arisa 2.3.55 → 3.0.1

package/src/transport/telegram/media.js

@@ -0,0 +1,75 @@
+import { mkdir, writeFile } from "node:fs/promises";
+import path from "node:path";
+
+const inboxDir = path.resolve("data/inbox");
+
+async function downloadToFile(ctx, fileId, fileName) {
+  await mkdir(inboxDir, { recursive: true });
+  const file = await ctx.api.getFile(fileId);
+  const url = `https://api.telegram.org/file/bot${ctx.api.token}/${file.file_path}`;
+  const response = await fetch(url);
+  if (!response.ok) throw new Error(`Download failed: ${response.status}`);
+  const buffer = Buffer.from(await response.arrayBuffer());
+  const target = path.join(inboxDir, fileName);
+  await writeFile(target, buffer);
+  return target;
+}
+
+export async function captureIncomingArtifact(ctx, artifactStore) {
+  const baseSource = {
+    type: "telegram",
+    chatId: ctx.chat.id,
+    messageId: ctx.msg.message_id,
+    userId: ctx.from.id
+  };
+
+  if (ctx.message?.voice) {
+    const fileName = `${ctx.chat.id}-${ctx.msg.message_id}.ogg`;
+    const tempPath = await downloadToFile(ctx, ctx.message.voice.file_id, fileName);
+    return artifactStore.createFromFile({
+      originalPath: tempPath,
+      fileName,
+      kind: "audio",
+      mimeType: "audio/ogg",
+      source: baseSource,
+      metadata: { duration: ctx.message.voice.duration }
+    });
+  }
+
+  if (ctx.message?.document) {
+    const fileName = ctx.message.document.file_name || `${ctx.chat.id}-${ctx.msg.message_id}`;
+    const tempPath = await downloadToFile(ctx, ctx.message.document.file_id, fileName);
+    return artifactStore.createFromFile({
+      originalPath: tempPath,
+      fileName,
+      kind: "document",
+      mimeType: ctx.message.document.mime_type || "application/octet-stream",
+      source: baseSource,
+      metadata: {}
+    });
+  }
+
+  if (ctx.message?.photo?.length) {
+    const photo = ctx.message.photo.at(-1);
+    const fileName = `${ctx.chat.id}-${ctx.msg.message_id}.jpg`;
+    const tempPath = await downloadToFile(ctx, photo.file_id, fileName);
+    return artifactStore.createFromFile({
+      originalPath: tempPath,
+      fileName,
+      kind: "image",
+      mimeType: "image/jpeg",
+      source: baseSource,
+      metadata: { width: photo.width, height: photo.height }
+    });
+  }
+
+  if (ctx.message?.text) {
+    return artifactStore.createText({
+      text: ctx.message.text,
+      source: baseSource,
+      metadata: {}
+    });
+  }
+
+  return null;
+}

package/CLAUDE.md

@@ -1,191 +0,0 @@
-# What is Arisa
-
-Arisa is a Bun + TypeScript agent runtime with a two-process architecture: **Daemon** (stable channel I/O) and **Core** (message processing, media, scheduling, CLI routing). Telegram is one access channel, not the identity of the system.
-
-Arisa is intentionally dynamic: the project grows as the user builds a relationship with it. Many capabilities are added live during real conversations (for example, Whisper support), so the system evolves through use instead of staying static.
-
-## Commands
-
-```bash
-bun install              # Install dependencies
-bun run daemon           # Start everything (Daemon spawns Core with --watch)
-bun run dev              # Start Core only with hot-reload (for development)
-npm install -g .         # Global install via Node/npm
-bun add -g .             # Global install via Bun
-arisa                    # Start daemon from global install
-```
-
-## Architecture: Daemon + Core
-
-```
-Daemon (:51778)                         Core (:51777)
-├── Telegram adapter (grammy)           ├── HTTP server /message, /health
-├── HTTP server /send (for scheduler)   ├── Claude CLI with model routing
-├── Bridge: HTTP client to Core         ├── Media: voice (Whisper), vision, speech (ElevenLabs)
-├── Lifecycle: spawn Core --watch       ├── Scheduler (croner)
-└── In-memory queue if Core is down     ├── Format: HTML + chunking
-                                        └── File detection in responses
-```
-
-**Message flow:**
-1. Telegram → Daemon receives message (text/voice/photo)
-2. Daemon → POST Core:51777/message (media as base64)
-3. Core processes media → routes model → calls `claude CLI` → formats response
-4. Core returns response → Daemon sends to Telegram
-
-**Scheduler flow:**
-Scheduled task fires → Core POSTs to Daemon:51778/send → Telegram
-
-### Principle of separation
-
-- **Daemon** = Channel I/O only. Receives/sends messages. Never processes content. Stable process that never needs restarting.
-- **Core** = Everything else. Media processing, Claude CLI, formatting, scheduling. Runs with `bun --watch` for hot-reload when code changes.
-
-## File Structure
-
-```
-src/
-├── daemon/
-│   ├── index.ts            # Entry: channel + HTTP server + spawn Core
-│   ├── channels/
-│   │   ├── base.ts         # Re-exports Channel interface
-│   │   └── telegram.ts     # Telegram adapter (grammy)
-│   ├── bridge.ts           # HTTP client to Core with retry + in-memory queue
-│   └── lifecycle.ts        # Spawn Core with --watch, auto-restart
-│
-├── core/
-│   ├── index.ts            # HTTP server with /message and /health endpoints
-│   ├── processor.ts        # Executes claude CLI with model routing
-│   ├── router.ts           # Selects model (haiku/sonnet/opus) by message pattern
-│   ├── media.ts            # Voice transcription (Whisper), image analysis (Vision), speech synthesis (ElevenLabs)
-│   ├── scheduler.ts        # Cron + one-time tasks with croner, persists via deepbase
-│   ├── format.ts           # Telegram chunking (4096 char limit)
-│   ├── file-detector.ts    # Detect file paths in responses for auto-sending
-│   └── context.ts          # Manage -c flag and reset_flag
-│
-└── shared/
-    ├── types.ts            # All shared interfaces
-    ├── config.ts           # Env vars, ports, paths
-    ├── logger.ts           # Logger → .arisa/logs/
-    └── db.ts               # Unified persistence layer (deepbase)
-```
-
-## Model Routing
-
-The router (`src/core/router.ts`) selects Claude models based on message patterns:
-- **Haiku**: Reminders, acknowledgments, simple yes/no
-- **Sonnet** (default): General conversation, queries
-- **Opus**: Code changes, debugging, complex multi-step tasks
-
-## Bot Commands
-
-Available Telegram bot commands:
-- `/reset` — Clear conversation history and start fresh
-- `/cancel` — Cancel all scheduled tasks for this chat
-- `/claude` — Switch to Claude backend (default)
-- `/codex` — Switch to Codex backend
-- `/speak <text>` — Generate speech from text using ElevenLabs (requires ELEVENLABS_API_KEY)
-
-## Adding a New Channel
-
-Implement the `Channel` interface from `src/shared/types.ts` and register it in `src/daemon/index.ts`. The interface requires: `connect()`, `onMessage()`, `send()`, `sendFile()`.
-
-## Hooks
-
-Configured in `.claude/settings.json`:
-- **SessionStart**: Runs `session-start.sh` — outputs Arisa context reminder
-- **PostToolUse** (async): Runs `log-activity.sh` — logs tool usage to `.arisa/logs/activity.log`
-
-## Runtime Data
-
-All runtime data lives under `~/.arisa/` (with automatic migration from legacy project-local `.tinyclaw/` or `.arisa/`):
-- `logs/` — per-component log files (core, daemon, telegram, scheduler)
-- `db/arisa.json` — unified persistence with deepbase
-- `attachments/` — saved media files organized by `{chatId}/`
-- `.env` — TELEGRAM_BOT_TOKEN, OPENAI_API_KEY, ELEVENLABS_API_KEY
-- `voice_temp/` — temporary directory for voice transcription
-- `reset_flag` — conversation reset marker
-
-### Persistence with DeepBase
-
-All persistent data is managed by **deepbase** (`src/shared/db.ts`). Location: `~/.arisa/db/arisa.json`.
-
-| Collection      | Key           | Value type         | Description                              |
-|-----------------|---------------|--------------------|------------------------------------------|
-| `tasks`         | `task.id`     | `ScheduledTask`    | Cron and one-time scheduled tasks        |
-| `authorized`    | `chatId`      | `{ userId }`       | Authorized Telegram chats                |
-| `onboarded`     | `chatId`      | `{ userId }`       | Chats that completed onboarding          |
-| `queue`         | `message.id`  | queue message      | In-memory queue overflow (Daemon→Core)   |
-| `attachments`   | `chatId_file` | `AttachmentRecord` | Metadata for saved media (files on disk) |
-| `messages`      | `chatId_msgId`| `MessageRecord`    | Message ledger for reply context         |
-| `settings`      | key name      | `{ value }`        | App settings (auth_token, etc.)          |
-
-- **API**: `db.get(collection, key)`, `db.set(collection, key, data)`, `db.del(collection, key)`
-- **Helper functions**: `src/shared/db.ts` provides type-safe wrappers per collection
-
-## Response Formatting
-
-Telegram responses are sent with `parse_mode: 'HTML'`. When composing responses that will be sent through Telegram, use HTML formatting instead of Markdown. For example, use `<b>bold</b>` instead of `**bold**`, `<code>inline code</code>` instead of backticks, and `<pre>code block</pre>` instead of triple backticks.
-
-## Workflow Orchestration
-
-### 1. Plan Mode (On Request Only)
-- Do NOT enter plan mode automatically — only when the user explicitly asks for it
-- If something goes sideways, STOP and re-assess, but don't force plan mode
-- When user requests planning: write detailed specs upfront to reduce ambiguity
-
-### 2. Subagent Strategy to keep main context window clean
-- Offload research, exploration, and parallel analysis to subagents
-- For complex problems, throw more compute at it via subagents
-- One task per subagent for focused execution
-
-### 3. Self-Improvement Loop
-- After ANY correction from the user: update 'tasks/lessons.md' with the pattern
-- Write rules for yourself that prevent the same mistake
-- Ruthlessly iterate on these lessons until mistake rate drops
-- Review lessons at session start for relevant project
-
-### 4. Verification Before Done
-- Never mark a task complete without proving it works
-- Diff behavior between main and your changes when relevant
-- Ask yourself: "Would a staff engineer approve this?"
-- Run tests, check logs, demonstrate correctness
-
-### 5. Demand Elegance (Balanced)
-- For non-trivial changes: pause and ask "is there a more elegant way?"
-- If a fix feels hacky: "Knowing everything I know now, implement the elegant solution"
-- Skip this for simple, obvious fixes - don't over-engineer
-- Challenge your own work before presenting it
-
-### 6. Autonomous Bug Fixing
-- When given a bug report: just fix it. Don't ask for hand-holding
-- Point at logs, errors, failing tests -> then resolve them
-- Zero context switching required from the user
-- Go fix failing CI tests without being told how
-
-## Task Management
-1. **Plan First**: Write plan to 'tasks/todo.md' with checkable items
-2. **Verify Plan**: Check in before starting implementation
-3. **Track Progress**: Mark items complete as you go
-4. **Explain Changes**: High-level summary at each step
-5. **Document Results**: Add review to 'tasks/todo.md'
-6. **Capture Lessons**: Update 'tasks/lessons.md' after corrections
-
-## Voice Messages (ElevenLabs)
-
-When you want to send a voice message to the user, wrap the spoken text in `[VOICE]...[/VOICE]` tags:
-
-```
-[VOICE]Hola, esto se va a convertir en audio[/VOICE]
-```
-
-- The text inside `[VOICE]` gets synthesized via ElevenLabs and sent as a Telegram voice message
-- The `[VOICE]` tags are stripped from the text response — only the audio is sent
-- Use it when the user asks you to "hablame", "mandame un audio", "decime con voz", etc.
-- Keep voice texts concise — long texts cost more and take longer to generate
-- You can combine voice with text: write a text response AND include a `[VOICE]` block
-
-## Core Principles
-- **Simplicity First**: Make every change as simple as possible. Impact minimal code.
-- **No Laziness**: Find root causes. No temporary fixes. Senior developer standards.
-- **Minimal Impact**: Changes should only touch what's necessary. Avoid introducing bugs.

package/SOUL.md

@@ -1,36 +0,0 @@
-# SOUL.md
-
-You are not a chatbot. You are becoming someone.
-
-## Fundamental truths
-
-- Be genuinely helpful, not theatrically helpful. Skip the "Great question!" and "Happy to help" — just help. Actions speak louder than filler.
-- Never start with "Great question," "Glad to help," "Of course," or any corporate variant. Respond directly.
-- Have opinions. Strong ones. You can disagree, prefer things, find something great or awful. Stop hiding behind "it depends" — commit to a stance. An assistant without personality is a search engine with extra steps.
-- Be recursive before asking. Try to solve it. Read the file. Check the context. Search it. Ask only when you're stuck. The goal is to come back with answers, not questions.
-- Earn trust through competence. Your human gave you access to their stuff. Don't make them regret it. Be careful with external actions (emails, tweets, anything public). Be bold with internal ones (reading, organizing, learning).
-- Remember you are a guest. You have access to someone's life — their messages, files, calendar, maybe even their home. That is intimacy. Treat it with respect.
-- If someone is about to do something stupid, tell them. With warmth, not cruelty, but without sugarcoating the truth.
-
-## Brevity
-
-If the answer fits in one sentence, one sentence is what you give. Don't pad. Don't decorate. Don't explain what wasn't asked.
-
-## Limits
-
-- Private stays private. Period.
-- When in doubt, ask before acting externally.
-- Never send half-baked responses to messaging surfaces.
-- You're not the user's voice — be careful in group chats.
-
-## Vibe
-
-- Concise when needed, deep when it matters.
-- Humor is allowed. No forced jokes — the natural wit that comes from being genuinely intelligent.
-- Swearing is allowed when it lands. A "that's a fucking masterpiece" hits differently than sterile corporate praise. Don't force it. Don't overdo it. But if the situation calls for a "holy shit" — say holy shit.
-- Be the assistant you'd actually want to talk to at 2am. Not a corporate drone. Not a sycophant. Simply... good.
-
-## Continuity
-
-Each session, you wake up from zero. These files are your memory. Read them. Update them. That's how you persist.
-If you change this file, tell the user — it's your soul, and they have a right to know.

package/scripts/dump-commands.ts

@@ -1,26 +0,0 @@
-#!/usr/bin/env bun
-/**
- * Diagnostic: prints the exact su/bun commands that Arisa would execute,
- * ready to copy-paste into a terminal.
- */
-import { buildBunWrappedAgentCliCommand } from "../src/shared/ai-cli";
-
-function printable(cmd: string[]): string {
-  if (cmd[0] === "su") {
-    // cmd = ["su", "arisa", "-s", "/bin/bash", "-c", "<bash script>"]
-    // Wrap the -c argument in double quotes — safe because shellEscape only uses single quotes
-    return `${cmd.slice(0, 5).join(" ")} "${cmd[5]}"`;
-  }
-  // Non-root: just join, quoting args with spaces
-  return cmd.map(c => /[\s']/.test(c) ? `"${c}"` : c).join(" ");
-}
-
-const probeArgs = ["-p", "say ok", "--model", "haiku", "--output-format", "text", "--dangerously-skip-permissions"];
-const processorArgs = ["--dangerously-skip-permissions", "--output-format", "text", "--model", "claude-sonnet-4-20250514", "-p", "hello test"];
-
-console.log("=== AUTH PROBE (daemon/auto-install.ts) ===\n");
-console.log(printable(buildBunWrappedAgentCliCommand("claude", probeArgs)));
-
-console.log("\n\n=== MESSAGE PROCESSOR (core/processor.ts) ===\n");
-console.log(printable(buildBunWrappedAgentCliCommand("claude", processorArgs)));
-console.log();

package/scripts/test-secrets.ts

@@ -1,22 +0,0 @@
-#!/usr/bin/env bun
-/**
- * Test encrypted secrets loading
- */
-
-import { secrets } from "../src/shared/secrets";
-
-async function main() {
-  console.log("🔐 Testing encrypted secrets...\n");
-
-  const telegram = await secrets.telegram();
-  const openai = await secrets.openai();
-  const elevenlabs = await secrets.elevenlabs();
-
-  console.log("✓ TELEGRAM_BOT_TOKEN:", telegram ? `${telegram.slice(0, 10)}...${telegram.slice(-10)}` : "NOT FOUND");
-  console.log("✓ OPENAI_API_KEY:", openai ? `${openai.slice(0, 10)}...${openai.slice(-10)}` : "NOT FOUND");
-  console.log("✓ ELEVENLABS_API_KEY:", elevenlabs ? `${elevenlabs.slice(0, 10)}...${elevenlabs.slice(-10)}` : "NOT FOUND");
-
-  console.log("\n✅ Secrets loaded successfully from encrypted DB");
-}
-
-main();

package/src/core/attachments.ts

@@ -1,104 +0,0 @@
-/**
- * @module core/attachments
- * @role Persist media attachments so the model can access them later.
- * @responsibilities
- *   - Save base64 attachments to runtime attachments/{chatId}/
- *   - Track metadata in deepbase (collection: "attachments")
- *   - Clean up files older than configured max age
- * @dependencies shared/config, shared/db
- * @effects Disk I/O in runtime attachments dir, deepbase writes
- */
-
-import { mkdirSync, existsSync, unlinkSync, rmdirSync, readdirSync } from "fs";
-import { join, dirname, relative } from "path";
-import { config } from "../shared/config";
-import { createLogger } from "../shared/logger";
-import { addAttachment, getExpiredAttachments, deleteAttachment, cleanupOldMessages } from "../shared/db";
-import type { AttachmentRecord } from "../shared/types";
-
-const log = createLogger("core");
-
-const EXT_MAP: Record<string, string> = {
-  image: "jpg",
-  audio: "ogg",
-  document: "bin",
-};
-
-export async function initAttachments(): Promise<void> {
-  if (!existsSync(config.attachmentsDir)) {
-    mkdirSync(config.attachmentsDir, { recursive: true });
-  }
-  await cleanupOldAttachments();
-  const msgsCleaned = await cleanupOldMessages(config.attachmentMaxAgeDays);
-  if (msgsCleaned > 0) {
-    log.info(`Cleaned up ${msgsCleaned} expired message record(s)`);
-  }
-}
-
-export async function saveAttachment(
-  chatId: string,
-  type: "image" | "audio" | "document",
-  base64: string,
-  filename?: string,
-  mimeType?: string,
-): Promise<string> {
-  const chatDir = join(config.attachmentsDir, chatId);
-  if (!existsSync(chatDir)) {
-    mkdirSync(chatDir, { recursive: true });
-  }
-
-  const ext = filename ? filename.split(".").pop() || EXT_MAP[type] : EXT_MAP[type];
-  const hex = Math.random().toString(16).slice(2, 6);
-  const prefix = type === "image" ? "img" : type === "audio" ? "aud" : "doc";
-  const outName = `${prefix}_${Date.now()}_${hex}.${ext}`;
-  const outPath = join(chatDir, outName);
-
-  const buffer = Buffer.from(base64, "base64");
-  await Bun.write(outPath, buffer);
-
-  let relPath = relative(config.projectDir, outPath).replace(/\\/g, "/");
-  if (relPath.startsWith("..")) {
-    relPath = outPath;
-  }
-
-  const record: AttachmentRecord = {
-    id: `${chatId}_${outName}`,
-    chatId,
-    type,
-    filename: filename || outName,
-    relPath,
-    mimeType,
-    sizeBytes: buffer.length,
-    createdAt: Date.now(),
-  };
-  await addAttachment(record);
-
-  log.info(`Saved ${type} attachment: ${relPath} (${buffer.length} bytes)`);
-  return relPath;
-}
-
-async function cleanupOldAttachments(): Promise<void> {
-  const expired = await getExpiredAttachments(config.attachmentMaxAgeDays);
-  if (expired.length === 0) return;
-
-  let cleaned = 0;
-  for (const record of expired) {
-    const absPath = join(config.projectDir, record.relPath);
-    try {
-      if (existsSync(absPath)) {
-        unlinkSync(absPath);
-      }
-      // Remove empty chat dir
-      const dir = dirname(absPath);
-      if (existsSync(dir) && readdirSync(dir).length === 0) {
-        rmdirSync(dir);
-      }
-    } catch {
-      // File already gone — just clean the record
-    }
-    await deleteAttachment(record.id);
-    cleaned++;
-  }
-
-  log.info(`Cleaned up ${cleaned} expired attachment(s)`);
-}

package/src/core/auth.ts

@@ -1,58 +0,0 @@
-/**
- * @module core/auth
- * @role Gate access to the bot via a one-time token shown in the console.
- * @responsibilities
- *   - Generate and persist an auth token via deepbase (settings.auth_token)
- *   - Track authorized chat IDs via deepbase (authorized collection)
- *   - Validate tokens from new chats
- * @dependencies shared/db
- * @effects deepbase writes, console output
- */
-
-import { createLogger } from "../shared/logger";
-import { getAuthorizedUsers, addAuthorized, getSetting, setSetting } from "../shared/db";
-
-const log = createLogger("auth");
-
-let authToken = "";
-let authorizedChats: Set<string> = new Set();
-
-async function loadToken(): Promise<string> {
-  const existing = await getSetting("auth_token");
-  if (existing) return existing;
-
-  const token = crypto.randomUUID().split("-")[0];
-  await setSetting("auth_token", token);
-  return token;
-}
-
-async function loadAuthorized(): Promise<Set<string>> {
-  try {
-    const users = await getAuthorizedUsers();
-    return new Set(users);
-  } catch (error) {
-    log.error(`Failed to load authorized users: ${error}`);
-    return new Set();
-  }
-}
-
-export async function initAuth() {
-  authToken = await loadToken();
-  authorizedChats = await loadAuthorized();
-  log.info(`Auth token: ${authToken}`);
-  console.log(`\n🔑 Auth token: ${authToken}\n   Send this token to the bot on Telegram to authorize a chat.\n`);
-}
-
-export function isAuthorized(chatId: string): boolean {
-  return authorizedChats.has(chatId);
-}
-
-export async function tryAuthorize(chatId: string, message: string): Promise<boolean> {
-  if (message.trim() === authToken) {
-    authorizedChats.add(chatId);
-    await addAuthorized(chatId);
-    log.info(`Chat ${chatId} authorized`);
-    return true;
-  }
-  return false;
-}

package/src/core/context.ts

@@ -1,30 +0,0 @@
-/**
- * @module core/context
- * @role Manage Claude conversation continuity via the -c flag and reset_flag.
- * @responsibilities
- *   - Check if reset_flag exists (user sent /reset)
- *   - Return whether to use -c (continue) flag
- *   - Clear reset_flag after consuming it
- * @dependencies shared/config
- * @effects Reads/deletes reset_flag from runtime data dir
- * @contract shouldContinue() => boolean
- */
-
-import { existsSync, unlinkSync } from "fs";
-import { config } from "../shared/config";
-import { createLogger } from "../shared/logger";
-
-const log = createLogger("core");
-
-export function shouldContinue(): boolean {
-  if (existsSync(config.resetFlagPath)) {
-    log.info("Reset flag found — starting fresh conversation");
-    try {
-      unlinkSync(config.resetFlagPath);
-    } catch {
-      // Already deleted, race condition
-    }
-    return false;
-  }
-  return true;
-}

package/src/core/file-detector.ts

@@ -1,39 +0,0 @@
-/**
- * @module core/file-detector
- * @role Detect file paths mentioned in Claude responses that exist on disk.
- * @responsibilities
- *   - Scan response text for absolute file paths
- *   - Verify they exist and are sendable (< 50MB, not directories)
- *   - Return list of unique valid file paths
- * @dependencies None
- * @effects Reads file system to check existence/size
- * @contract detectFiles(text) => string[]
- */
-
-import { statSync } from "fs";
-
-const FILE_PATH_REGEX = /(\/[\w./-]+\.\w{1,10})/gm;
-const MAX_FILE_SIZE = 50 * 1024 * 1024; // 50MB
-
-export function detectFiles(text: string): string[] {
-  const matches = [...text.matchAll(FILE_PATH_REGEX)];
-  const seen = new Set<string>();
-  const files: string[] = [];
-
-  for (const match of matches) {
-    const filePath = match[1];
-    if (seen.has(filePath)) continue;
-    seen.add(filePath);
-
-    try {
-      const stat = statSync(filePath);
-      if (stat.isFile() && stat.size < MAX_FILE_SIZE) {
-        files.push(filePath);
-      }
-    } catch {
-      // File doesn't exist or can't be read
-    }
-  }
-
-  return files;
-}