, jwtToken = '') {

package/dist/wechat/client.js

@@ -104,9 +104,28 @@ async function connectWebSocket(config) {
     }
     updateState('connecting');
     return new Promise((resolve, reject) => {
+        let settled = false;
+        // Connection timeout to prevent promise from hanging forever
+        const connectionTimeout = setTimeout(() => {
+            if (settled)
+                return;
+            settled = true;
+            const err = new Error('WeChat WebSocket connection timeout');
+            log.error(err.message);
+            updateState('error');
+            try {
+                ws?.close();
+            }
+            catch { /* ignore */ }
+            reject(err);
+        }, 30000);
         try {
             ws = new WebSocket(config.url);
             ws.on('open', () => {
+                if (settled)
+                    return;
+                settled = true;
+                clearTimeout(connectionTimeout);
                 log.info('WeChat WebSocket connected');
                 reconnectAttempts = 0;
                 updateState('connected');
@@ -125,18 +144,33 @@ async function connectWebSocket(config) {
                 }
             });
             ws.on('error', (err) => {
+                if (settled) {
+                    // Late error after connection was established — just log it
+                    log.error('WeChat WebSocket error (after open):', err);
+                    return;
+                }
+                settled = true;
+                clearTimeout(connectionTimeout);
                 log.error('WeChat WebSocket error:', err);
                 updateState('error');
                 reject(err);
             });
             ws.on('close', () => {
+                clearTimeout(connectionTimeout);
                 log.info('WeChat WebSocket closed');
                 stopHeartbeat();
                 updateState('disconnected');
+                if (!settled) {
+                    settled = true;
+                    reject(new Error('WeChat WebSocket closed before open'));
+                    return;
+                }
                 scheduleReconnect(config);
             });
         }
         catch (err) {
+            settled = true;
+            clearTimeout(connectionTimeout);
             log.error('Error creating WebSocket connection:', err);
             updateState('error');
             reject(err);

package/dist/wechat/event-handler.js

@@ -53,7 +53,8 @@ export function setupWeChatHandlers(config, sessionManager) {
             }
             return parsed;
         }
-        catch {
+        catch (err) {
+            log.debug('Failed to parse WeChat incoming message JSON:', err);
             return null;
         }
     }
@@ -90,8 +91,8 @@ export function setupWeChatHandlers(config, sessionManager) {
                     text: contextText,
                 });
             }
-            catch {
-                // Fall through to metadata-only prompt.
+            catch (err) {
+                log.warn('Failed to download WeChat media, falling back to metadata-only prompt:', err);
             }
         }
         return buildMediaMetadataPrompt({
@@ -133,7 +134,9 @@ export function setupWeChatHandlers(config, sessionManager) {
             try {
                 await sendTextReply(chatId, '启动 AI 处理失败，请重试。');
             }
-            catch { /* ignore */ }
+            catch (err) {
+                log.warn('Failed to send startup error reply:', err);
+            }
             return;
         }
         const stopTyping = startTypingLoop(chatId);

package/dist/wework/event-handler.js

@@ -121,7 +121,8 @@ export async function buildMediaPrompt(data, kind) {
                     text: contextText,
                 });
             }
-            catch {
+            catch (err) {
+                log.warn('Failed to download WeWork image, falling back to URL reference:', err);
                 imageReference = `Remote image URL: ${imagePayload.url}`;
             }
         }
@@ -146,8 +147,8 @@ export async function buildMediaPrompt(data, kind) {
                 text: contextText,
             });
         }
-        catch {
-            // Fall back to metadata-only prompt.
+        catch (err) {
+            log.warn('Failed to download WeWork media, falling back to metadata-only prompt:', err);
         }
     }
     return buildMediaMetadataPrompt({
@@ -196,7 +197,9 @@ export function setupWeWorkHandlers(config, sessionManager) {
                 try {
                     await sendTextReply(chatId, '启动 AI 处理失败，请重试。', reqId);
                 }
-                catch { /* ignore */ }
+                catch (err) {
+                    log.warn('Failed to send startup error reply:', err);
+                }
                 return;
             }
             const stopTyping = startTypingLoop(chatId);

package/dist/wework/message-sender.js

@@ -101,6 +101,18 @@ function formatWeWorkMessage(title, content, status, note) {
     return message;
 }
 const streamStates = new Map();
+// Periodic cleanup of expired/orphaned stream states
+const STREAM_CLEANUP_INTERVAL_MS = 5 * 60 * 1000; // 5 minutes
+setInterval(() => {
+    const now = Date.now();
+    for (const [id, state] of streamStates) {
+        if (now - state.createdAt >= STREAM_SAFE_TTL_MS) {
+            state.closed = true;
+            streamStates.delete(id);
+            log.info(`Cleaned up expired stream state: ${id}`);
+        }
+    }
+}, STREAM_CLEANUP_INTERVAL_MS);
 function sleep(ms) {
     return new Promise((resolve) => setTimeout(resolve, ms));
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@wu529778790/open-im",
-  "version": "1.8.1-beta.16",
+  "version": "1.8.1-beta.18",
   "description": "Multi-platform IM bridge for AI CLI tools (Claude, Codex, CodeBuddy)",
   "type": "module",
   "main": "dist/index.js",
@@ -46,7 +46,7 @@
     "url": "https://github.com/wu529778790/open-im/issues"
   },
   "dependencies": {
-    "@anthropic-ai/claude-agent-sdk": "^0.2.76",
+    "@anthropic-ai/claude-agent-sdk": "^0.2.86",
     "@larksuiteoapi/node-sdk": "^1.59.0",
     "@wu529778790/open-im": "^1.8.1-beta.8",
     "centrifuge": "^5.3.0",