npm - @yanhaidao/wecom - Versions diffs - 2.4.160 → 2.5.110 - Mend

@yanhaidao/wecom 2.4.160 → 2.5.110

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (313) hide show

package/dist/index.js +68 -0
package/dist/src/accounts.js +20 -0
package/dist/src/agent/handler.js +895 -0
package/dist/src/agent/index.js +5 -0
package/dist/src/app/account-runtime.js +216 -0
package/dist/src/app/bootstrap.js +19 -0
package/dist/src/app/index.js +118 -0
package/dist/src/capability/agent/delivery-service.js +63 -0
package/dist/src/capability/agent/fallback-policy.js +6 -0
package/dist/src/capability/agent/ingress-service.js +33 -0
package/dist/src/capability/agent/upstream-delivery-service.js +71 -0
package/dist/src/capability/bot/dispatch-config.js +45 -0
package/dist/src/capability/bot/fallback-delivery.js +147 -0
package/dist/src/capability/bot/local-path-delivery.js +178 -0
package/dist/src/capability/bot/sandbox-media.js +138 -0
package/dist/src/capability/bot/service.js +49 -0
package/dist/src/capability/bot/stream-delivery.js +321 -0
package/dist/src/capability/bot/stream-finalizer.js +81 -0
package/dist/src/capability/bot/stream-orchestrator.js +318 -0
package/dist/src/capability/bot/types.js +1 -0
package/{src/capability/calendar/client.ts → dist/src/capability/calendar/client.js} +118 -241
package/{src/capability/calendar/schema.ts → dist/src/capability/calendar/schema.js} +0 -38
package/dist/src/capability/calendar/tool.js +365 -0
package/dist/src/capability/calendar/types.js +12 -0
package/{src/capability/doc/client.ts → dist/src/capability/doc/client.js} +370 -605
package/{src/capability/doc/schema.ts → dist/src/capability/doc/schema.js} +345 -394
package/dist/src/capability/doc/tool.js +1556 -0
package/dist/src/capability/doc/types.js +113 -0
package/dist/src/capability/mcp/index.js +3 -0
package/dist/src/capability/mcp/schema.js +102 -0
package/dist/src/capability/mcp/tool.js +146 -0
package/dist/src/capability/mcp/transport.js +293 -0
package/dist/src/channel.js +224 -0
package/dist/src/config/accounts.js +236 -0
package/dist/src/config/derived-paths.js +31 -0
package/dist/src/config/index.js +7 -0
package/dist/src/config/media.js +110 -0
package/dist/src/config/network.js +32 -0
package/dist/src/config/routing.js +20 -0
package/dist/src/config/runtime-config.js +25 -0
package/dist/src/config/schema.js +4 -0
package/{src/config-schema.ts → dist/src/config-schema.js} +1 -1
package/dist/src/context-store.js +219 -0
package/{src/crypto/aes.ts → dist/src/crypto/aes.js} +11 -28
package/dist/src/crypto/index.js +9 -0
package/{src/crypto/signature.ts → dist/src/crypto/signature.js} +3 -18
package/{src/crypto/xml.ts → dist/src/crypto/xml.js} +3 -11
package/dist/src/crypto.js +145 -0
package/dist/src/domain/models.js +1 -0
package/dist/src/domain/policies.js +32 -0
package/{src/dynamic-agent.ts → dist/src/dynamic-agent.js} +36 -73
package/dist/src/gateway-monitor.js +139 -0
package/dist/src/http.js +114 -0
package/{src/media.ts → dist/src/media.js} +21 -40
package/dist/src/monitor/limits.js +7 -0
package/dist/src/monitor/state.js +28 -0
package/dist/src/monitor.js +84 -0
package/dist/src/observability/audit-log.js +30 -0
package/dist/src/observability/legacy-operational-event-store.js +22 -0
package/dist/src/observability/raw-envelope-log.js +24 -0
package/dist/src/observability/status-registry.js +9 -0
package/dist/src/observability/transport-session-view.js +14 -0
package/dist/src/onboarding.js +546 -0
package/dist/src/outbound.js +557 -0
package/dist/src/runtime/dispatcher.js +57 -0
package/{src/runtime/index.ts → dist/src/runtime/index.js} +0 -1
package/dist/src/runtime/outbound-intent.js +1 -0
package/dist/src/runtime/reply-orchestrator.js +38 -0
package/dist/src/runtime/routing-bridge.js +26 -0
package/dist/src/runtime/session-manager.js +112 -0
package/dist/src/runtime/source-registry.js +174 -0
package/dist/src/runtime.js +1 -0
package/dist/src/shared/command-auth.js +57 -0
package/{src/shared/index.ts → dist/src/shared/index.js} +0 -1
package/dist/src/shared/media-asset.js +65 -0
package/dist/src/shared/media-service.js +59 -0
package/dist/src/shared/media-types.js +1 -0
package/{src/shared/xml-parser.ts → dist/src/shared/xml-parser.js} +72 -63
package/dist/src/store/active-reply-store.js +41 -0
package/dist/src/store/interfaces.js +1 -0
package/dist/src/store/memory-store.js +33 -0
package/dist/src/store/stream-batch-store.js +319 -0
package/{src/target.ts → dist/src/target.js} +15 -48
package/dist/src/transport/agent-api/client.js +168 -0
package/dist/src/transport/agent-api/core.js +337 -0
package/dist/src/transport/agent-api/delivery.js +28 -0
package/dist/src/transport/agent-api/media-upload.js +4 -0
package/dist/src/transport/agent-api/reply.js +24 -0
package/dist/src/transport/agent-api/upstream-delivery.js +30 -0
package/dist/src/transport/agent-api/upstream-media-upload.js +46 -0
package/dist/src/transport/agent-api/upstream-reply.js +26 -0
package/dist/src/transport/agent-callback/http-handler.js +30 -0
package/dist/src/transport/agent-callback/inbound.js +4 -0
package/dist/src/transport/agent-callback/reply.js +8 -0
package/dist/src/transport/agent-callback/request-handler.js +189 -0
package/dist/src/transport/agent-callback/session.js +15 -0
package/dist/src/transport/bot-webhook/active-reply.js +27 -0
package/dist/src/transport/bot-webhook/http-handler.js +31 -0
package/dist/src/transport/bot-webhook/inbound-normalizer.js +496 -0
package/dist/src/transport/bot-webhook/inbound.js +4 -0
package/dist/src/transport/bot-webhook/message-shape.js +98 -0
package/dist/src/transport/bot-webhook/protocol.js +124 -0
package/dist/src/transport/bot-webhook/reply.js +9 -0
package/dist/src/transport/bot-webhook/request-handler.js +285 -0
package/dist/src/transport/bot-webhook/session.js +15 -0
package/dist/src/transport/bot-ws/inbound.js +147 -0
package/dist/src/transport/bot-ws/media.js +236 -0
package/dist/src/transport/bot-ws/reply.js +310 -0
package/dist/src/transport/bot-ws/sdk-adapter.js +257 -0
package/dist/src/transport/bot-ws/session.js +15 -0
package/dist/src/transport/http/common.js +78 -0
package/dist/src/transport/http/registry.js +71 -0
package/dist/src/transport/http/request-handler.js +51 -0
package/{src/transport/index.ts → dist/src/transport/index.js} +2 -10
package/dist/src/types/account.js +1 -0
package/dist/src/types/config.js +1 -0
package/dist/src/types/constants.js +28 -0
package/dist/src/types/events.js +1 -0
package/dist/src/types/index.js +1 -0
package/dist/src/types/legacy-stream.js +1 -0
package/dist/src/types/message.js +5 -0
package/dist/src/types/runtime-context.js +1 -0
package/dist/src/types/runtime.js +1 -0
package/dist/src/types.js +1 -0
package/dist/src/upstream/index.js +111 -0
package/dist/src/wecom_msg_adapter/markdown_adapter.js +280 -0
package/openclaw.plugin.json +15 -0
package/package.json +18 -1
package/.github/workflows/release.yml +0 -143
package/GOVERNANCE.md +0 -26
package/SKILLS_CAL.md +0 -895
package/SKILLS_DOC.md +0 -2288
package/UPSTREAM_CONFIG.md +0 -170
package/UPSTREAM_PLAN.md +0 -175
package/assets/01.bot-add.png +0 -0
package/assets/01.bot-setp2.png +0 -0
package/assets/01.image.jpg +0 -0
package/assets/02.agent.add.png +0 -0
package/assets/02.agent.api-set.png +0 -0
package/assets/02.image.jpg +0 -0
package/assets/03.agent.page.png +0 -0
package/assets/03.bot.page.png +0 -0
package/assets/link-me.jpg +0 -0
package/assets/register.png +0 -0
package/changelog/v2.2.28.md +0 -70
package/changelog/v2.3.10.md +0 -17
package/changelog/v2.3.11.md +0 -19
package/changelog/v2.3.12.md +0 -25
package/changelog/v2.3.13.md +0 -19
package/changelog/v2.3.14.md +0 -48
package/changelog/v2.3.15.md +0 -15
package/changelog/v2.3.16.md +0 -11
package/changelog/v2.3.18.md +0 -22
package/changelog/v2.3.19.md +0 -73
package/changelog/v2.3.2.md +0 -28
package/changelog/v2.3.26.md +0 -21
package/changelog/v2.3.27.md +0 -33
package/changelog/v2.3.4.md +0 -20
package/changelog/v2.3.9.md +0 -22
package/changelog/v2.4.12.md +0 -37
package/changelog/v2.4.16.md +0 -19
package/compat-single-account.md +0 -148
package/index.test.ts +0 -38
package/scripts/test-proxy.ts +0 -70
package/src/accounts.ts +0 -34
package/src/agent/api-client.upload.test.ts +0 -109
package/src/agent/handler.event-filter.test.ts +0 -100
package/src/agent/handler.ts +0 -1105
package/src/agent/index.ts +0 -12
package/src/app/account-runtime.ts +0 -276
package/src/app/bootstrap.ts +0 -29
package/src/app/index.ts +0 -192
package/src/capability/agent/delivery-service.ts +0 -87
package/src/capability/agent/fallback-policy.ts +0 -13
package/src/capability/agent/ingress-service.ts +0 -38
package/src/capability/agent/upstream-delivery-service.ts +0 -96
package/src/capability/bot/dispatch-config.ts +0 -47
package/src/capability/bot/fallback-delivery.ts +0 -178
package/src/capability/bot/local-path-delivery.ts +0 -215
package/src/capability/bot/sandbox-media.test.ts +0 -221
package/src/capability/bot/sandbox-media.ts +0 -176
package/src/capability/bot/service.ts +0 -56
package/src/capability/bot/stream-delivery.ts +0 -379
package/src/capability/bot/stream-finalizer.ts +0 -120
package/src/capability/bot/stream-orchestrator.ts +0 -371
package/src/capability/bot/types.ts +0 -8
package/src/capability/calendar/SKILLS_CHECKLIST.md +0 -251
package/src/capability/calendar/tool.ts +0 -417
package/src/capability/calendar/types.ts +0 -309
package/src/capability/doc/tool.ts +0 -1629
package/src/capability/doc/types.ts +0 -792
package/src/capability/mcp/index.ts +0 -10
package/src/capability/mcp/schema.ts +0 -107
package/src/capability/mcp/tool.ts +0 -174
package/src/capability/mcp/transport.ts +0 -394
package/src/channel.config.test.ts +0 -147
package/src/channel.lifecycle.test.ts +0 -255
package/src/channel.meta.test.ts +0 -26
package/src/channel.ts +0 -256
package/src/config/accounts.resolve.test.ts +0 -75
package/src/config/accounts.ts +0 -296
package/src/config/derived-paths.test.ts +0 -111
package/src/config/derived-paths.ts +0 -41
package/src/config/index.ts +0 -26
package/src/config/media.test.ts +0 -113
package/src/config/media.ts +0 -139
package/src/config/network.ts +0 -53
package/src/config/routing.test.ts +0 -88
package/src/config/routing.ts +0 -26
package/src/config/runtime-config.ts +0 -46
package/src/config/schema.ts +0 -90
package/src/context-store.ts +0 -297
package/src/crypto/index.ts +0 -24
package/src/crypto.test.ts +0 -32
package/src/crypto.ts +0 -176
package/src/domain/models.ts +0 -7
package/src/domain/policies.ts +0 -36
package/src/dynamic-agent.account-scope.test.ts +0 -17
package/src/gateway-monitor.ts +0 -181
package/src/http.ts +0 -145
package/src/media.test.ts +0 -82
package/src/monitor/limits.ts +0 -7
package/src/monitor/state.queue.test.ts +0 -185
package/src/monitor/state.ts +0 -34
package/src/monitor.active.test.ts +0 -245
package/src/monitor.inbound-filter.test.ts +0 -63
package/src/monitor.integration.test.ts +0 -208
package/src/monitor.ts +0 -121
package/src/monitor.webhook.test.ts +0 -774
package/src/observability/audit-log.ts +0 -48
package/src/observability/legacy-operational-event-store.ts +0 -36
package/src/observability/raw-envelope-log.ts +0 -28
package/src/observability/status-registry.ts +0 -13
package/src/observability/transport-session-view.ts +0 -14
package/src/onboarding.test.ts +0 -336
package/src/onboarding.ts +0 -704
package/src/outbound.test.ts +0 -1271
package/src/outbound.ts +0 -746
package/src/runtime/dispatcher.ts +0 -71
package/src/runtime/outbound-intent.ts +0 -4
package/src/runtime/reply-orchestrator.test.ts +0 -71
package/src/runtime/reply-orchestrator.ts +0 -67
package/src/runtime/routing-bridge.test.ts +0 -115
package/src/runtime/routing-bridge.ts +0 -44
package/src/runtime/session-manager.test.ts +0 -174
package/src/runtime/session-manager.ts +0 -139
package/src/runtime/source-registry.ts +0 -249
package/src/runtime.ts +0 -14
package/src/shared/command-auth.ts +0 -87
package/src/shared/media-asset.ts +0 -78
package/src/shared/media-service.test.ts +0 -111
package/src/shared/media-service.ts +0 -84
package/src/shared/media-types.ts +0 -5
package/src/shared/xml-parser.test.ts +0 -50
package/src/store/active-reply-store.ts +0 -42
package/src/store/interfaces.ts +0 -11
package/src/store/memory-store.ts +0 -43
package/src/store/stream-batch-store.ts +0 -350
package/src/transport/agent-api/client.ts +0 -277
package/src/transport/agent-api/core.ts +0 -463
package/src/transport/agent-api/delivery.ts +0 -41
package/src/transport/agent-api/media-upload.ts +0 -11
package/src/transport/agent-api/reply.ts +0 -39
package/src/transport/agent-api/upstream-delivery.ts +0 -45
package/src/transport/agent-api/upstream-media-upload.ts +0 -70
package/src/transport/agent-api/upstream-reply.ts +0 -43
package/src/transport/agent-callback/http-handler.ts +0 -47
package/src/transport/agent-callback/inbound.ts +0 -5
package/src/transport/agent-callback/reply.ts +0 -13
package/src/transport/agent-callback/request-handler.ts +0 -244
package/src/transport/agent-callback/session.ts +0 -23
package/src/transport/bot-webhook/active-reply.ts +0 -39
package/src/transport/bot-webhook/http-handler.ts +0 -48
package/src/transport/bot-webhook/inbound-normalizer.test.ts +0 -433
package/src/transport/bot-webhook/inbound-normalizer.ts +0 -558
package/src/transport/bot-webhook/inbound.ts +0 -5
package/src/transport/bot-webhook/message-shape.ts +0 -92
package/src/transport/bot-webhook/protocol.ts +0 -148
package/src/transport/bot-webhook/reply.ts +0 -15
package/src/transport/bot-webhook/request-handler.ts +0 -394
package/src/transport/bot-webhook/session.ts +0 -23
package/src/transport/bot-ws/inbound.test.ts +0 -290
package/src/transport/bot-ws/inbound.ts +0 -163
package/src/transport/bot-ws/media.test.ts +0 -44
package/src/transport/bot-ws/media.ts +0 -321
package/src/transport/bot-ws/reply.test.ts +0 -450
package/src/transport/bot-ws/reply.ts +0 -365
package/src/transport/bot-ws/sdk-adapter.test.ts +0 -187
package/src/transport/bot-ws/sdk-adapter.ts +0 -314
package/src/transport/bot-ws/session.ts +0 -28
package/src/transport/http/common.ts +0 -109
package/src/transport/http/registry.ts +0 -92
package/src/transport/http/request-handler.ts +0 -84
package/src/types/account.ts +0 -70
package/src/types/config.ts +0 -114
package/src/types/constants.ts +0 -31
package/src/types/events.ts +0 -21
package/src/types/global.d.ts +0 -9
package/src/types/index.ts +0 -17
package/src/types/legacy-stream.ts +0 -50
package/src/types/message.ts +0 -189
package/src/types/runtime-context.ts +0 -28
package/src/types/runtime.ts +0 -165
package/src/types.ts +0 -41
package/src/upstream/index.ts +0 -150
package/src/upstream.test.ts +0 -84
package/src/wecom_msg_adapter/markdown_adapter.ts +0 -331
package/tsconfig.json +0 -22
package/vitest.config.ts +0 -26
/package/{src/capability/agent/index.ts → dist/src/capability/agent/index.js} +0 -0
/package/{src/capability/bot/index.ts → dist/src/capability/bot/index.js} +0 -0
/package/{src/capability/calendar/index.ts → dist/src/capability/calendar/index.js} +0 -0
/package/{src/capability/index.ts → dist/src/capability/index.js} +0 -0

package/dist/src/transport/bot-webhook/inbound-normalizer.js ADDED Viewed

@@ -0,0 +1,496 @@
+import { decryptWecomMediaWithMeta } from "../../media.js";
+import { resolveWecomEgressProxyUrl, resolveWecomMediaDownloadTimeoutMs, resolveWecomMediaMaxBytes, } from "../../config/index.js";
+import { buildInboundBody } from "./message-shape.js";
+const MIME_BY_EXT = {
+    txt: "text/plain",
+    md: "text/markdown",
+    json: "application/json",
+    csv: "text/csv",
+    html: "text/html",
+    pdf: "application/pdf",
+    doc: "application/msword",
+    docx: "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
+    xls: "application/vnd.ms-excel",
+    xlsx: "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet",
+    ppt: "application/vnd.ms-powerpoint",
+    pptx: "application/vnd.openxmlformats-officedocument.presentationml.presentation",
+    jpg: "image/jpeg",
+    jpeg: "image/jpeg",
+    png: "image/png",
+    gif: "image/gif",
+    webp: "image/webp",
+    bmp: "image/bmp",
+    ogg: "audio/ogg",
+    wav: "audio/wav",
+    mp3: "audio/mpeg",
+    mp4: "video/mp4",
+    zip: "application/zip",
+    bin: "application/octet-stream",
+};
+const EXT_BY_MIME = {
+    ...Object.fromEntries(Object.entries(MIME_BY_EXT).map(([ext, mime]) => [mime, ext])),
+    "application/octet-stream": "bin",
+};
+const GENERIC_CONTENT_TYPES = new Set([
+    "application/octet-stream",
+    "binary/octet-stream",
+    "application/download",
+]);
+function normalizeContentType(raw) {
+    const normalized = String(raw ?? "").trim().split(";")[0]?.trim().toLowerCase();
+    return normalized || undefined;
+}
+function isGenericContentType(raw) {
+    const normalized = normalizeContentType(raw);
+    if (!normalized)
+        return true;
+    return GENERIC_CONTENT_TYPES.has(normalized);
+}
+export function guessContentTypeFromPath(filePath) {
+    const ext = filePath.split(".").pop()?.toLowerCase();
+    if (!ext)
+        return undefined;
+    return MIME_BY_EXT[ext];
+}
+function guessExtensionFromContentType(contentType) {
+    const normalized = normalizeContentType(contentType);
+    if (!normalized)
+        return undefined;
+    if (normalized === "image/jpeg")
+        return "jpg";
+    return EXT_BY_MIME[normalized];
+}
+function extractFileNameFromUrl(rawUrl) {
+    const s = String(rawUrl ?? "").trim();
+    if (!s)
+        return undefined;
+    try {
+        const u = new URL(s);
+        const name = decodeURIComponent(u.pathname.split("/").pop() ?? "").trim();
+        return name || undefined;
+    }
+    catch {
+        return undefined;
+    }
+}
+function sanitizeInboundFilename(raw) {
+    const s = String(raw ?? "").trim();
+    if (!s)
+        return undefined;
+    const base = s.split(/[\\/]/).pop()?.trim() ?? "";
+    if (!base)
+        return undefined;
+    const sanitized = base.replace(/[\u0000-\u001f<>:"|?*]/g, "_").trim();
+    return sanitized || undefined;
+}
+function hasLikelyExtension(name) {
+    if (!name)
+        return false;
+    return /\.[a-z0-9]{1,16}$/i.test(name);
+}
+function detectMimeFromBuffer(buffer) {
+    if (!buffer || buffer.length < 4)
+        return undefined;
+    if (buffer.length >= 8 &&
+        buffer[0] === 0x89 &&
+        buffer[1] === 0x50 &&
+        buffer[2] === 0x4e &&
+        buffer[3] === 0x47 &&
+        buffer[4] === 0x0d &&
+        buffer[5] === 0x0a &&
+        buffer[6] === 0x1a &&
+        buffer[7] === 0x0a) {
+        return "image/png";
+    }
+    if (buffer[0] === 0xff && buffer[1] === 0xd8 && buffer[2] === 0xff) {
+        return "image/jpeg";
+    }
+    if (buffer.subarray(0, 6).toString("ascii") === "GIF87a" || buffer.subarray(0, 6).toString("ascii") === "GIF89a") {
+        return "image/gif";
+    }
+    if (buffer.length >= 12 && buffer.subarray(0, 4).toString("ascii") === "RIFF" && buffer.subarray(8, 12).toString("ascii") === "WEBP") {
+        return "image/webp";
+    }
+    if (buffer[0] === 0x42 && buffer[1] === 0x4d) {
+        return "image/bmp";
+    }
+    if (buffer.subarray(0, 5).toString("ascii") === "%PDF-") {
+        return "application/pdf";
+    }
+    if (buffer.subarray(0, 4).toString("ascii") === "OggS") {
+        return "audio/ogg";
+    }
+    if (buffer.length >= 12 && buffer.subarray(0, 4).toString("ascii") === "RIFF" && buffer.subarray(8, 12).toString("ascii") === "WAVE") {
+        return "audio/wav";
+    }
+    if (buffer.subarray(0, 3).toString("ascii") === "ID3" || (buffer[0] === 0xff && (buffer[1] & 0xe0) === 0xe0)) {
+        return "audio/mpeg";
+    }
+    if (buffer.length >= 12 && buffer.subarray(4, 8).toString("ascii") === "ftyp") {
+        return "video/mp4";
+    }
+    if (buffer.length >= 8 &&
+        buffer[0] === 0xd0 &&
+        buffer[1] === 0xcf &&
+        buffer[2] === 0x11 &&
+        buffer[3] === 0xe0 &&
+        buffer[4] === 0xa1 &&
+        buffer[5] === 0xb1 &&
+        buffer[6] === 0x1a &&
+        buffer[7] === 0xe1) {
+        return "application/msword";
+    }
+    const zipMagic = (buffer[0] === 0x50 && buffer[1] === 0x4b && buffer[2] === 0x03 && buffer[3] === 0x04) ||
+        (buffer[0] === 0x50 && buffer[1] === 0x4b && buffer[2] === 0x05 && buffer[3] === 0x06) ||
+        (buffer[0] === 0x50 && buffer[1] === 0x4b && buffer[2] === 0x07 && buffer[3] === 0x08);
+    if (zipMagic) {
+        const probe = buffer.subarray(0, Math.min(buffer.length, 512 * 1024));
+        if (probe.includes(Buffer.from("word/")))
+            return "application/vnd.openxmlformats-officedocument.wordprocessingml.document";
+        if (probe.includes(Buffer.from("xl/")))
+            return "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet";
+        if (probe.includes(Buffer.from("ppt/")))
+            return "application/vnd.openxmlformats-officedocument.presentationml.presentation";
+        return "application/zip";
+    }
+    const sample = buffer.subarray(0, Math.min(buffer.length, 4096));
+    let printable = 0;
+    for (const b of sample) {
+        if (b === 0x00)
+            return undefined;
+        if (b === 0x09 || b === 0x0a || b === 0x0d || (b >= 0x20 && b <= 0x7e)) {
+            printable += 1;
+        }
+    }
+    if (sample.length > 0 && printable / sample.length > 0.95) {
+        return "text/plain";
+    }
+    return undefined;
+}
+function resolveInlineFileName(input) {
+    return sanitizeInboundFilename(String(input ?? "").trim());
+}
+function pickBotFileName(msg, item) {
+    const fromItem = item
+        ? resolveInlineFileName(item?.filename ?? item?.file_name ?? item?.fileName ?? item?.name ?? item?.title)
+        : undefined;
+    if (fromItem)
+        return fromItem;
+    return resolveInlineFileName(msg?.file?.filename ??
+        msg?.file?.file_name ??
+        msg?.file?.fileName ??
+        msg?.file?.name ??
+        msg?.file?.title ??
+        msg?.filename ??
+        msg?.fileName ??
+        msg?.FileName);
+}
+function inferInboundMediaMeta(params) {
+    const headerType = normalizeContentType(params.sourceContentType);
+    const magicType = detectMimeFromBuffer(params.buffer);
+    const rawUrlName = sanitizeInboundFilename(extractFileNameFromUrl(params.sourceUrl));
+    const guessedByUrl = hasLikelyExtension(rawUrlName) ? rawUrlName : undefined;
+    const explicitName = sanitizeInboundFilename(params.explicitFilename);
+    const sourceName = sanitizeInboundFilename(params.sourceFilename);
+    const chosenName = explicitName || sourceName || guessedByUrl;
+    const typeByName = chosenName ? guessContentTypeFromPath(chosenName) : undefined;
+    let contentType;
+    if (params.kind === "image") {
+        if (magicType?.startsWith("image/"))
+            contentType = magicType;
+        else if (headerType?.startsWith("image/"))
+            contentType = headerType;
+        else if (typeByName?.startsWith("image/"))
+            contentType = typeByName;
+        else
+            contentType = "image/jpeg";
+    }
+    else {
+        contentType = magicType || (!isGenericContentType(headerType) ? headerType : undefined) || typeByName || "application/octet-stream";
+    }
+    const hasExt = Boolean(chosenName && /\.[a-z0-9]{1,16}$/i.test(chosenName));
+    const ext = guessExtensionFromContentType(contentType) || (params.kind === "image" ? "jpg" : "bin");
+    const filename = chosenName ? (hasExt ? chosenName : `${chosenName}.${ext}`) : `${params.kind}.${ext}`;
+    return { contentType, filename };
+}
+export function looksLikeSendLocalFileIntent(rawBody) {
+    const t = rawBody.trim();
+    if (!t)
+        return false;
+    return /(发送|发给|发到|转发|把.*发|把.*发送|帮我发|给我发)/.test(t);
+}
+/**
+ * 根据错误信息对媒体下载/解密失败进行分类。
+ * 用于区分不同的失败原因：URL 过期、网络超时、文件超大、解密异常。
+ */
+function classifyMediaFailure(error) {
+    const message = String(error instanceof Error ? error.message : error).toLowerCase();
+    // 优先检查 URL 过期或禁止访问（403/401 或签名过期）
+    if (message.includes("403") ||
+        message.includes("forbidden") ||
+        message.includes("expired") ||
+        message.includes("signature") ||
+        message.includes("status=401")) {
+        return "expired_or_forbidden";
+    }
+    // 检查网络超时（5 分钟 URL 时效窗口内的超时属于此类）
+    if (message.includes("timeout") || message.includes("timed out") || message.includes("abort")) {
+        return "timeout";
+    }
+    // 检查文件大小超限
+    if (message.includes("maxbytes") ||
+        message.includes("exceed") ||
+        message.includes("too large") ||
+        message.includes("payload too large")) {
+        return "size_limit";
+    }
+    // 其他错误默认归类为解密失败
+    return "decrypt";
+}
+/**
+ * 从引用消息中选择并提取第一个可用的媒体候选。
+ *
+ * 优先级规则：
+ * 1. quote.image / quote.file / quote.video：单个媒体类型直接提取
+ * 2. quote.mixed：从多个 msg_item 中提取第一个 image
+ * 3. URI 过期约 5 分钟，必须尽快下载/解密
+ *
+ * @returns 包含 kind、url、aesKey、filename 的候选项，或 undefined
+ */
+function resolveQuoteMediaCandidate(msg) {
+    const quote = msg?.quote;
+    const quoteType = String(quote?.msgtype ?? "").toLowerCase();
+    // 处理单个媒体类型：image、file、video
+    if (quoteType === "image" || quoteType === "file" || quoteType === "video") {
+        const kind = quoteType;
+        const url = String(quote?.[kind]?.url ?? "").trim();
+        if (!url)
+            return undefined;
+        return {
+            kind,
+            url,
+            aesKey: quote?.[kind]?.aeskey,
+            explicitFilename: pickBotFileName(msg, quote?.[kind]),
+        };
+    }
+    // 处理混合消息类型：从 msg_item 数组中提取第一个图片
+    if (quoteType === "mixed" && Array.isArray(quote?.mixed?.msg_item)) {
+        for (const item of quote.mixed.msg_item) {
+            const itemType = String(item?.msgtype ?? "").toLowerCase();
+            if (itemType !== "image") {
+                continue;
+            }
+            const url = String(item?.image?.url ?? "").trim();
+            if (!url) {
+                continue;
+            }
+            return {
+                kind: "image",
+                url,
+                aesKey: item?.image?.aeskey,
+                explicitFilename: pickBotFileName(msg, item?.image),
+            };
+        }
+    }
+    return undefined;
+}
+export async function processBotInboundMessage(params) {
+    const { target, msg, recordOperationalIssue } = params;
+    const msgtype = String(msg.msgtype ?? "").toLowerCase();
+    const aesKey = target.account.encodingAESKey;
+    const maxBytes = resolveWecomMediaMaxBytes(target.config, target.account.accountId);
+    const proxyUrl = resolveWecomEgressProxyUrl(target.config);
+    const mediaTimeoutMs = resolveWecomMediaDownloadTimeoutMs(target.config);
+    const handleMediaFailure = (payload) => {
+        const reason = classifyMediaFailure(payload.error);
+        const hint = reason === "timeout"
+            ? `可调大 channels.wecom.media.downloadTimeoutMs（当前=${mediaTimeoutMs}ms）例如：openclaw config set channels.wecom.media.downloadTimeoutMs 45000`
+            : `可调大 channels.wecom.mediaMaxMb（当前=${Math.round(maxBytes / (1024 * 1024))}MB）例如：openclaw config set channels.wecom.mediaMaxMb 50`;
+        target.runtime.error?.(`Failed to decrypt ${payload.scope} ${payload.kind}: ${String(payload.error)} reason=${reason}; ${hint}`);
+        recordOperationalIssue({
+            category: "media-decrypt-failed",
+            messageId: msg.msgid ? String(msg.msgid) : undefined,
+            summary: `${payload.scope} ${payload.kind} decrypt failed reason=${reason} url=${payload.url}`,
+            raw: { transport: "bot-webhook", envelopeType: "json", body: msg },
+            error: payload.error instanceof Error ? payload.error.message : String(payload.error),
+        });
+        const errorMessage = typeof payload.error === "object" && payload.error
+            ? `${payload.error.message}${payload.error.cause ? ` (cause: ${String(payload.error.cause)})` : ""}`
+            : String(payload.error);
+        return { body: `${payload.bodyFallback} (decryption failed: ${errorMessage})` };
+    };
+    const tryDecryptMedia = async (payload) => {
+        const urlHost = (() => { try {
+            return new URL(payload.url).hostname;
+        }
+        catch {
+            return "?";
+        } })();
+        const t0 = Date.now();
+        console.log(`[wecom-media] download-start kind=${payload.kind} host=${urlHost} aesKey=${payload.aesKey ? "payload" : "account"} timeoutMs=${mediaTimeoutMs} proxy=${proxyUrl || "none"}`);
+        const decrypted = await decryptWecomMediaWithMeta(payload.url, payload.aesKey ?? aesKey, {
+            maxBytes,
+            http: { proxyUrl, timeoutMs: mediaTimeoutMs },
+        });
+        console.log(`[wecom-media] download-ok kind=${payload.kind} host=${urlHost} durationMs=${Date.now() - t0} bytes=${decrypted.buffer.length} contentType=${decrypted.sourceContentType ?? "?"}`);
+        const inferred = inferInboundMediaMeta({
+            kind: payload.kind === "image" ? "image" : "file",
+            buffer: decrypted.buffer,
+            sourceUrl: decrypted.sourceUrl || payload.url,
+            sourceContentType: decrypted.sourceContentType,
+            sourceFilename: decrypted.sourceFilename,
+            explicitFilename: payload.explicitFilename,
+        });
+        return {
+            buffer: decrypted.buffer,
+            contentType: inferred.contentType,
+            filename: inferred.filename,
+        };
+    };
+    if (msgtype === "image") {
+        const url = String(msg.image?.url ?? "").trim();
+        if (url && aesKey) {
+            try {
+                const media = await tryDecryptMedia({
+                    kind: "image",
+                    url,
+                    explicitFilename: pickBotFileName(msg),
+                    aesKey: msg.image?.aeskey,
+                });
+                return { body: "[image]", media };
+            }
+            catch (err) {
+                return handleMediaFailure({
+                    scope: "inbound",
+                    kind: "image",
+                    url,
+                    error: err,
+                    bodyFallback: "[image]",
+                });
+            }
+        }
+    }
+    if (msgtype === "file") {
+        const url = String(msg.file?.url ?? "").trim();
+        if (url && aesKey) {
+            try {
+                const media = await tryDecryptMedia({
+                    kind: "file",
+                    url,
+                    explicitFilename: pickBotFileName(msg),
+                    aesKey: msg.file?.aeskey,
+                });
+                return { body: "[file]", media };
+            }
+            catch (err) {
+                return handleMediaFailure({
+                    scope: "inbound",
+                    kind: "file",
+                    url,
+                    error: err,
+                    bodyFallback: "[file]",
+                });
+            }
+        }
+    }
+    if (msgtype === "video") {
+        const url = String(msg.video?.url ?? "").trim();
+        if (url && aesKey) {
+            try {
+                const media = await tryDecryptMedia({
+                    kind: "video",
+                    url,
+                    explicitFilename: pickBotFileName(msg),
+                    aesKey: msg.video?.aeskey,
+                });
+                return { body: "[video]", media };
+            }
+            catch (err) {
+                return handleMediaFailure({
+                    scope: "inbound",
+                    kind: "video",
+                    url,
+                    error: err,
+                    bodyFallback: "[video]",
+                });
+            }
+        }
+    }
+    if (msgtype === "mixed") {
+        const items = msg.mixed?.msg_item;
+        if (Array.isArray(items)) {
+            let foundMedia;
+            const bodyParts = [];
+            for (const item of items) {
+                const t = String(item.msgtype ?? "").toLowerCase();
+                if (t === "text") {
+                    const content = String(item.text?.content ?? "").trim();
+                    if (content)
+                        bodyParts.push(content);
+                    continue;
+                }
+                if ((t === "image" || t === "file" || t === "video") && !foundMedia && aesKey) {
+                    const mediaKind = t;
+                    const url = String(item[mediaKind]?.url ?? "").trim();
+                    if (url) {
+                        try {
+                            foundMedia = await tryDecryptMedia({
+                                kind: mediaKind,
+                                url,
+                                explicitFilename: pickBotFileName(msg, item?.[mediaKind]),
+                                aesKey: item?.[mediaKind]?.aeskey,
+                            });
+                            bodyParts.push(`[${t}]`);
+                            continue;
+                        }
+                        catch (err) {
+                            const failed = handleMediaFailure({
+                                scope: "mixed",
+                                kind: mediaKind,
+                                url,
+                                error: err,
+                                bodyFallback: `[${t}]`,
+                            });
+                            bodyParts.push(failed.body);
+                            continue;
+                        }
+                    }
+                }
+                bodyParts.push(`[${t}]`);
+            }
+            return { body: bodyParts.join("\n"), media: foundMedia };
+        }
+    }
+    if (msgtype === "text" || msgtype === "voice") {
+        const baseBody = buildInboundBody(msg);
+        // 新增支持：尝试从引用中提取候选媒体（支持 quote.image/file/video/mixed）
+        // 优先级：顶层媒体已在上面处理，如果没有顶层媒体才检查引用
+        const candidate = resolveQuoteMediaCandidate(msg);
+        if (candidate?.url && aesKey) {
+            const qHost = (() => { try {
+                return new URL(candidate.url).hostname;
+            }
+            catch {
+                return "?";
+            } })();
+            console.log(`[wecom-media] quote-candidate msgtype=${msgtype} kind=${candidate.kind} host=${qHost} aesKey=${candidate.aesKey ? "payload" : "account"} msgid=${msg.msgid ?? "?"}`);
+            try {
+                // 尽快下载并解密媒体（应对 5 分钟 URL 时效窗口）
+                const media = await tryDecryptMedia(candidate);
+                return { body: baseBody, media };
+            }
+            catch (err) {
+                // 下载或解密失败则降级，保留文本但记录失败原因便于调试
+                const failed = handleMediaFailure({
+                    scope: "quote",
+                    kind: candidate.kind,
+                    url: candidate.url,
+                    error: err,
+                    bodyFallback: `${baseBody}\n[quote:${candidate.kind}]`,
+                });
+                return failed;
+            }
+        }
+    }
+    return { body: buildInboundBody(msg) };
+}

package/dist/src/transport/bot-webhook/inbound.js ADDED Viewed

@@ -0,0 +1,4 @@
+import { resolveDerivedPathSummary } from "../../config/index.js";
+export function resolveBotWebhookPaths(accountId) {
+    return resolveDerivedPathSummary(accountId).botWebhook;
+}

package/dist/src/transport/bot-webhook/message-shape.js ADDED Viewed

@@ -0,0 +1,98 @@
+export function resolveWecomSenderUserId(msg) {
+    const direct = msg.from?.userid?.trim();
+    if (direct)
+        return direct;
+    const legacy = String(msg.fromuserid ?? msg.from_userid ?? msg.fromUserId ?? "").trim();
+    return legacy || undefined;
+}
+export function shouldProcessBotInboundMessage(msg) {
+    const senderUserId = resolveWecomSenderUserId(msg)?.trim();
+    if (!senderUserId) {
+        return { shouldProcess: false, reason: "missing_sender" };
+    }
+    if (senderUserId.toLowerCase() === "sys") {
+        return { shouldProcess: false, reason: "system_sender" };
+    }
+    const chatType = String(msg.chattype ?? "").trim().toLowerCase();
+    if (chatType === "group") {
+        const chatId = msg.chatid?.trim();
+        if (!chatId) {
+            return { shouldProcess: false, reason: "missing_chatid", senderUserId };
+        }
+        return { shouldProcess: true, reason: "user_message", senderUserId, chatId };
+    }
+    return { shouldProcess: true, reason: "user_message", senderUserId, chatId: senderUserId };
+}
+function formatQuote(quote) {
+    const type = quote.msgtype ?? "";
+    if (type === "text")
+        return quote.text?.content || "";
+    if (type === "image")
+        return `[引用: 图片] ${quote.image?.url || ""}`;
+    if (type === "mixed" && quote.mixed?.msg_item) {
+        const items = quote.mixed.msg_item
+            .map((item) => {
+            if (item.msgtype === "text")
+                return item.text?.content;
+            if (item.msgtype === "image")
+                return `[图片] ${item.image?.url || ""}`;
+            return "";
+        })
+            .filter(Boolean)
+            .join(" ");
+        return `[引用: 图文] ${items}`;
+    }
+    if (type === "voice")
+        return `[引用: 语音] ${quote.voice?.content || ""}`;
+    if (type === "file")
+        return `[引用: 文件] ${quote.file?.url || ""}`;
+    // 新增支持：引用视频类型 - 将在入站正规化中提取媒体并落盘
+    if (type === "video")
+        return `[引用: 视频] ${quote.video?.url || ""}`;
+    return "";
+}
+export function buildInboundBody(msg) {
+    let body = "";
+    const msgtype = String(msg.msgtype ?? "").toLowerCase();
+    if (msgtype === "text")
+        body = msg.text?.content || "";
+    else if (msgtype === "voice")
+        body = msg.voice?.content || "[voice]";
+    else if (msgtype === "mixed") {
+        const items = msg.mixed?.msg_item;
+        if (Array.isArray(items)) {
+            body = items
+                .map((item) => {
+                const t = String(item?.msgtype ?? "").toLowerCase();
+                if (t === "text")
+                    return item?.text?.content || "";
+                if (t === "image")
+                    return `[image] ${item?.image?.url || ""}`;
+                return `[${t || "item"}]`;
+            })
+                .filter(Boolean)
+                .join("\n");
+        }
+        else
+            body = "[mixed]";
+    }
+    else if (msgtype === "image")
+        body = `[image] ${msg.image?.url || ""}`;
+    else if (msgtype === "file")
+        body = `[file] ${msg.file?.url || ""}`;
+    else if (msgtype === "video")
+        body = `[video] ${msg.video?.url || ""}`;
+    else if (msgtype === "event")
+        body = `[event] ${msg.event?.eventtype || ""}`;
+    else if (msgtype === "stream")
+        body = `[stream_refresh] ${msg.stream?.id || ""}`;
+    else
+        body = msgtype ? `[${msgtype}]` : "";
+    const quote = msg.quote;
+    if (quote) {
+        const quoteText = formatQuote(quote).trim();
+        if (quoteText)
+            body += `\n\n> ${quoteText}`;
+    }
+    return body;
+}