npm - activeclaw - Versions diffs - 2026.2.12 → 2026.2.13 - Mend

activeclaw 2026.2.12 → 2026.2.13

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (364) hide show

package/extensions/feishu/src/streaming-card.ts ADDED Viewed

@@ -0,0 +1,223 @@
+/**
+ * Feishu Streaming Card - Card Kit streaming API for real-time text output
+ */
+import type { Client } from "@larksuiteoapi/node-sdk";
+import type { FeishuDomain } from "./types.js";
+type Credentials = { appId: string; appSecret: string; domain?: FeishuDomain };
+type CardState = { cardId: string; messageId: string; sequence: number; currentText: string };
+// Token cache (keyed by domain + appId)
+const tokenCache = new Map<string, { token: string; expiresAt: number }>();
+function resolveApiBase(domain?: FeishuDomain): string {
+  if (domain === "lark") {
+    return "https://open.larksuite.com/open-apis";
+  }
+  if (domain && domain !== "feishu" && domain.startsWith("http")) {
+    return `${domain.replace(/\/+$/, "")}/open-apis`;
+  }
+  return "https://open.feishu.cn/open-apis";
+}
+async function getToken(creds: Credentials): Promise<string> {
+  const key = `${creds.domain ?? "feishu"}|${creds.appId}`;
+  const cached = tokenCache.get(key);
+  if (cached && cached.expiresAt > Date.now() + 60000) {
+    return cached.token;
+  }
+  const res = await fetch(`${resolveApiBase(creds.domain)}/auth/v3/tenant_access_token/internal`, {
+    method: "POST",
+    headers: { "Content-Type": "application/json" },
+    body: JSON.stringify({ app_id: creds.appId, app_secret: creds.appSecret }),
+  });
+  const data = (await res.json()) as {
+    code: number;
+    msg: string;
+    tenant_access_token?: string;
+    expire?: number;
+  };
+  if (data.code !== 0 || !data.tenant_access_token) {
+    throw new Error(`Token error: ${data.msg}`);
+  }
+  tokenCache.set(key, {
+    token: data.tenant_access_token,
+    expiresAt: Date.now() + (data.expire ?? 7200) * 1000,
+  });
+  return data.tenant_access_token;
+}
+function truncateSummary(text: string, max = 50): string {
+  if (!text) {
+    return "";
+  }
+  const clean = text.replace(/\n/g, " ").trim();
+  return clean.length <= max ? clean : clean.slice(0, max - 3) + "...";
+}
+/** Streaming card session manager */
+export class FeishuStreamingSession {
+  private client: Client;
+  private creds: Credentials;
+  private state: CardState | null = null;
+  private queue: Promise<void> = Promise.resolve();
+  private closed = false;
+  private log?: (msg: string) => void;
+  private lastUpdateTime = 0;
+  private pendingText: string | null = null;
+  private updateThrottleMs = 100; // Throttle updates to max 10/sec
+  constructor(client: Client, creds: Credentials, log?: (msg: string) => void) {
+    this.client = client;
+    this.creds = creds;
+    this.log = log;
+  }
+  async start(
+    receiveId: string,
+    receiveIdType: "open_id" | "user_id" | "union_id" | "email" | "chat_id" = "chat_id",
+  ): Promise<void> {
+    if (this.state) {
+      return;
+    }
+    const apiBase = resolveApiBase(this.creds.domain);
+    const cardJson = {
+      schema: "2.0",
+      config: {
+        streaming_mode: true,
+        summary: { content: "[Generating...]" },
+        streaming_config: { print_frequency_ms: { default: 50 }, print_step: { default: 2 } },
+      },
+      body: {
+        elements: [{ tag: "markdown", content: "⏳ Thinking...", element_id: "content" }],
+      },
+    };
+    // Create card entity
+    const createRes = await fetch(`${apiBase}/cardkit/v1/cards`, {
+      method: "POST",
+      headers: {
+        Authorization: `Bearer ${await getToken(this.creds)}`,
+        "Content-Type": "application/json",
+      },
+      body: JSON.stringify({ type: "card_json", data: JSON.stringify(cardJson) }),
+    });
+    const createData = (await createRes.json()) as {
+      code: number;
+      msg: string;
+      data?: { card_id: string };
+    };
+    if (createData.code !== 0 || !createData.data?.card_id) {
+      throw new Error(`Create card failed: ${createData.msg}`);
+    }
+    const cardId = createData.data.card_id;
+    // Send card message
+    const sendRes = await this.client.im.message.create({
+      params: { receive_id_type: receiveIdType },
+      data: {
+        receive_id: receiveId,
+        msg_type: "interactive",
+        content: JSON.stringify({ type: "card", data: { card_id: cardId } }),
+      },
+    });
+    if (sendRes.code !== 0 || !sendRes.data?.message_id) {
+      throw new Error(`Send card failed: ${sendRes.msg}`);
+    }
+    this.state = { cardId, messageId: sendRes.data.message_id, sequence: 1, currentText: "" };
+    this.log?.(`Started streaming: cardId=${cardId}, messageId=${sendRes.data.message_id}`);
+  }
+  async update(text: string): Promise<void> {
+    if (!this.state || this.closed) {
+      return;
+    }
+    // Throttle: skip if updated recently, but remember pending text
+    const now = Date.now();
+    if (now - this.lastUpdateTime < this.updateThrottleMs) {
+      this.pendingText = text;
+      return;
+    }
+    this.pendingText = null;
+    this.lastUpdateTime = now;
+    this.queue = this.queue.then(async () => {
+      if (!this.state || this.closed) {
+        return;
+      }
+      this.state.currentText = text;
+      this.state.sequence += 1;
+      const apiBase = resolveApiBase(this.creds.domain);
+      await fetch(`${apiBase}/cardkit/v1/cards/${this.state.cardId}/elements/content/content`, {
+        method: "PUT",
+        headers: {
+          Authorization: `Bearer ${await getToken(this.creds)}`,
+          "Content-Type": "application/json",
+        },
+        body: JSON.stringify({
+          content: text,
+          sequence: this.state.sequence,
+          uuid: `s_${this.state.cardId}_${this.state.sequence}`,
+        }),
+      }).catch((e) => this.log?.(`Update failed: ${String(e)}`));
+    });
+    await this.queue;
+  }
+  async close(finalText?: string): Promise<void> {
+    if (!this.state || this.closed) {
+      return;
+    }
+    this.closed = true;
+    await this.queue;
+    // Use finalText, or pending throttled text, or current text
+    const text = finalText ?? this.pendingText ?? this.state.currentText;
+    const apiBase = resolveApiBase(this.creds.domain);
+    // Only send final update if content differs from what's already displayed
+    if (text && text !== this.state.currentText) {
+      this.state.sequence += 1;
+      await fetch(`${apiBase}/cardkit/v1/cards/${this.state.cardId}/elements/content/content`, {
+        method: "PUT",
+        headers: {
+          Authorization: `Bearer ${await getToken(this.creds)}`,
+          "Content-Type": "application/json",
+        },
+        body: JSON.stringify({
+          content: text,
+          sequence: this.state.sequence,
+          uuid: `s_${this.state.cardId}_${this.state.sequence}`,
+        }),
+      }).catch(() => {});
+      this.state.currentText = text;
+    }
+    // Close streaming mode
+    this.state.sequence += 1;
+    await fetch(`${apiBase}/cardkit/v1/cards/${this.state.cardId}/settings`, {
+      method: "PATCH",
+      headers: {
+        Authorization: `Bearer ${await getToken(this.creds)}`,
+        "Content-Type": "application/json; charset=utf-8",
+      },
+      body: JSON.stringify({
+        settings: JSON.stringify({
+          config: { streaming_mode: false, summary: { content: truncateSummary(text) } },
+        }),
+        sequence: this.state.sequence,
+        uuid: `c_${this.state.cardId}_${this.state.sequence}`,
+      }),
+    }).catch((e) => this.log?.(`Close failed: ${String(e)}`));
+    this.log?.(`Closed streaming: cardId=${this.state.cardId}`);
+  }
+  isActive(): boolean {
+    return this.state !== null && !this.closed;
+  }
+}

package/extensions/feishu/src/targets.test.ts ADDED Viewed

@@ -0,0 +1,16 @@
+import { describe, expect, it } from "vitest";
+import { resolveReceiveIdType } from "./targets.js";
+describe("resolveReceiveIdType", () => {
+  it("resolves chat IDs by oc_ prefix", () => {
+    expect(resolveReceiveIdType("oc_123")).toBe("chat_id");
+  });
+  it("resolves open IDs by ou_ prefix", () => {
+    expect(resolveReceiveIdType("ou_123")).toBe("open_id");
+  });
+  it("defaults unprefixed IDs to user_id", () => {
+    expect(resolveReceiveIdType("u_123")).toBe("user_id");
+  });
+});

package/extensions/feishu/src/targets.ts CHANGED Viewed

@@ -57,7 +57,7 @@ export function resolveReceiveIdType(id: string): "chat_id" | "open_id" | "user_
   if (trimmed.startsWith(OPEN_ID_PREFIX)) {
     return "open_id";
   }
-  return "open_id";
+  return "user_id";
 }
 export function looksLikeFeishuId(raw: string): boolean {

package/extensions/irc/src/client.ts CHANGED Viewed

@@ -399,7 +399,7 @@ export async function connectIrcClient(options: IrcClientOptions): Promise<IrcCl
     }
   });
-  socket.once("error", (err) => {
+  socket.once("error", (err: unknown) => {
     fail(err);
   });

package/extensions/minimax-portal-auth/index.ts CHANGED Viewed

@@ -8,7 +8,7 @@ import { loginMiniMaxPortalOAuth, type MiniMaxRegion } from "./oauth.js";
 const PROVIDER_ID = "minimax-portal";
 const PROVIDER_LABEL = "MiniMax";
-const DEFAULT_MODEL = "MiniMax-M2.1";
+const DEFAULT_MODEL = "MiniMax-M2.5";
 const DEFAULT_BASE_URL_CN = "https://api.minimaxi.com/anthropic";
 const DEFAULT_BASE_URL_GLOBAL = "https://api.minimax.io/anthropic";
 const DEFAULT_CONTEXT_WINDOW = 200000;
@@ -27,11 +27,12 @@ function buildModelDefinition(params: {
   id: string;
   name: string;
   input: Array<"text" | "image">;
+  reasoning?: boolean;
 }) {
   return {
     id: params.id,
     name: params.name,
-    reasoning: false,
+    reasoning: params.reasoning ?? false,
     input: params.input,
     cost: { input: 0, output: 0, cacheRead: 0, cacheWrite: 0 },
     contextWindow: DEFAULT_CONTEXT_WINDOW,
@@ -89,9 +90,10 @@ function createOAuthHandler(region: MiniMaxRegion) {
                     input: ["text"],
                   }),
                   buildModelDefinition({
-                    id: "MiniMax-M2.1-lightning",
-                    name: "MiniMax M2.1 Lightning",
+                    id: "MiniMax-M2.5",
+                    name: "MiniMax M2.5",
                     input: ["text"],
+                    reasoning: true,
                   }),
                 ],
               },
@@ -101,7 +103,7 @@ function createOAuthHandler(region: MiniMaxRegion) {
             defaults: {
               models: {
                 [modelRef("MiniMax-M2.1")]: { alias: "minimax-m2.1" },
-                [modelRef("MiniMax-M2.1-lightning")]: { alias: "minimax-m2.1-lightning" },
+                [modelRef("MiniMax-M2.5")]: { alias: "minimax-m2.5" },
               },
             },
           },

package/extensions/nostr/package.json CHANGED Viewed

@@ -4,7 +4,7 @@
   "description": "OpenClaw Nostr channel plugin for NIP-04 encrypted DMs",
   "type": "module",
   "dependencies": {
-    "nostr-tools": "^2.23.0",
+    "nostr-tools": "^2.23.1",
     "zod": "^4.3.6"
   },
   "devDependencies": {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "activeclaw",
-  "version": "2026.2.12",
+  "version": "2026.2.13",
   "description": "Multi-channel AI gateway with extensible messaging integrations",
   "keywords": [],
   "license": "MIT",
@@ -110,19 +110,19 @@
   },
   "dependencies": {
     "@agentclientprotocol/sdk": "0.14.1",
-    "@aws-sdk/client-bedrock": "^3.988.0",
+    "@aws-sdk/client-bedrock": "^3.989.0",
     "@buape/carbon": "0.14.0",
-    "@clack/prompts": "^1.0.0",
+    "@clack/prompts": "^1.0.1",
     "@grammyjs/runner": "^2.0.3",
     "@grammyjs/transformer-throttler": "^1.2.1",
     "@homebridge/ciao": "^1.3.5",
-    "@larksuiteoapi/node-sdk": "^1.58.0",
+    "@larksuiteoapi/node-sdk": "^1.59.0",
     "@line/bot-sdk": "^10.6.0",
     "@lydell/node-pty": "1.2.0-beta.3",
-    "@mariozechner/pi-agent-core": "0.52.9",
-    "@mariozechner/pi-ai": "0.52.9",
-    "@mariozechner/pi-coding-agent": "0.52.9",
-    "@mariozechner/pi-tui": "0.52.9",
+    "@mariozechner/pi-agent-core": "0.52.10",
+    "@mariozechner/pi-ai": "0.52.10",
+    "@mariozechner/pi-coding-agent": "0.52.10",
+    "@mariozechner/pi-tui": "0.52.10",
     "@mozilla/readability": "^0.6.0",
     "@sinclair/typebox": "0.34.48",
     "@slack/bolt": "^4.6.0",
@@ -135,7 +135,7 @@
     "commander": "^14.0.3",
     "croner": "^10.0.1",
     "discord-api-types": "^0.38.38",
-    "dotenv": "^17.2.4",
+    "dotenv": "^17.3.1",
     "express": "^5.2.1",
     "file-type": "^21.3.0",
     "grammy": "^1.40.0",
@@ -171,13 +171,13 @@
     "@types/proper-lockfile": "^4.1.4",
     "@types/qrcode-terminal": "^0.12.2",
     "@types/ws": "^8.18.1",
-    "@typescript/native-preview": "7.0.0-dev.20260211.1",
+    "@typescript/native-preview": "7.0.0-dev.20260212.1",
     "@vitest/coverage-v8": "^4.0.18",
     "lit": "^3.3.2",
     "ollama": "^0.6.3",
-    "oxfmt": "0.31.0",
-    "oxlint": "^1.46.0",
-    "oxlint-tsgolint": "^0.12.0",
+    "oxfmt": "0.32.0",
+    "oxlint": "^1.47.0",
+    "oxlint-tsgolint": "^0.12.1",
     "rolldown": "1.0.0-rc.4",
     "tsdown": "^0.20.3",
     "tsx": "^4.21.0",

package/dist/auth-BcNHFK-i.js DELETED Viewed

@@ -1,184 +0,0 @@
-import { i as isTrustedProxyAddress, l as resolveGatewayClientIp, n as isLoopbackAddress, o as parseForwardedForClientIp } from "./ws-C0k_dhCP.js";
-import { c as readTailscaleWhoisIdentity } from "./tailscale-DU6DgqVy.js";
-import { timingSafeEqual } from "node:crypto";
-//#region src/gateway/auth.ts
-function safeEqual(a, b) {
-	if (a.length !== b.length) return false;
-	return timingSafeEqual(Buffer.from(a), Buffer.from(b));
-}
-function normalizeLogin(login) {
-	return login.trim().toLowerCase();
-}
-function getHostName(hostHeader) {
-	const host = (hostHeader ?? "").trim().toLowerCase();
-	if (!host) return "";
-	if (host.startsWith("[")) {
-		const end = host.indexOf("]");
-		if (end !== -1) return host.slice(1, end);
-	}
-	const [name] = host.split(":");
-	return name ?? "";
-}
-function headerValue(value) {
-	return Array.isArray(value) ? value[0] : value;
-}
-function resolveTailscaleClientIp(req) {
-	if (!req) return;
-	const forwardedFor = headerValue(req.headers?.["x-forwarded-for"]);
-	return forwardedFor ? parseForwardedForClientIp(forwardedFor) : void 0;
-}
-function resolveRequestClientIp(req, trustedProxies) {
-	if (!req) return;
-	return resolveGatewayClientIp({
-		remoteAddr: req.socket?.remoteAddress ?? "",
-		forwardedFor: headerValue(req.headers?.["x-forwarded-for"]),
-		realIp: headerValue(req.headers?.["x-real-ip"]),
-		trustedProxies
-	});
-}
-function isLocalDirectRequest(req, trustedProxies) {
-	if (!req) return false;
-	if (!isLoopbackAddress(resolveRequestClientIp(req, trustedProxies) ?? "")) return false;
-	const host = getHostName(req.headers?.host);
-	const hostIsLocal = host === "localhost" || host === "127.0.0.1" || host === "::1";
-	const hostIsTailscaleServe = host.endsWith(".ts.net");
-	const hasForwarded = Boolean(req.headers?.["x-forwarded-for"] || req.headers?.["x-real-ip"] || req.headers?.["x-forwarded-host"]);
-	const remoteIsTrustedProxy = isTrustedProxyAddress(req.socket?.remoteAddress, trustedProxies);
-	return (hostIsLocal || hostIsTailscaleServe) && (!hasForwarded || remoteIsTrustedProxy);
-}
-function getTailscaleUser(req) {
-	if (!req) return null;
-	const login = req.headers["tailscale-user-login"];
-	if (typeof login !== "string" || !login.trim()) return null;
-	const nameRaw = req.headers["tailscale-user-name"];
-	const profilePic = req.headers["tailscale-user-profile-pic"];
-	const name = typeof nameRaw === "string" && nameRaw.trim() ? nameRaw.trim() : login.trim();
-	return {
-		login: login.trim(),
-		name,
-		profilePic: typeof profilePic === "string" && profilePic.trim() ? profilePic.trim() : void 0
-	};
-}
-function hasTailscaleProxyHeaders(req) {
-	if (!req) return false;
-	return Boolean(req.headers["x-forwarded-for"] && req.headers["x-forwarded-proto"] && req.headers["x-forwarded-host"]);
-}
-function isTailscaleProxyRequest(req) {
-	if (!req) return false;
-	return isLoopbackAddress(req.socket?.remoteAddress) && hasTailscaleProxyHeaders(req);
-}
-async function resolveVerifiedTailscaleUser(params) {
-	const { req, tailscaleWhois } = params;
-	const tailscaleUser = getTailscaleUser(req);
-	if (!tailscaleUser) return {
-		ok: false,
-		reason: "tailscale_user_missing"
-	};
-	if (!isTailscaleProxyRequest(req)) return {
-		ok: false,
-		reason: "tailscale_proxy_missing"
-	};
-	const clientIp = resolveTailscaleClientIp(req);
-	if (!clientIp) return {
-		ok: false,
-		reason: "tailscale_whois_failed"
-	};
-	const whois = await tailscaleWhois(clientIp);
-	if (!whois?.login) return {
-		ok: false,
-		reason: "tailscale_whois_failed"
-	};
-	if (normalizeLogin(whois.login) !== normalizeLogin(tailscaleUser.login)) return {
-		ok: false,
-		reason: "tailscale_user_mismatch"
-	};
-	return {
-		ok: true,
-		user: {
-			login: whois.login,
-			name: whois.name ?? tailscaleUser.name,
-			profilePic: tailscaleUser.profilePic
-		}
-	};
-}
-function resolveGatewayAuth(params) {
-	const authConfig = params.authConfig ?? {};
-	const env = params.env ?? process.env;
-	const token = authConfig.token ?? env.OPENCLAW_GATEWAY_TOKEN ?? env.CLAWDBOT_GATEWAY_TOKEN ?? void 0;
-	const password = authConfig.password ?? env.OPENCLAW_GATEWAY_PASSWORD ?? env.CLAWDBOT_GATEWAY_PASSWORD ?? void 0;
-	const mode = authConfig.mode ?? (password ? "password" : "token");
-	return {
-		mode,
-		token,
-		password,
-		allowTailscale: authConfig.allowTailscale ?? (params.tailscaleMode === "serve" && mode !== "password")
-	};
-}
-function assertGatewayAuthConfigured(auth) {
-	if (auth.mode === "token" && !auth.token) {
-		if (auth.allowTailscale) return;
-		throw new Error("gateway auth mode is token, but no token was configured (set gateway.auth.token or OPENCLAW_GATEWAY_TOKEN)");
-	}
-	if (auth.mode === "password" && !auth.password) throw new Error("gateway auth mode is password, but no password was configured");
-}
-async function authorizeGatewayConnect(params) {
-	const { auth, connectAuth, req, trustedProxies } = params;
-	const tailscaleWhois = params.tailscaleWhois ?? readTailscaleWhoisIdentity;
-	const localDirect = isLocalDirectRequest(req, trustedProxies);
-	if (auth.allowTailscale && !localDirect) {
-		const tailscaleCheck = await resolveVerifiedTailscaleUser({
-			req,
-			tailscaleWhois
-		});
-		if (tailscaleCheck.ok) return {
-			ok: true,
-			method: "tailscale",
-			user: tailscaleCheck.user.login
-		};
-	}
-	if (auth.mode === "token") {
-		if (!auth.token) return {
-			ok: false,
-			reason: "token_missing_config"
-		};
-		if (!connectAuth?.token) return {
-			ok: false,
-			reason: "token_missing"
-		};
-		if (!safeEqual(connectAuth.token, auth.token)) return {
-			ok: false,
-			reason: "token_mismatch"
-		};
-		return {
-			ok: true,
-			method: "token"
-		};
-	}
-	if (auth.mode === "password") {
-		const password = connectAuth?.password;
-		if (!auth.password) return {
-			ok: false,
-			reason: "password_missing_config"
-		};
-		if (!password) return {
-			ok: false,
-			reason: "password_missing"
-		};
-		if (!safeEqual(password, auth.password)) return {
-			ok: false,
-			reason: "password_mismatch"
-		};
-		return {
-			ok: true,
-			method: "password"
-		};
-	}
-	return {
-		ok: false,
-		reason: "unauthorized"
-	};
-}
-//#endregion
-export { resolveGatewayAuth as i, authorizeGatewayConnect as n, isLocalDirectRequest as r, assertGatewayAuthConfigured as t };