arisa 2.3.55 → 3.0.1

package/src/shared/paths.ts

@@ -1,90 +0,0 @@
-/**
- * @module shared/paths
- * @role Resolve project and runtime data directories with migration-safe defaults.
- * @responsibilities
- *   - Resolve project directory (supports ARISA_PROJECT_DIR override)
- *   - Resolve runtime data directory (prefers ~/.arisa by default)
- *   - Migrate legacy project-local dirs (.tinyclaw/.arisa) into ~/.arisa
- *   - Support ARISA_DATA_DIR override for advanced deployments
- */
-
-import { cpSync, existsSync, mkdirSync, readdirSync, renameSync, rmSync } from "fs";
-import { homedir } from "os";
-import { isAbsolute, join, resolve } from "path";
-
-const DEFAULT_PROJECT_DIR = join(import.meta.dir, "..", "..");
-const PROJECT_DIR = process.env.ARISA_PROJECT_DIR
-  ? resolve(process.env.ARISA_PROJECT_DIR)
-  : DEFAULT_PROJECT_DIR;
-
-const HOME_DATA_DIR = join(homedir(), ".arisa");
-const PROJECT_ARISA_DIR = join(PROJECT_DIR, ".arisa");
-const LEGACY_DATA_DIR = join(PROJECT_DIR, ".tinyclaw");
-
-function samePath(a: string, b: string): boolean {
-  return resolve(a) === resolve(b);
-}
-
-function hasFiles(dir: string): boolean {
-  try {
-    return existsSync(dir) && readdirSync(dir).length > 0;
-  } catch {
-    return false;
-  }
-}
-
-function moveOrMerge(sourceDir: string, targetDir: string): void {
-  if (!existsSync(sourceDir) || samePath(sourceDir, targetDir)) return;
-
-  try {
-    if (!existsSync(targetDir)) {
-      mkdirSync(resolve(targetDir, ".."), { recursive: true });
-      renameSync(sourceDir, targetDir);
-      return;
-    }
-
-    // Merge source into target and drop source afterward.
-    cpSync(sourceDir, targetDir, { recursive: true, force: false, errorOnExist: false });
-    rmSync(sourceDir, { recursive: true, force: true });
-  } catch {
-    // Do not crash startup if migration has a filesystem issue.
-  }
-}
-
-function resolveOverrideDataDir(): string | null {
-  const override = process.env.ARISA_DATA_DIR?.trim();
-  if (!override) return null;
-  return isAbsolute(override) ? override : resolve(PROJECT_DIR, override);
-}
-
-function resolveDataDir(): string {
-  const overrideDir = resolveOverrideDataDir();
-  if (overrideDir) {
-    return overrideDir;
-  }
-
-  // One-time migration from local runtime dirs to ~/.arisa.
-  if (!hasFiles(HOME_DATA_DIR)) {
-    if (hasFiles(PROJECT_ARISA_DIR)) {
-      moveOrMerge(PROJECT_ARISA_DIR, HOME_DATA_DIR);
-    } else if (hasFiles(LEGACY_DATA_DIR)) {
-      moveOrMerge(LEGACY_DATA_DIR, HOME_DATA_DIR);
-    }
-  } else {
-    // If ~/.arisa already exists, still merge any local leftovers into it.
-    if (hasFiles(PROJECT_ARISA_DIR)) moveOrMerge(PROJECT_ARISA_DIR, HOME_DATA_DIR);
-    if (hasFiles(LEGACY_DATA_DIR)) moveOrMerge(LEGACY_DATA_DIR, HOME_DATA_DIR);
-  }
-
-  if (!existsSync(HOME_DATA_DIR)) {
-    mkdirSync(HOME_DATA_DIR, { recursive: true });
-  }
-
-  return HOME_DATA_DIR;
-}
-
-export const projectDir = PROJECT_DIR;
-export const preferredDataDir = HOME_DATA_DIR;
-export const projectLocalDataDir = PROJECT_ARISA_DIR;
-export const legacyDataDir = LEGACY_DATA_DIR;
-export const dataDir = resolveDataDir();

package/src/shared/ports.ts

@@ -1,120 +0,0 @@
-/**
- * @module shared/ports
- * @role Process cleanup via PID files + /proc scan, retry-aware Bun.serve.
- * @effects Reads/writes runtime pid files, kills processes via SIGKILL
- */
-
-import { existsSync, readFileSync, readdirSync, writeFileSync, unlinkSync, mkdirSync, chmodSync } from "fs";
-import { join, dirname } from "path";
-import { dataDir } from "./paths";
-
-const ARISA_DIR = dataDir;
-
-function pidPath(name: string): string {
-  return join(ARISA_DIR, `${name}.pid`);
-}
-
-// Patterns to match in /proc cmdline for each process type
-const CMDLINE_PATTERNS: Record<string, string> = {
-  daemon: "daemon/index.ts",
-  core: "core/index.ts",
-};
-
-/**
- * Kill previous instances of a named process, then write our PID.
- * Uses PID file + /proc scan for robustness in containers.
- */
-export function claimProcess(name: string): void {
-  const myPid = process.pid;
-
-  // 1. Kill from PID file
-  const path = pidPath(name);
-  if (existsSync(path)) {
-    try {
-      const oldPid = parseInt(readFileSync(path, "utf8").trim(), 10);
-      if (oldPid && oldPid !== myPid) {
-        try { process.kill(oldPid, "SIGKILL"); } catch {}
-      }
-    } catch {}
-  }
-
-  // 2. Scan /proc for any matching processes (Linux containers)
-  const pattern = CMDLINE_PATTERNS[name];
-  if (pattern) {
-    killByPattern(pattern, myPid);
-  }
-
-  // 3. Write our PID
-  if (!existsSync(dirname(path))) mkdirSync(dirname(path), { recursive: true });
-  writeFileSync(path, String(myPid));
-
-  // 4. Brief pause to let OS release resources
-  Bun.sleepSync(200);
-}
-
-// Scan /proc cmdline and kill processes matching a pattern (Linux only).
-function killByPattern(pattern: string, excludePid: number): void {
-  try {
-    if (!existsSync("/proc")) return;
-    const dirs = readdirSync("/proc").filter((d) => /^\d+$/.test(d));
-    for (const pid of dirs) {
-      const numPid = Number(pid);
-      if (numPid === excludePid) continue;
-      try {
-        const cmdline = readFileSync(`/proc/${pid}/cmdline`, "utf8");
-        if (cmdline.includes(pattern)) {
-          process.kill(numPid, "SIGKILL");
-        }
-      } catch {}
-    }
-  } catch {}
-}
-
-/**
- * Remove our PID file on clean shutdown.
- */
-export function releaseProcess(name: string): void {
-  try { unlinkSync(pidPath(name)); } catch {}
-}
-
-/**
- * Remove a Unix socket file if it exists (stale leftover from crash).
- */
-export function cleanupSocket(socketPath: string): void {
-  try { unlinkSync(socketPath); } catch {}
-}
-
-/**
- * Bun.serve() with retry — handles both TCP ports and Unix sockets.
- * For Unix sockets, cleans up stale socket file before first attempt.
- */
-export async function serveWithRetry(
-  options: Parameters<typeof Bun.serve>[0],
-  retries = 5,
-): Promise<ReturnType<typeof Bun.serve>> {
-  const socketPath = (options as any).unix as string | undefined;
-
-  // Pre-clean stale Unix socket from a previous crash
-  if (socketPath) cleanupSocket(socketPath);
-
-  for (let i = 0; i < retries; i++) {
-    try {
-      const server = Bun.serve(options);
-      // Make Unix sockets world-accessible so Core (arisa) and Daemon (root)
-      // can connect to each other's sockets regardless of ownership.
-      if (socketPath) try { chmodSync(socketPath, 0o777); } catch {}
-      return server;
-    } catch (e: any) {
-      if (e?.code !== "EADDRINUSE" || i === retries - 1) throw e;
-      if (socketPath) {
-        console.log(`[ports] Socket ${socketPath} busy, cleaning up and retrying (${i + 1}/${retries})...`);
-        cleanupSocket(socketPath);
-      } else {
-        const port = (options as any).port ?? "?";
-        console.log(`[ports] Port ${port} busy, retrying (${i + 1}/${retries})...`);
-      }
-      await new Promise((r) => setTimeout(r, 1000));
-    }
-  }
-  throw new Error("unreachable");
-}

package/src/shared/secrets.ts

@@ -1,136 +0,0 @@
-/**
- * @module shared/secrets
- * @role Encrypted secrets storage using DeepbaseSecure
- * @responsibilities
- *   - Generate/load encryption key
- *   - Store API keys encrypted at rest
- *   - Provide type-safe getters for secrets
- * @dependencies DeepbaseSecure, crypto-js
- */
-
-import { join } from "path";
-import { existsSync, readFileSync, writeFileSync, mkdirSync, readdirSync, renameSync } from "fs";
-import CryptoJS from "crypto-js";
-import { DeepbaseSecure } from "./deepbase-secure";
-import { dataDir } from "./paths";
-
-const ARISA_DIR = dataDir;
-const ENCRYPTION_KEY_PATH = join(ARISA_DIR, ".encryption_key");
-const SECRETS_DB_PATH = join(ARISA_DIR, "db");
-
-// Ensure runtime data and db dirs exist
-mkdirSync(join(ARISA_DIR, "db"), { recursive: true });
-
-/**
- * Load or generate encryption key
- */
-function getEncryptionKey(): string {
-  if (existsSync(ENCRYPTION_KEY_PATH)) {
-    return readFileSync(ENCRYPTION_KEY_PATH, "utf8").trim();
-  }
-
-  // Generate random 256-bit key
-  const key = CryptoJS.lib.WordArray.random(256 / 8).toString(CryptoJS.enc.Hex);
-  writeFileSync(ENCRYPTION_KEY_PATH, key, { mode: 0o600 });
-  return key;
-}
-
-const encryptionKey = getEncryptionKey();
-let secretsDb = createSecretsDb();
-
-function createSecretsDb(): DeepbaseSecure {
-  return new DeepbaseSecure({
-    path: SECRETS_DB_PATH,
-    name: "secrets",
-    encryptionKey,
-  });
-}
-
-// Initialize connection
-let connectionPromise: Promise<void> | null = null;
-let recoveredOnce = false;
-
-function looksCorrupted(err: unknown): boolean {
-  const msg = err instanceof Error ? `${err.message}\n${err.stack || ""}` : String(err);
-  return /Malformed UTF-8 data|Unexpected token|JSON|decrypt|invalid/i.test(msg);
-}
-
-function backupCorruptSecretsDb(): void {
-  try {
-    const timestamp = Date.now();
-    for (const file of readdirSync(SECRETS_DB_PATH)) {
-      if (!file.startsWith("secrets")) continue;
-      const src = join(SECRETS_DB_PATH, file);
-      const dst = join(SECRETS_DB_PATH, `${file}.corrupt.${timestamp}`);
-      try {
-        renameSync(src, dst);
-      } catch {
-        // Best-effort backup; ignore per-file failures.
-      }
-    }
-  } catch {
-    // Ignore backup errors; recovery will still retry with a fresh DB handle.
-  }
-}
-
-async function ensureConnected(): Promise<void> {
-  if (!connectionPromise) {
-    connectionPromise = (async () => {
-      try {
-        await secretsDb.connect();
-      } catch (err) {
-        if (!recoveredOnce && looksCorrupted(err)) {
-          recoveredOnce = true;
-          console.warn("[secrets] Encrypted secrets DB looks corrupted; backing up and recreating it.");
-          backupCorruptSecretsDb();
-          secretsDb = createSecretsDb();
-          await secretsDb.connect();
-          return;
-        }
-        throw err;
-      }
-    })().catch((err) => {
-      connectionPromise = null;
-      throw err;
-    });
-  }
-  await connectionPromise;
-}
-
-/**
- * Get a secret by key
- */
-export async function getSecret(key: string): Promise<string | undefined> {
-  try {
-    await ensureConnected();
-    return await secretsDb.get("secrets", key);
-  } catch (err) {
-    console.warn(`[secrets] Could not read ${key} from encrypted DB: ${err}`);
-    return undefined;
-  }
-}
-
-/**
- * Set a secret by key
- */
-export async function setSecret(key: string, value: string): Promise<void> {
-  await ensureConnected();
-  await secretsDb.set("secrets", key, value);
-}
-
-/**
- * Delete a secret by key
- */
-export async function deleteSecret(key: string): Promise<void> {
-  await ensureConnected();
-  await secretsDb.del("secrets", key);
-}
-
-/**
- * Type-safe getters for known secrets
- */
-export const secrets = {
-  telegram: () => getSecret("TELEGRAM_BOT_TOKEN"),
-  openai: () => getSecret("OPENAI_API_KEY"),
-  elevenlabs: () => getSecret("ELEVENLABS_API_KEY"),
-};

package/src/shared/types.ts

@@ -1,103 +0,0 @@
-/**
- * @module shared/types
- * @role Define all shared interfaces for Daemon ↔ Core communication.
- * @responsibilities
- *   - IncomingMessage: what a channel adapter produces
- *   - CoreRequest/CoreResponse: HTTP payloads between Daemon and Core
- *   - SendRequest: Core → Daemon push (scheduler, etc.)
- *   - ScheduledTask: persisted task for croner/one-time
- *   - ModelConfig: router output
- * @dependencies None
- * @effects None (types only)
- */
-
-export interface IncomingMessage {
-  chatId: string;
-  sender: string;
-  senderId: string;
-  text?: string;
-  audio?: { base64: string; filename: string };
-  image?: { base64: string; caption?: string };
-  document?: { base64: string; filename: string; mimeType: string; caption?: string };
-  command?: string;
-  messageId?: number;
-  timestamp: number;
-  replyTo?: {
-    messageId?: number;
-    text?: string;
-    sender: string;
-    timestamp: number;
-  };
-}
-
-export interface CoreRequest {
-  message: IncomingMessage;
-}
-
-export interface CoreResponse {
-  text: string;
-  files?: string[];
-  audio?: string;
-}
-
-export interface SendRequest {
-  chatId: string;
-  text: string;
-  files?: string[];
-}
-
-export interface ScheduledTask {
-  id: string;
-  chatId: string;
-  sender: string;
-  senderId: string;
-  type: "once" | "cron";
-  origin?: "cron" | "recurring";
-  message: string;
-  originalMessage: string;
-  createdAt: number;
-  runAt?: number;
-  cron?: string;
-  lastRunAt?: number;
-  status?: "pending" | "done";
-}
-
-export interface AttachmentRecord {
-  id: string;
-  chatId: string;
-  type: "image" | "audio" | "document";
-  filename: string;
-  relPath: string;
-  mimeType?: string;
-  sizeBytes: number;
-  createdAt: number;
-}
-
-export interface ModelConfig {
-  model: string;
-  timeout: number;
-  reason: string;
-}
-
-export interface MessageRecord {
-  id: string;                 // "{chatId}_{messageId}"
-  chatId: string;
-  messageId: number;          // Telegram message_id
-  direction: "in" | "out";
-  sender: string;
-  timestamp: number;
-  text?: string;
-  mediaType?: "image" | "audio" | "document";
-  attachmentPath?: string;
-  mediaDescription?: string;
-}
-
-export interface Channel {
-  name: string;
-  connect(): Promise<void>;
-  onMessage(handler: (msg: IncomingMessage) => void): void;
-  send(chatId: string, text: string, parseMode?: "HTML" | "plain"): Promise<number | undefined>;
-  sendFile(chatId: string, filePath: string): Promise<void>;
-  sendAudio?(chatId: string, filePath: string): Promise<void>;
-  sendTyping(chatId: string): Promise<void>;
-}

package/tsconfig.json

@@ -1,19 +0,0 @@
-{
-  "compilerOptions": {
-    "target": "ESNext",
-    "module": "ESNext",
-    "moduleResolution": "bundler",
-    "types": ["bun"],
-    "strict": true,
-    "esModuleInterop": true,
-    "skipLibCheck": true,
-    "forceConsistentCasingInFileNames": true,
-    "outDir": "./dist",
-    "rootDir": "./src",
-    "declaration": true,
-    "noUnusedLocals": false,
-    "noUnusedParameters": false
-  },
-  "include": ["src/**/*.ts"],
-  "exclude": ["node_modules", "dist"]
-}