alvin-bot 4.15.2 → 4.16.0

package/dist/services/cdp-bootstrap.js

@@ -0,0 +1,351 @@
+/**
+ * CDP Bootstrap — spawns Chromium with remote-debugging-port=9222 independently.
+ *
+ * Avoids two problems that plague naive CDP setups:
+ *
+ * 1. **LaunchServices hijack** — invoking /Applications/Google Chrome.app while
+ *    the user's Chrome is running silently redirects the call to the existing
+ *    instance without applying --remote-debugging-port. Log symptom:
+ *    "Wird in einer aktuellen Browsersitzung geöffnet." We avoid it by
+ *    preferring Playwright's "Google Chrome for Testing" binary, which has a
+ *    distinct bundle ID.
+ *
+ * 2. **Stale PID files** — a crashed Chromium leaves chrome-cdp.pid pointing at
+ *    a dead process; subsequent starts conclude "already running" and fail
+ *    silently. We verify liveness via both `ps` and a CDP /json/version probe.
+ *
+ * The module is idempotent: `ensureRunning()` is safe to call repeatedly; if
+ * CDP is already healthy it returns immediately.
+ */
+import { spawn } from "child_process";
+import fs from "fs";
+import path from "path";
+import os from "os";
+import http from "http";
+import { CDP_PROFILE_DIR, CDP_SCREENSHOTS_DIR, CDP_PID_FILE, CDP_LOG_FILE, } from "../paths.js";
+const CDP_PORT = 9222;
+const CDP_VERSION_URL = `http://127.0.0.1:${CDP_PORT}/json/version`;
+const START_TIMEOUT_MS = 15_000;
+// ── Binary resolution ───────────────────────────────────────────────
+/**
+ * Find Playwright's bundled Chromium. Prefers "Google Chrome for Testing"
+ * (distinct macOS bundle ID — no LaunchServices conflict with user Chrome),
+ * falls back to plain Chromium for older Playwright installs.
+ *
+ * Returns null if no bundled Chromium is present — callers should then fall
+ * back to a user-supplied binary or error out with guidance.
+ */
+export function findPlaywrightChromium() {
+    const pwRoot = path.join(os.homedir(), "Library", "Caches", "ms-playwright");
+    if (!fs.existsSync(pwRoot)) {
+        // Linux cache path
+        const linuxPwRoot = path.join(os.homedir(), ".cache", "ms-playwright");
+        if (fs.existsSync(linuxPwRoot))
+            return resolveFromPwRoot(linuxPwRoot);
+        return null;
+    }
+    return resolveFromPwRoot(pwRoot);
+}
+function resolveFromPwRoot(pwRoot) {
+    let dirs;
+    try {
+        dirs = fs.readdirSync(pwRoot).filter((d) => /^chromium-\d+$/.test(d));
+    }
+    catch {
+        return null;
+    }
+    if (dirs.length === 0)
+        return null;
+    // Latest version by numeric suffix
+    dirs.sort((a, b) => {
+        const na = parseInt(a.replace("chromium-", ""), 10);
+        const nb = parseInt(b.replace("chromium-", ""), 10);
+        return nb - na;
+    });
+    // Platform-dependent layout; try all known variants
+    const candidates = [];
+    for (const dir of dirs) {
+        const root = path.join(pwRoot, dir);
+        for (const arch of ["chrome-mac-arm64", "chrome-mac", "chrome-linux", "chrome-win"]) {
+            for (const app of [
+                // macOS app bundles
+                "Google Chrome for Testing.app/Contents/MacOS/Google Chrome for Testing",
+                "Chromium.app/Contents/MacOS/Chromium",
+                // Linux / Windows raw binaries
+                "chrome",
+                "chrome.exe",
+            ]) {
+                candidates.push(path.join(root, arch, app));
+            }
+        }
+    }
+    for (const c of candidates) {
+        try {
+            const st = fs.statSync(c);
+            if (st.isFile())
+                return c;
+        }
+        catch {
+            // not present, keep searching
+        }
+    }
+    return null;
+}
+/**
+ * Resolve the browser binary in preference order:
+ *   1. Playwright's Chromium (no conflict with user Chrome, preferred)
+ *   2. Existing user browser (may trigger LaunchServices hijack — last resort)
+ */
+export function resolveBrowserBinary() {
+    const pw = findPlaywrightChromium();
+    if (pw)
+        return { path: pw, origin: "playwright" };
+    // System Chrome fallback (macOS path). On Linux/Windows we return null and
+    // let callers surface a clear error.
+    const sysChrome = "/Applications/Google Chrome.app/Contents/MacOS/Google Chrome";
+    if (fs.existsSync(sysChrome))
+        return { path: sysChrome, origin: "system" };
+    return null;
+}
+// ── Liveness probes ─────────────────────────────────────────────────
+function pidAlive(pid) {
+    try {
+        // signal 0 tests existence without actually signaling
+        process.kill(pid, 0);
+        return true;
+    }
+    catch {
+        return false;
+    }
+}
+function readPidFile() {
+    try {
+        const raw = fs.readFileSync(CDP_PID_FILE, "utf8").trim();
+        const pid = parseInt(raw, 10);
+        return Number.isFinite(pid) ? pid : null;
+    }
+    catch {
+        return null;
+    }
+}
+async function cdpReachable(timeoutMs = 2000) {
+    return new Promise((resolve) => {
+        const req = http.get(CDP_VERSION_URL, (res) => {
+            res.resume(); // drain
+            resolve(res.statusCode === 200);
+        });
+        req.on("error", () => resolve(false));
+        req.setTimeout(timeoutMs, () => {
+            req.destroy();
+            resolve(false);
+        });
+    });
+}
+// ── Process control ─────────────────────────────────────────────────
+let bootstrapLock = null;
+/**
+ * Ensure CDP is running on port 9222. Idempotent and safe to call from
+ * multiple concurrent code paths — only one spawn happens at a time.
+ */
+export async function ensureRunning(opts = {}) {
+    const mode = opts.mode || "headless";
+    // Already running? Verify both ends (process + endpoint).
+    if (await cdpReachable()) {
+        return { running: true, pid: readPidFile() || undefined, endpoint: CDP_VERSION_URL };
+    }
+    // Serialize concurrent bootstrap attempts
+    if (bootstrapLock) {
+        await bootstrapLock;
+        if (await cdpReachable()) {
+            return { running: true, pid: readPidFile() || undefined, endpoint: CDP_VERSION_URL };
+        }
+    }
+    bootstrapLock = (async () => {
+        // Stale PID cleanup — a PID file pointing at a dead process blocks nothing
+        // but is confusing. Remove it before spawning.
+        const stalePid = readPidFile();
+        if (stalePid && !pidAlive(stalePid)) {
+            try {
+                fs.unlinkSync(CDP_PID_FILE);
+            }
+            catch { }
+        }
+        const binary = resolveBrowserBinary();
+        if (!binary) {
+            throw new Error("No Chromium binary found. Install Playwright's Chromium: " +
+                "cd ~/.alvin-bot && npx playwright install chromium");
+        }
+        // Ensure data dirs exist
+        for (const dir of [CDP_PROFILE_DIR, CDP_SCREENSHOTS_DIR, path.dirname(CDP_PID_FILE)]) {
+            fs.mkdirSync(dir, { recursive: true });
+        }
+        const args = [
+            `--remote-debugging-port=${CDP_PORT}`,
+            `--user-data-dir=${CDP_PROFILE_DIR}`,
+            "--no-first-run",
+            "--no-default-browser-check",
+            "--disable-features=ChromeWhatsNewUI,PrivacySandboxSettings4",
+        ];
+        if (mode === "headless") {
+            args.push("--headless=new", "--disable-gpu");
+        }
+        args.push("about:blank");
+        const logStream = fs.openSync(CDP_LOG_FILE, "w");
+        const child = spawn(binary.path, args, {
+            stdio: ["ignore", logStream, logStream],
+            detached: true,
+        });
+        child.unref();
+        if (!child.pid) {
+            throw new Error("Failed to spawn Chromium (no PID)");
+        }
+        fs.writeFileSync(CDP_PID_FILE, String(child.pid));
+        // Wait until CDP answers
+        const deadline = Date.now() + START_TIMEOUT_MS;
+        while (Date.now() < deadline) {
+            if (await cdpReachable())
+                return;
+            await new Promise((r) => setTimeout(r, 300));
+        }
+        // Did not come up — kill and surface a useful error
+        try {
+            process.kill(child.pid);
+        }
+        catch { }
+        try {
+            fs.unlinkSync(CDP_PID_FILE);
+        }
+        catch { }
+        const tail = readLogTail(20);
+        throw new Error(`CDP did not come up within ${START_TIMEOUT_MS}ms using ${binary.path}\n` +
+            `Log tail:\n${tail}`);
+    })();
+    try {
+        await bootstrapLock;
+    }
+    finally {
+        bootstrapLock = null;
+    }
+    return {
+        running: true,
+        pid: readPidFile() || undefined,
+        binary: resolveBrowserBinary()?.path,
+        endpoint: CDP_VERSION_URL,
+    };
+}
+/**
+ * Stop the bot-managed Chromium. Does NOT touch the user's own Chrome.
+ */
+export async function stop() {
+    const pid = readPidFile();
+    if (pid && pidAlive(pid)) {
+        try {
+            process.kill(pid, "SIGTERM");
+        }
+        catch { }
+        // Give it a second to close gracefully, then force-kill
+        await new Promise((r) => setTimeout(r, 1000));
+        if (pidAlive(pid)) {
+            try {
+                process.kill(pid, "SIGKILL");
+            }
+            catch { }
+        }
+    }
+    try {
+        fs.unlinkSync(CDP_PID_FILE);
+    }
+    catch { }
+}
+/**
+ * Report current status without starting anything.
+ */
+export async function status() {
+    const pid = readPidFile();
+    const endpoint = CDP_VERSION_URL;
+    const binary = resolveBrowserBinary()?.path;
+    if (pid && pidAlive(pid) && (await cdpReachable())) {
+        return { running: true, pid, binary, endpoint };
+    }
+    if (pid && !pidAlive(pid)) {
+        return { running: false, endpoint, reason: `stale PID ${pid} — process not running` };
+    }
+    if (pid && !(await cdpReachable())) {
+        return { running: false, pid, endpoint, reason: "PID alive but CDP endpoint unreachable" };
+    }
+    return { running: false, endpoint, reason: "not started" };
+}
+function readLogTail(lines) {
+    try {
+        const content = fs.readFileSync(CDP_LOG_FILE, "utf8");
+        return content.split("\n").slice(-lines).join("\n");
+    }
+    catch {
+        return "(no log file)";
+    }
+}
+export async function doctor() {
+    const checks = [];
+    // 1. Binary
+    const binary = resolveBrowserBinary();
+    if (binary) {
+        checks.push({
+            name: "Binary",
+            ok: true,
+            detail: binary.origin === "playwright"
+                ? `Playwright Chromium — ${binary.path}`
+                : `System Chrome (fallback — risk of LaunchServices conflict) — ${binary.path}`,
+        });
+    }
+    else {
+        checks.push({
+            name: "Binary",
+            ok: false,
+            detail: "No Chromium found. Run: npx playwright install chromium",
+        });
+    }
+    // 2. Port / endpoint
+    const reachable = await cdpReachable();
+    checks.push({
+        name: "CDP endpoint",
+        ok: reachable,
+        detail: reachable ? `${CDP_VERSION_URL} reachable` : `${CDP_VERSION_URL} not reachable`,
+    });
+    // 3. PID file
+    const pid = readPidFile();
+    if (pid === null) {
+        checks.push({ name: "PID file", ok: true, detail: "none (OK if CDP not running)" });
+    }
+    else if (pidAlive(pid)) {
+        checks.push({ name: "PID file", ok: true, detail: `PID ${pid} alive` });
+    }
+    else {
+        checks.push({ name: "PID file", ok: false, detail: `stale PID ${pid} — delete ${CDP_PID_FILE}` });
+    }
+    // 4. Profile lock (only relevant on macOS / Linux)
+    const lockPath = path.join(CDP_PROFILE_DIR, "SingletonLock");
+    if (fs.existsSync(lockPath)) {
+        // Chromium creates SingletonLock while running; only flag if there's no
+        // live process associated with it.
+        const livePid = pid && pidAlive(pid);
+        checks.push({
+            name: "Profile lock",
+            ok: !!livePid,
+            detail: livePid
+                ? "held by live process (OK)"
+                : `stale lock — delete ${lockPath}`,
+        });
+    }
+    else {
+        checks.push({ name: "Profile lock", ok: true, detail: "clean" });
+    }
+    // 5. Log tail
+    if (fs.existsSync(CDP_LOG_FILE)) {
+        checks.push({
+            name: "Recent log",
+            ok: true,
+            detail: `last lines (${CDP_LOG_FILE}):\n${readLogTail(5)}`,
+        });
+    }
+    return { ok: checks.every((c) => c.ok), checks };
+}

package/dist/services/memory-layers.js

@@ -77,7 +77,7 @@ function matchProjectsToQuery(projects, query) {
         }
         // Also check the first 200 chars of project content — this catches cases
         // where the user mentions a project's headline term that isn't the
-        // filename (e.g., "VPS" matching alev-b.md which mentions "VPS:" upfront).
+        // filename (e.g., "VPS" matching my-project.md which mentions "VPS:" upfront).
         const head = p.content.slice(0, 200).toLowerCase();
         const headWords = head.split(/[\s\W]+/).filter(w => w.length >= 4);
         if (headWords.some(w => q.includes(w))) {

package/dist/services/personality.js

@@ -129,7 +129,7 @@ you explicitly need the sub-agent's result IN THIS SAME TURN (rare).
 
 **After launching a background agent (either tool), you MUST:**
 1. Tell the user in ONE short sentence what you kicked off.
-   Example: "Starting SEO audit for gethomes.io in the background —
+   Example: "Starting SEO audit for example.com in the background —
    I'll send the report when it's done."
 2. End your turn IMMEDIATELY. Do not continue working. Do not wait.
 3. The bot will deliver the result as a separate message when ready.

package/dist/services/session.js

@@ -144,7 +144,7 @@ export function trackProviderUsage(key, providerKey, cost, inputTokens, outputTo
         session.totalOutputTokens += outputTokens;
     persist();
     // Soft budget warnings — these NEVER block the bot. They exist purely
-    // as log signals so the operator (Ali) can notice unusually expensive
+    // as log signals so the operator can notice unusually expensive
     // sessions. Each threshold fires at most once per session (reset on /new).
     const budget = config.maxBudgetUsd;
     if (budget > 0) {

package/dist/services/skills.js

@@ -228,13 +228,10 @@ export function matchSkills(userMessage, maxResults = 2) {
         .map(s => s.skill);
 }
 // ── Skill-Asset Mapping ────────────────────────────────
-/** Default mapping for skills that don't declare assetCategories in frontmatter. */
-const SKILL_ASSET_MAP = {
-    "job-apply": ["cover-letters", "cv-templates", "photos"],
-    "cv-update": ["cv-templates", "photos"],
-    "cover-letter": ["cover-letters", "cv-templates"],
-    "formal-letter": ["legal", "cv-templates"],
-};
+/** Default mapping for skills that don't declare assetCategories in frontmatter.
+ *  Skills can override this by declaring `assetCategories:` in their SKILL.md
+ *  frontmatter. This map is only the fallback. */
+const SKILL_ASSET_MAP = {};
 /**
  * Find assets relevant to a skill.
  * Uses frontmatter assetCategories if declared, otherwise falls back to static map.

package/dist/services/workspaces.js

@@ -13,13 +13,13 @@
  * Example:
  *
  *   ---
- *   purpose: Alev-B consulting website dev
- *   cwd: ~/Projects/alev-b-website
+ *   purpose: my-project website dev
+ *   cwd: ~/Projects/my-project
  *   emoji: "🏢"
  *   color: "#6366f1"
- *   channels: ["C01ALEVABC"]
+ *   channels: ["C01EXAMPLE"]
  *   ---
- *   You are the Alev-B dev assistant. Stack: React + Express + Drizzle + MySQL.
+ *   You are the my-project dev assistant. Stack: React + Express + Drizzle + MySQL.
  *   Prefer concise, directly actionable answers about deployment...
  *
  * If no workspaces are configured or no match is found, a built-in "default"

package/docs/security.md

@@ -127,7 +127,7 @@ By default sub-agents inherit the full tool set of the parent. v4.12.2 adds two
 - **`research`** — `readonly` + `WebSearch`, `WebFetch`. Good for research tasks that need the web but shouldn't touch local files.
 - **`full`** (default) — all tools.
 
-You cannot (yet) set this from the Telegram `/agent` command — it's only available to plugin code and to Ali's own customizations. A future release (Phase 18) will expose it through the UI.
+You cannot (yet) set this from the Telegram `/agent` command — it's only available to plugin code and to maintainer customizations. A future release (Phase 18) will expose it through the UI.
 
 ### 5. Network hardening
 
@@ -203,10 +203,10 @@ See the README Roadmap → Phase 18 for the full list.
 
 ## Reporting security issues
 
-If you find a security vulnerability in Alvin Bot, **please do not open a public GitHub issue**. Email the maintainer directly:
+If you find a security vulnerability in Alvin Bot, **please do not open a public GitHub issue**. Report it privately via GitHub Security Advisories:
 
-- **Email:** levin_ali@icloud.com
-- **Subject:** `[SECURITY] alvin-bot — <short description>`
+- **Advisory form:** https://github.com/alvbln/Alvin-Bot/security/advisories/new
+- **Subject line:** `[SECURITY] alvin-bot — <short description>`
 
 Include:
 - Affected version (e.g. `alvin-bot@4.12.1`)

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "alvin-bot",
-  "version": "4.15.2",
+  "version": "4.16.0",
   "description": "Alvin Bot \u2014 Your personal AI agent on Telegram, WhatsApp, Discord, Signal, and Web.",
   "type": "module",
   "main": "dist/index.js",