npm - @yanhaidao/wecom - Versions diffs - 2.4.120 → 2.5.110 - Mend

@yanhaidao/wecom 2.4.120 → 2.5.110

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (323) hide show

package/README.md +4 -5
package/dist/index.js +68 -0
package/dist/src/accounts.js +20 -0
package/dist/src/agent/handler.js +895 -0
package/dist/src/agent/index.js +5 -0
package/dist/src/app/account-runtime.js +216 -0
package/dist/src/app/bootstrap.js +19 -0
package/dist/src/app/index.js +118 -0
package/dist/src/capability/agent/delivery-service.js +63 -0
package/dist/src/capability/agent/fallback-policy.js +6 -0
package/dist/src/capability/agent/ingress-service.js +33 -0
package/dist/src/capability/agent/upstream-delivery-service.js +71 -0
package/dist/src/capability/bot/dispatch-config.js +45 -0
package/dist/src/capability/bot/fallback-delivery.js +147 -0
package/dist/src/capability/bot/local-path-delivery.js +178 -0
package/dist/src/capability/bot/sandbox-media.js +138 -0
package/dist/src/capability/bot/service.js +49 -0
package/dist/src/capability/bot/stream-delivery.js +321 -0
package/dist/src/capability/bot/stream-finalizer.js +81 -0
package/dist/src/capability/bot/stream-orchestrator.js +318 -0
package/dist/src/capability/bot/types.js +1 -0
package/{src/capability/calendar/client.ts → dist/src/capability/calendar/client.js} +118 -241
package/{src/capability/calendar/schema.ts → dist/src/capability/calendar/schema.js} +0 -38
package/dist/src/capability/calendar/tool.js +365 -0
package/dist/src/capability/calendar/types.js +12 -0
package/{src/capability/doc/client.ts → dist/src/capability/doc/client.js} +370 -605
package/{src/capability/doc/schema.ts → dist/src/capability/doc/schema.js} +345 -394
package/dist/src/capability/doc/tool.js +1556 -0
package/dist/src/capability/doc/types.js +113 -0
package/dist/src/capability/mcp/index.js +3 -0
package/dist/src/capability/mcp/schema.js +102 -0
package/dist/src/capability/mcp/tool.js +146 -0
package/dist/src/capability/mcp/transport.js +293 -0
package/dist/src/channel.js +224 -0
package/dist/src/config/accounts.js +236 -0
package/dist/src/config/derived-paths.js +31 -0
package/dist/src/config/index.js +7 -0
package/dist/src/config/media.js +110 -0
package/dist/src/config/network.js +32 -0
package/dist/src/config/routing.js +20 -0
package/dist/src/config/runtime-config.js +25 -0
package/dist/src/config/schema.js +4 -0
package/{src/config-schema.ts → dist/src/config-schema.js} +1 -1
package/dist/src/context-store.js +219 -0
package/{src/crypto/aes.ts → dist/src/crypto/aes.js} +11 -28
package/dist/src/crypto/index.js +9 -0
package/{src/crypto/signature.ts → dist/src/crypto/signature.js} +3 -18
package/{src/crypto/xml.ts → dist/src/crypto/xml.js} +3 -11
package/dist/src/crypto.js +145 -0
package/dist/src/domain/models.js +1 -0
package/dist/src/domain/policies.js +32 -0
package/{src/dynamic-agent.ts → dist/src/dynamic-agent.js} +36 -73
package/dist/src/gateway-monitor.js +139 -0
package/dist/src/http.js +114 -0
package/{src/media.ts → dist/src/media.js} +21 -40
package/dist/src/monitor/limits.js +7 -0
package/dist/src/monitor/state.js +28 -0
package/dist/src/monitor.js +84 -0
package/dist/src/observability/audit-log.js +30 -0
package/dist/src/observability/legacy-operational-event-store.js +22 -0
package/dist/src/observability/raw-envelope-log.js +24 -0
package/dist/src/observability/status-registry.js +9 -0
package/dist/src/observability/transport-session-view.js +14 -0
package/dist/src/onboarding.js +546 -0
package/dist/src/outbound.js +557 -0
package/dist/src/runtime/dispatcher.js +57 -0
package/{src/runtime/index.ts → dist/src/runtime/index.js} +0 -1
package/dist/src/runtime/outbound-intent.js +1 -0
package/dist/src/runtime/reply-orchestrator.js +38 -0
package/dist/src/runtime/routing-bridge.js +26 -0
package/dist/src/runtime/session-manager.js +112 -0
package/dist/src/runtime/source-registry.js +174 -0
package/dist/src/runtime.js +1 -0
package/dist/src/shared/command-auth.js +57 -0
package/{src/shared/index.ts → dist/src/shared/index.js} +0 -1
package/dist/src/shared/media-asset.js +65 -0
package/dist/src/shared/media-service.js +59 -0
package/dist/src/shared/media-types.js +1 -0
package/{src/shared/xml-parser.ts → dist/src/shared/xml-parser.js} +72 -63
package/dist/src/store/active-reply-store.js +41 -0
package/dist/src/store/interfaces.js +1 -0
package/dist/src/store/memory-store.js +33 -0
package/dist/src/store/stream-batch-store.js +319 -0
package/{src/target.ts → dist/src/target.js} +15 -48
package/dist/src/transport/agent-api/client.js +168 -0
package/dist/src/transport/agent-api/core.js +337 -0
package/dist/src/transport/agent-api/delivery.js +28 -0
package/dist/src/transport/agent-api/media-upload.js +4 -0
package/dist/src/transport/agent-api/reply.js +24 -0
package/dist/src/transport/agent-api/upstream-delivery.js +30 -0
package/dist/src/transport/agent-api/upstream-media-upload.js +46 -0
package/dist/src/transport/agent-api/upstream-reply.js +26 -0
package/dist/src/transport/agent-callback/http-handler.js +30 -0
package/dist/src/transport/agent-callback/inbound.js +4 -0
package/dist/src/transport/agent-callback/reply.js +8 -0
package/dist/src/transport/agent-callback/request-handler.js +189 -0
package/dist/src/transport/agent-callback/session.js +15 -0
package/dist/src/transport/bot-webhook/active-reply.js +27 -0
package/dist/src/transport/bot-webhook/http-handler.js +31 -0
package/dist/src/transport/bot-webhook/inbound-normalizer.js +496 -0
package/dist/src/transport/bot-webhook/inbound.js +4 -0
package/dist/src/transport/bot-webhook/message-shape.js +98 -0
package/dist/src/transport/bot-webhook/protocol.js +124 -0
package/dist/src/transport/bot-webhook/reply.js +9 -0
package/dist/src/transport/bot-webhook/request-handler.js +285 -0
package/dist/src/transport/bot-webhook/session.js +15 -0
package/dist/src/transport/bot-ws/inbound.js +147 -0
package/dist/src/transport/bot-ws/media.js +236 -0
package/dist/src/transport/bot-ws/reply.js +310 -0
package/dist/src/transport/bot-ws/sdk-adapter.js +257 -0
package/dist/src/transport/bot-ws/session.js +15 -0
package/dist/src/transport/http/common.js +78 -0
package/dist/src/transport/http/registry.js +71 -0
package/dist/src/transport/http/request-handler.js +51 -0
package/{src/transport/index.ts → dist/src/transport/index.js} +2 -10
package/dist/src/types/account.js +1 -0
package/dist/src/types/config.js +1 -0
package/dist/src/types/constants.js +28 -0
package/dist/src/types/events.js +1 -0
package/dist/src/types/index.js +1 -0
package/dist/src/types/legacy-stream.js +1 -0
package/dist/src/types/message.js +5 -0
package/dist/src/types/runtime-context.js +1 -0
package/dist/src/types/runtime.js +1 -0
package/dist/src/types.js +1 -0
package/dist/src/upstream/index.js +111 -0
package/dist/src/wecom_msg_adapter/markdown_adapter.js +280 -0
package/openclaw.plugin.json +15 -0
package/package.json +18 -1
package/.github/workflows/release.yml +0 -143
package/GOVERNANCE.md +0 -26
package/MENU_EVENT_CONF.md +0 -500
package/MENU_EVENT_PLAN.md +0 -440
package/SKILLS_CAL.md +0 -895
package/SKILLS_DOC.md +0 -2288
package/UPSTREAM_CONFIG.md +0 -170
package/UPSTREAM_PLAN.md +0 -175
package/assets/01.bot-add.png +0 -0
package/assets/01.bot-setp2.png +0 -0
package/assets/01.image.jpg +0 -0
package/assets/02.agent.add.png +0 -0
package/assets/02.agent.api-set.png +0 -0
package/assets/02.image.jpg +0 -0
package/assets/03.agent.page.png +0 -0
package/assets/03.bot.page.png +0 -0
package/assets/link-me.jpg +0 -0
package/assets/register.png +0 -0
package/changelog/v2.2.28.md +0 -70
package/changelog/v2.3.10.md +0 -17
package/changelog/v2.3.11.md +0 -19
package/changelog/v2.3.12.md +0 -25
package/changelog/v2.3.13.md +0 -19
package/changelog/v2.3.14.md +0 -48
package/changelog/v2.3.15.md +0 -15
package/changelog/v2.3.16.md +0 -11
package/changelog/v2.3.18.md +0 -22
package/changelog/v2.3.19.md +0 -73
package/changelog/v2.3.2.md +0 -28
package/changelog/v2.3.26.md +0 -21
package/changelog/v2.3.27.md +0 -33
package/changelog/v2.3.4.md +0 -20
package/changelog/v2.3.9.md +0 -22
package/changelog/v2.4.12.md +0 -37
package/compat-single-account.md +0 -148
package/index.test.ts +0 -38
package/scripts/test-proxy.ts +0 -70
package/scripts/wecom/README.md +0 -123
package/scripts/wecom/menu-click-help.js +0 -59
package/scripts/wecom/menu-click-help.py +0 -55
package/src/accounts.ts +0 -34
package/src/agent/api-client.upload.test.ts +0 -109
package/src/agent/event-router.test.ts +0 -421
package/src/agent/event-router.ts +0 -272
package/src/agent/handler.event-filter.test.ts +0 -135
package/src/agent/handler.ts +0 -1250
package/src/agent/index.ts +0 -12
package/src/agent/script-runner.ts +0 -186
package/src/agent/test-fixtures/invalid-json-script.mjs +0 -1
package/src/agent/test-fixtures/reply-event-script.mjs +0 -29
package/src/agent/test-fixtures/reply-event-script.py +0 -17
package/src/app/account-runtime.ts +0 -276
package/src/app/bootstrap.ts +0 -29
package/src/app/index.ts +0 -192
package/src/capability/agent/delivery-service.ts +0 -87
package/src/capability/agent/fallback-policy.ts +0 -13
package/src/capability/agent/ingress-service.ts +0 -38
package/src/capability/agent/upstream-delivery-service.ts +0 -96
package/src/capability/bot/dispatch-config.ts +0 -47
package/src/capability/bot/fallback-delivery.ts +0 -178
package/src/capability/bot/local-path-delivery.ts +0 -215
package/src/capability/bot/sandbox-media.test.ts +0 -221
package/src/capability/bot/sandbox-media.ts +0 -176
package/src/capability/bot/service.ts +0 -56
package/src/capability/bot/stream-delivery.ts +0 -379
package/src/capability/bot/stream-finalizer.ts +0 -120
package/src/capability/bot/stream-orchestrator.ts +0 -371
package/src/capability/bot/types.ts +0 -8
package/src/capability/calendar/SKILLS_CHECKLIST.md +0 -251
package/src/capability/calendar/tool.ts +0 -417
package/src/capability/calendar/types.ts +0 -309
package/src/capability/doc/tool.ts +0 -1629
package/src/capability/doc/types.ts +0 -792
package/src/capability/mcp/index.ts +0 -10
package/src/capability/mcp/schema.ts +0 -107
package/src/capability/mcp/tool.ts +0 -174
package/src/capability/mcp/transport.ts +0 -394
package/src/channel.config.test.ts +0 -180
package/src/channel.lifecycle.test.ts +0 -255
package/src/channel.meta.test.ts +0 -26
package/src/channel.ts +0 -256
package/src/config/accounts.resolve.test.ts +0 -75
package/src/config/accounts.ts +0 -312
package/src/config/derived-paths.test.ts +0 -111
package/src/config/derived-paths.ts +0 -41
package/src/config/index.ts +0 -22
package/src/config/media.test.ts +0 -113
package/src/config/media.ts +0 -139
package/src/config/network.ts +0 -20
package/src/config/routing.test.ts +0 -88
package/src/config/routing.ts +0 -26
package/src/config/runtime-config.ts +0 -46
package/src/config/schema.ts +0 -144
package/src/context-store.ts +0 -297
package/src/crypto/index.ts +0 -24
package/src/crypto.test.ts +0 -32
package/src/crypto.ts +0 -176
package/src/domain/models.ts +0 -7
package/src/domain/policies.ts +0 -36
package/src/dynamic-agent.account-scope.test.ts +0 -17
package/src/gateway-monitor.ts +0 -181
package/src/http.ts +0 -137
package/src/media.test.ts +0 -82
package/src/monitor/limits.ts +0 -7
package/src/monitor/state.queue.test.ts +0 -185
package/src/monitor/state.ts +0 -34
package/src/monitor.active.test.ts +0 -245
package/src/monitor.inbound-filter.test.ts +0 -63
package/src/monitor.integration.test.ts +0 -208
package/src/monitor.ts +0 -121
package/src/monitor.webhook.test.ts +0 -774
package/src/observability/audit-log.ts +0 -48
package/src/observability/legacy-operational-event-store.ts +0 -36
package/src/observability/raw-envelope-log.ts +0 -28
package/src/observability/status-registry.ts +0 -13
package/src/observability/transport-session-view.ts +0 -14
package/src/onboarding.test.ts +0 -336
package/src/onboarding.ts +0 -704
package/src/outbound.test.ts +0 -1271
package/src/outbound.ts +0 -746
package/src/runtime/dispatcher.ts +0 -71
package/src/runtime/outbound-intent.ts +0 -4
package/src/runtime/reply-orchestrator.test.ts +0 -71
package/src/runtime/reply-orchestrator.ts +0 -67
package/src/runtime/routing-bridge.test.ts +0 -115
package/src/runtime/routing-bridge.ts +0 -44
package/src/runtime/session-manager.test.ts +0 -174
package/src/runtime/session-manager.ts +0 -139
package/src/runtime/source-registry.ts +0 -249
package/src/runtime.ts +0 -14
package/src/shared/command-auth.ts +0 -87
package/src/shared/media-asset.ts +0 -78
package/src/shared/media-service.test.ts +0 -111
package/src/shared/media-service.ts +0 -84
package/src/shared/media-types.ts +0 -5
package/src/shared/xml-parser.test.ts +0 -50
package/src/store/active-reply-store.ts +0 -42
package/src/store/interfaces.ts +0 -11
package/src/store/memory-store.ts +0 -43
package/src/store/stream-batch-store.ts +0 -350
package/src/transport/agent-api/client.ts +0 -277
package/src/transport/agent-api/core.ts +0 -463
package/src/transport/agent-api/delivery.ts +0 -41
package/src/transport/agent-api/media-upload.ts +0 -11
package/src/transport/agent-api/reply.ts +0 -39
package/src/transport/agent-api/upstream-delivery.ts +0 -45
package/src/transport/agent-api/upstream-media-upload.ts +0 -70
package/src/transport/agent-api/upstream-reply.ts +0 -43
package/src/transport/agent-callback/http-handler.ts +0 -47
package/src/transport/agent-callback/inbound.ts +0 -5
package/src/transport/agent-callback/reply.ts +0 -13
package/src/transport/agent-callback/request-handler.ts +0 -244
package/src/transport/agent-callback/session.ts +0 -23
package/src/transport/bot-webhook/active-reply.ts +0 -39
package/src/transport/bot-webhook/http-handler.ts +0 -48
package/src/transport/bot-webhook/inbound-normalizer.ts +0 -371
package/src/transport/bot-webhook/inbound.ts +0 -5
package/src/transport/bot-webhook/message-shape.ts +0 -89
package/src/transport/bot-webhook/protocol.ts +0 -148
package/src/transport/bot-webhook/reply.ts +0 -15
package/src/transport/bot-webhook/request-handler.ts +0 -394
package/src/transport/bot-webhook/session.ts +0 -23
package/src/transport/bot-ws/inbound.test.ts +0 -96
package/src/transport/bot-ws/inbound.ts +0 -116
package/src/transport/bot-ws/media.test.ts +0 -44
package/src/transport/bot-ws/media.ts +0 -321
package/src/transport/bot-ws/reply.test.ts +0 -450
package/src/transport/bot-ws/reply.ts +0 -365
package/src/transport/bot-ws/sdk-adapter.test.ts +0 -187
package/src/transport/bot-ws/sdk-adapter.ts +0 -314
package/src/transport/bot-ws/session.ts +0 -28
package/src/transport/http/common.ts +0 -109
package/src/transport/http/registry.ts +0 -92
package/src/transport/http/request-handler.ts +0 -84
package/src/types/account.ts +0 -72
package/src/types/config.ts +0 -166
package/src/types/constants.ts +0 -31
package/src/types/events.ts +0 -21
package/src/types/global.d.ts +0 -9
package/src/types/index.ts +0 -17
package/src/types/legacy-stream.ts +0 -50
package/src/types/message.ts +0 -187
package/src/types/runtime-context.ts +0 -28
package/src/types/runtime.ts +0 -165
package/src/types.ts +0 -41
package/src/upstream/index.ts +0 -150
package/src/upstream.test.ts +0 -84
package/src/wecom_msg_adapter/markdown_adapter.ts +0 -331
package/tsconfig.json +0 -22
package/vitest.config.ts +0 -26
/package/{src/capability/agent/index.ts → dist/src/capability/agent/index.js} +0 -0
/package/{src/capability/bot/index.ts → dist/src/capability/bot/index.js} +0 -0
/package/{src/capability/calendar/index.ts → dist/src/capability/calendar/index.js} +0 -0
/package/{src/capability/index.ts → dist/src/capability/index.js} +0 -0

package/dist/src/runtime/session-manager.js ADDED Viewed

@@ -0,0 +1,112 @@
+import { getPeerContextToken } from "../context-store.js";
+import { buildWecomContextTarget } from "../target.js";
+import { resolveRuntimeRoute } from "./routing-bridge.js";
+import { registerWecomSourceSnapshot } from "./source-registry.js";
+function readContextSessionId(ctx) {
+    const sessionId = "SessionId" in ctx ? ctx.SessionId : undefined;
+    return typeof sessionId === "string" && sessionId.trim() ? sessionId.trim() : undefined;
+}
+export async function prepareInboundSession(params) {
+    const { core, cfg, event, mediaService } = params;
+    const route = resolveRuntimeRoute({ core, cfg, event });
+    const source = event.transport === "bot-ws"
+        ? "bot-ws"
+        : event.transport === "agent-callback"
+            ? "agent-callback"
+            : undefined;
+    if (source) {
+        registerWecomSourceSnapshot({
+            accountId: event.accountId,
+            source,
+            messageId: event.messageId,
+            sessionKey: route.sessionKey,
+            peerKind: event.conversation.peerKind,
+            peerId: event.conversation.peerId,
+        });
+    }
+    const storePath = core.channel.session.resolveStorePath(cfg.session?.store, {
+        agentId: route.agentId,
+    });
+    const previousTimestamp = core.channel.session.readSessionUpdatedAt({
+        storePath,
+        sessionKey: route.sessionKey,
+    });
+    const envelopeOptions = core.channel.reply.resolveEnvelopeFormatOptions(cfg);
+    const body = core.channel.reply.formatAgentEnvelope({
+        channel: "WeCom",
+        from: `${event.conversation.peerKind}:${event.conversation.peerId}`,
+        previousTimestamp,
+        envelope: envelopeOptions,
+        body: event.text,
+    });
+    const firstAttachment = await mediaService.normalizeFirstAttachment(event);
+    const mediaPath = firstAttachment
+        ? await mediaService.saveInboundAttachment(event, firstAttachment)
+        : undefined;
+    const defaultOriginatingTo = event.conversation.peerKind === "group"
+        ? `wecom:group:${event.conversation.peerId}`
+        : `wecom:user:${event.conversation.peerId}`;
+    const contextToken = event.transport === "bot-ws"
+        ? getPeerContextToken(event.accountId, event.conversation.peerId)
+        : undefined;
+    const originatingTo = contextToken
+        ? buildWecomContextTarget(contextToken)
+        : defaultOriginatingTo;
+    const providerContext = event.transport === "bot-ws"
+        ? {
+            // Bot WS inbound turns already have a live reply handle bound to the
+            // current req_id. Mark the current surface as WeCom so core final text
+            // stays on that handle and replaces the placeholder instead of being
+            // re-routed as a second active-push message.
+            Provider: "wecom",
+            Surface: "wecom",
+        }
+        : {
+            Provider: "wecom",
+        };
+    const ctx = core.channel.reply.finalizeInboundContext({
+        Body: body,
+        RawBody: event.text,
+        CommandBody: event.text,
+        From: event.conversation.peerKind === "group"
+            ? `wecom:group:${event.conversation.peerId}`
+            : `wecom:user:${event.conversation.senderId}`,
+        To: event.conversation.peerKind === "group"
+            ? `wecom:group:${event.conversation.peerId}`
+            : `wecom:user:${event.conversation.peerId}`,
+        SessionKey: route.sessionKey,
+        AccountId: route.accountId,
+        ChatType: event.conversation.peerKind,
+        ConversationLabel: `${event.conversation.peerKind}:${event.conversation.peerId}`,
+        SenderName: event.senderName ?? event.conversation.senderId,
+        SenderId: event.conversation.senderId,
+        // Keep Originating* populated so explicit route-to-origin flows and message
+        // tools can still resolve the active peer context when needed.
+        ...providerContext,
+        OriginatingChannel: "wecom",
+        OriginatingTo: originatingTo,
+        MessageSid: event.messageId,
+        CommandAuthorized: true,
+        MediaPath: mediaPath,
+        MediaUrl: mediaPath,
+        MediaType: firstAttachment?.contentType,
+    });
+    if (source) {
+        registerWecomSourceSnapshot({
+            accountId: event.accountId,
+            source,
+            messageId: event.messageId,
+            sessionKey: ctx.SessionKey ?? route.sessionKey,
+            sessionId: readContextSessionId(ctx),
+            peerKind: event.conversation.peerKind,
+            peerId: event.conversation.peerId,
+        });
+    }
+    await core.channel.session.recordInboundSession({
+        storePath,
+        sessionKey: ctx.SessionKey ?? route.sessionKey,
+        ctx,
+        onRecordError: () => { },
+    });
+    return { route, ctx, storePath };
+}

package/dist/src/runtime/source-registry.js ADDED Viewed

@@ -0,0 +1,174 @@
+const MAX_MESSAGE_FACTS = 2048;
+const MAX_SESSION_SNAPSHOTS = 1024;
+const MAX_CONVERSATION_SNAPSHOTS = 1024;
+const messageFacts = new Map();
+const sessionSnapshotsByAccountKey = new Map();
+const sessionSnapshotsByLooseKey = new Map();
+const conversationSnapshotsByAccountKey = new Map();
+const conversationSnapshotsByLooseKey = new Map();
+function normalizeOptional(value) {
+    const trimmed = String(value ?? "").trim();
+    return trimmed || undefined;
+}
+function messageFactKey(accountId, messageId) {
+    return `${accountId}::${messageId}`;
+}
+function accountScopedSessionKey(accountId, kind, value) {
+    return `${accountId}::${kind}::${value}`;
+}
+function normalizePeerId(value) {
+    const trimmed = String(value ?? "").trim();
+    return trimmed ? trimmed.toLowerCase() : undefined;
+}
+function normalizePeerKind(value) {
+    const trimmed = String(value ?? "").trim().toLowerCase();
+    return trimmed === "direct" || trimmed === "group" ? trimmed : undefined;
+}
+function accountScopedConversationKey(accountId, peerKind, peerId) {
+    return `${accountId}::peer::${peerKind}::${peerId}`;
+}
+function pruneOldest(map, maxSize) {
+    while (map.size > maxSize) {
+        const oldestKey = map.keys().next().value;
+        if (!oldestKey)
+            return;
+        map.delete(oldestKey);
+    }
+}
+function writeSessionSnapshot(snapshot) {
+    const sessionKey = normalizeOptional(snapshot.sessionKey);
+    const sessionId = normalizeOptional(snapshot.sessionId);
+    if (sessionKey) {
+        sessionSnapshotsByAccountKey.set(accountScopedSessionKey(snapshot.accountId, "sessionKey", sessionKey), snapshot);
+        sessionSnapshotsByLooseKey.set(`sessionKey::${sessionKey}`, snapshot);
+    }
+    if (sessionId) {
+        sessionSnapshotsByAccountKey.set(accountScopedSessionKey(snapshot.accountId, "sessionId", sessionId), snapshot);
+        sessionSnapshotsByLooseKey.set(`sessionId::${sessionId}`, snapshot);
+    }
+    pruneOldest(sessionSnapshotsByAccountKey, MAX_SESSION_SNAPSHOTS * 2);
+    pruneOldest(sessionSnapshotsByLooseKey, MAX_SESSION_SNAPSHOTS * 2);
+}
+function writeConversationSnapshot(snapshot) {
+    const peerKind = normalizePeerKind(snapshot.peerKind);
+    const peerId = normalizePeerId(snapshot.peerId);
+    if (!peerKind || !peerId) {
+        return;
+    }
+    conversationSnapshotsByAccountKey.set(accountScopedConversationKey(snapshot.accountId, peerKind, peerId), {
+        ...snapshot,
+        peerKind,
+        peerId,
+    });
+    conversationSnapshotsByLooseKey.set(`peer::${peerKind}::${peerId}`, {
+        ...snapshot,
+        peerKind,
+        peerId,
+    });
+    pruneOldest(conversationSnapshotsByAccountKey, MAX_CONVERSATION_SNAPSHOTS);
+    pruneOldest(conversationSnapshotsByLooseKey, MAX_CONVERSATION_SNAPSHOTS);
+}
+export function registerWecomSourceSnapshot(params) {
+    const accountId = normalizeOptional(params.accountId);
+    if (!accountId)
+        return;
+    const snapshot = {
+        accountId,
+        source: params.source,
+        recordedAt: Date.now(),
+        ...(normalizeOptional(params.messageId)
+            ? { messageId: normalizeOptional(params.messageId) }
+            : {}),
+        ...(normalizeOptional(params.sessionKey)
+            ? { sessionKey: normalizeOptional(params.sessionKey) }
+            : {}),
+        ...(normalizeOptional(params.sessionId)
+            ? { sessionId: normalizeOptional(params.sessionId) }
+            : {}),
+        ...(normalizePeerKind(params.peerKind) ? { peerKind: normalizePeerKind(params.peerKind) } : {}),
+        ...(normalizePeerId(params.peerId) ? { peerId: normalizePeerId(params.peerId) } : {}),
+        ...(normalizeOptional(params.upstreamCorpId)
+            ? { upstreamCorpId: normalizeOptional(params.upstreamCorpId) }
+            : {}),
+    };
+    if (snapshot.messageId) {
+        messageFacts.set(messageFactKey(accountId, snapshot.messageId), snapshot);
+        pruneOldest(messageFacts, MAX_MESSAGE_FACTS);
+    }
+    writeSessionSnapshot(snapshot);
+    writeConversationSnapshot(snapshot);
+}
+export function resolveWecomSourceSnapshot(params) {
+    const accountId = normalizeOptional(params.accountId);
+    const sessionKey = normalizeOptional(params.sessionKey);
+    const sessionId = normalizeOptional(params.sessionId);
+    const peerKind = normalizePeerKind(params.peerKind);
+    const peerId = normalizePeerId(params.peerId);
+    if (accountId && sessionKey) {
+        const scoped = sessionSnapshotsByAccountKey.get(accountScopedSessionKey(accountId, "sessionKey", sessionKey));
+        if (scoped)
+            return scoped;
+    }
+    if (accountId && sessionId) {
+        const scoped = sessionSnapshotsByAccountKey.get(accountScopedSessionKey(accountId, "sessionId", sessionId));
+        if (scoped)
+            return scoped;
+    }
+    if (sessionKey) {
+        const loose = sessionSnapshotsByLooseKey.get(`sessionKey::${sessionKey}`);
+        if (loose)
+            return loose;
+    }
+    if (sessionId) {
+        const loose = sessionSnapshotsByLooseKey.get(`sessionId::${sessionId}`);
+        if (loose)
+            return loose;
+    }
+    if (accountId && peerKind && peerId) {
+        const scoped = conversationSnapshotsByAccountKey.get(accountScopedConversationKey(accountId, peerKind, peerId));
+        if (scoped)
+            return scoped;
+    }
+    if (peerKind && peerId) {
+        const loose = conversationSnapshotsByLooseKey.get(`peer::${peerKind}::${peerId}`);
+        if (loose)
+            return loose;
+    }
+    return undefined;
+}
+export function clearWecomSourceAccount(accountId) {
+    const normalized = normalizeOptional(accountId);
+    if (!normalized)
+        return;
+    for (const [key, value] of messageFacts) {
+        if (value.accountId === normalized || key.startsWith(`${normalized}::`)) {
+            messageFacts.delete(key);
+        }
+    }
+    for (const [key, value] of sessionSnapshotsByAccountKey) {
+        if (value.accountId === normalized || key.startsWith(`${normalized}::`)) {
+            sessionSnapshotsByAccountKey.delete(key);
+        }
+    }
+    for (const [key, value] of sessionSnapshotsByLooseKey) {
+        if (value.accountId === normalized) {
+            sessionSnapshotsByLooseKey.delete(key);
+        }
+    }
+    for (const [key, value] of conversationSnapshotsByAccountKey) {
+        if (value.accountId === normalized || key.startsWith(`${normalized}::`)) {
+            conversationSnapshotsByAccountKey.delete(key);
+        }
+    }
+    for (const [key, value] of conversationSnapshotsByLooseKey) {
+        if (value.accountId === normalized) {
+            conversationSnapshotsByLooseKey.delete(key);
+        }
+    }
+}
+export function isWecomBotWsSource(params) {
+    return resolveWecomSourceSnapshot(params)?.source === "bot-ws";
+}
+export function isWecomAgentSource(params) {
+    return resolveWecomSourceSnapshot(params)?.source === "agent-callback";
+}

package/dist/src/runtime.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ export { getActiveBotWsReplyHandle, getAccountRuntime, getAccountRuntimeSnapshot, getBotWsPushHandle, getWecomRuntime, registerActiveBotWsReplyHandle, registerAccountRuntime, registerBotWsPushHandle, setWecomRuntime, unregisterActiveBotWsReplyHandle, unregisterBotWsPushHandle, unregisterAccountRuntime, } from "./app/index.js";

package/dist/src/shared/command-auth.js ADDED Viewed

@@ -0,0 +1,57 @@
+import { isWecomSenderAllowed, normalizeWecomAllowFromEntry } from "../domain/policies.js";
+export async function resolveWecomCommandAuthorization(params) {
+    const { core, cfg, accountConfig, rawBody, senderUserId } = params;
+    const dmPolicy = (accountConfig.dm?.policy ?? "pairing");
+    const configAllowFrom = (accountConfig.dm?.allowFrom ?? []).map((v) => String(v));
+    const shouldComputeAuth = core.channel.commands.shouldComputeCommandAuthorized(rawBody, cfg);
+    // WeCom channel currently does NOT support the `openclaw pairing` CLI workflow
+    // ("Channel wecom does not support pairing"). So we must not rely on pairing
+    // store approvals for command authorization here.
+    //
+    // Policy semantics:
+    // - open: commands are allowed for everyone by default (unless higher-level access-groups deny).
+    // - allowlist: commands require allowFrom entries.
+    // - pairing: treated the same as allowlist for WeCom (since pairing CLI is unsupported).
+    const effectiveAllowFrom = dmPolicy === "open" ? ["*"] : configAllowFrom;
+    const senderAllowed = isWecomSenderAllowed(senderUserId, effectiveAllowFrom);
+    const allowAllConfigured = effectiveAllowFrom.some((entry) => normalizeWecomAllowFromEntry(entry) === "*");
+    const authorizerConfigured = allowAllConfigured || effectiveAllowFrom.length > 0;
+    const useAccessGroups = cfg.commands?.useAccessGroups !== false;
+    const commandAuthorized = shouldComputeAuth
+        ? core.channel.commands.resolveCommandAuthorizedFromAuthorizers({
+            useAccessGroups,
+            authorizers: [{ configured: authorizerConfigured, allowed: senderAllowed }],
+        })
+        : undefined;
+    return {
+        shouldComputeAuth,
+        dmPolicy,
+        senderAllowed,
+        authorizerConfigured,
+        commandAuthorized,
+        effectiveAllowFrom,
+    };
+}
+export function buildWecomUnauthorizedCommandPrompt(params) {
+    const user = params.senderUserId || "unknown";
+    const policy = params.dmPolicy;
+    const scopeLabel = params.scope === "bot" ? "Bot（智能机器人）" : "Agent（自建应用）";
+    const dmPrefix = params.scope === "bot" ? "channels.wecom.bot.dm" : "channels.wecom.agent.dm";
+    const allowCmd = (value) => `openclaw config set ${dmPrefix}.allowFrom '${value}'`;
+    const policyCmd = (value) => `openclaw config set ${dmPrefix}.policy "${value}"`;
+    if (policy === "disabled") {
+        return [
+            `无权限执行命令（${scopeLabel} 已禁用：dm.policy=disabled）`,
+            `触发者：${user}`,
+            `管理员：${policyCmd("open")}（全放开）或 ${policyCmd("allowlist")}（白名单）`,
+        ].join("\n");
+    }
+    // WeCom 不支持 pairing CLI，因此这里统一给出“open / allowlist”两种明确的配置指令
+    return [
+        `无权限执行命令（入口：${scopeLabel}，userid：${user}）`,
+        `管理员全放开：${policyCmd("open")}`,
+        `管理员放行该用户：${policyCmd("allowlist")}`,
+        `然后设置白名单：${allowCmd(JSON.stringify([user]))}`,
+        `如果仍被拦截：检查 commands.useAccessGroups/访问组`,
+    ].join("\n");
+}

package/{src/shared/index.ts → dist/src/shared/index.js} RENAMED Viewed

@@ -1,5 +1,4 @@
 /**
  * WeCom Shared 模块导出
  */
 export { parseXml, extractMsgType, extractFromUser, extractContent, extractChatId, extractToUser } from "./xml-parser.js";

package/dist/src/shared/media-asset.js ADDED Viewed

@@ -0,0 +1,65 @@
+import path from "node:path";
+import { resolveWecomEgressProxyUrlFromNetwork } from "../config/index.js";
+import { wecomFetch } from "../http.js";
+function inferContentTypeFromFilePath(filePath) {
+    const ext = path.extname(filePath).slice(1).toLowerCase();
+    const mimeTypes = {
+        jpg: "image/jpeg",
+        jpeg: "image/jpeg",
+        png: "image/png",
+        gif: "image/gif",
+        webp: "image/webp",
+        bmp: "image/bmp",
+        mp3: "audio/mpeg",
+        wav: "audio/wav",
+        amr: "audio/amr",
+        mp4: "video/mp4",
+        pdf: "application/pdf",
+        doc: "application/msword",
+        docx: "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
+        xls: "application/vnd.ms-excel",
+        xlsx: "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet",
+        ppt: "application/vnd.ms-powerpoint",
+        pptx: "application/vnd.openxmlformats-officedocument.presentationml.presentation",
+        txt: "text/plain",
+        csv: "text/csv",
+        tsv: "text/tab-separated-values",
+        md: "text/markdown",
+        json: "application/json",
+        xml: "application/xml",
+        yaml: "application/yaml",
+        yml: "application/yaml",
+        zip: "application/zip",
+        rar: "application/vnd.rar",
+        "7z": "application/x-7z-compressed",
+        tar: "application/x-tar",
+        gz: "application/gzip",
+        tgz: "application/gzip",
+        rtf: "application/rtf",
+        odt: "application/vnd.oasis.opendocument.text",
+    };
+    return mimeTypes[ext] || "application/octet-stream";
+}
+export async function resolveOutboundMediaAsset(params) {
+    const { mediaUrl, network, timeoutMs = 30000 } = params;
+    if (/^https?:\/\//i.test(mediaUrl)) {
+        const response = await wecomFetch(mediaUrl, { method: "GET" }, {
+            proxyUrl: resolveWecomEgressProxyUrlFromNetwork(network),
+            timeoutMs,
+        });
+        if (!response.ok) {
+            throw new Error(`Failed to download media: ${response.status}`);
+        }
+        const buffer = Buffer.from(await response.arrayBuffer());
+        const contentType = response.headers.get("content-type") || "application/octet-stream";
+        const filename = path.basename(new URL(mediaUrl).pathname) || "media";
+        return { buffer, filename, contentType };
+    }
+    const fs = await import("node:fs/promises");
+    const buffer = await fs.readFile(mediaUrl);
+    return {
+        buffer,
+        filename: path.basename(mediaUrl),
+        contentType: inferContentTypeFromFilePath(mediaUrl),
+    };
+}

package/dist/src/shared/media-service.js ADDED Viewed

@@ -0,0 +1,59 @@
+import { resolveWecomMediaMaxBytes } from "../config/index.js";
+import { decryptWecomMediaWithMeta } from "../media.js";
+export class WecomMediaService {
+    core;
+    cfg;
+    constructor(core, cfg) {
+        this.core = core;
+        this.cfg = cfg;
+    }
+    resolveInboundMaxBytes(accountId) {
+        return resolveWecomMediaMaxBytes(this.cfg, accountId);
+    }
+    async downloadRemoteMedia(params) {
+        const loaded = await this.core.channel.media.fetchRemoteMedia({
+            url: params.url,
+            maxBytes: params.maxBytes,
+        });
+        return {
+            buffer: loaded.buffer,
+            contentType: loaded.contentType,
+            filename: loaded.fileName,
+        };
+    }
+    /**
+     * Download and decrypt WeCom AES-encrypted media.
+     * Bot-ws: each message carries a unique per-URL aeskey in the message body.
+     * Bot-webhook: uses the account-level EncodingAESKey.
+     * Both use AES-256-CBC with PKCS#7 padding (32-byte block), IV = key[:16].
+     */
+    async downloadEncryptedMedia(params) {
+        const decrypted = await decryptWecomMediaWithMeta(params.url, params.aesKey, {
+            maxBytes: params.maxBytes,
+        });
+        return {
+            buffer: decrypted.buffer,
+            contentType: decrypted.sourceContentType,
+            filename: decrypted.sourceFilename,
+        };
+    }
+    async saveInboundAttachment(event, attachment) {
+        const maxBytes = this.resolveInboundMaxBytes(event.accountId);
+        const saved = await this.core.channel.media.saveMediaBuffer(attachment.buffer, attachment.contentType, "inbound", maxBytes, attachment.filename);
+        return saved.path;
+    }
+    async normalizeFirstAttachment(event) {
+        const first = event.attachments?.[0];
+        if (!first?.remoteUrl) {
+            return undefined;
+        }
+        // Keep fetch/decrypt/save on the same account-aware limit instead of falling back
+        // to the core media store default (5MB).
+        const maxBytes = this.resolveInboundMaxBytes(event.accountId);
+        // Bot-ws media is AES-encrypted; use decryption when aesKey is present
+        if (first.aesKey) {
+            return this.downloadEncryptedMedia({ url: first.remoteUrl, aesKey: first.aesKey, maxBytes });
+        }
+        return this.downloadRemoteMedia({ url: first.remoteUrl, maxBytes });
+    }
+}

package/dist/src/shared/media-types.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ export {};