cclawd 1.0.4 → 1.0.5

package/dist/build-info.json

@@ -1,5 +1,5 @@
 {
-  "version": "1.0.4",
+  "version": "1.0.5",
   "commit": "dcee9f245a22ea09abb0f25d03d6e980669df08f",
-  "builtAt": "2026-03-18T07:00:07.749Z"
+  "builtAt": "2026-03-18T07:07:26.467Z"
 }

package/dist/plugin-sdk/imessage.js

@@ -5,7 +5,7 @@ import chalk, { Chalk } from "chalk";
 import fs, { constants } from "node:fs";
 import { Logger } from "tslog";
 import os from "node:os";
-import JSON5 from "json5";
+import json5 from "json5";
 import { promisify } from "node:util";
 import fs$1 from "node:fs/promises";
 import "@clack/prompts";
@@ -747,7 +747,7 @@ function readLoggingConfig() {
 	try {
 		if (!fs.existsSync(configPath)) return;
 		const raw = fs.readFileSync(configPath, "utf-8");
-		const logging = JSON5.parse(raw)?.logging;
+		const logging = json5.parse(raw)?.logging;
 		if (!logging || typeof logging !== "object" || Array.isArray(logging)) return;
 		return logging;
 	} catch {

package/dist/plugin-sdk/index.js

@@ -1,43 +1,43 @@
-import { E as redactSensitiveText, Ft as DEFAULT_ACCOUNT_ID, It as normalizeAccountId, Mt as resolveThreadSessionKeys, _ as openFileWithinRoot, c as applyWindowsSpawnProgramPolicy, ct as sameFileIdentity, d as resolveWindowsSpawnProgram, dt as isPathInside, f as resolveWindowsSpawnProgramCandidate, kt as normalizeAgentId, l as materializeWindowsSpawnProgram, nt as runCommandWithTimeout, p as SafeOpenError, u as resolveWindowsExecutablePath, ut as isNotFoundPathError, v as openWritableFileWithinRoot } from "./paths-BtVqCdw4.js";
-import { $i as resolveWhatsAppGroupToolPolicy, $l as normalizeResolvedSecretInputString, $t as requireApiKey, A as DmConfigSchema, Aa as formatTrimmedAllowFromEntries, Ao as resolveToolsBySender, B as TtsProviderSchema, Ba as resolveDefaultWhatsAppAccountId, Bi as resolveBlueBubblesGroupRequireMention, Ci as listTelegramDirectoryGroupsFromConfig, Co as resolveDefaultDiscordAccountId, Da as resolveSignalAccount, Di as looksLikeSlackTargetId, Ds as getFileExtension, Ea as resolveDefaultSignalAccountId, Ei as listWhatsAppDirectoryPeersFromConfig, Es as extensionForMime, F as ReplyRuntimeConfigSchemaShape, Fa as resolveOptionalConfigString, Gi as resolveGoogleChatGroupToolPolicy, H as requireOpenAllowFrom, Ha as resolveWhatsAppAuthDir, Hi as resolveDiscordGroupRequireMention, Hl as withFileLock, Hs as formatErrorMessage, I as SecretInputSchema, Ia as resolveWhatsAppConfigAllowFrom, Ii as resolveWhatsAppGroupIntroHint, Jc as getChatChannelMeta, Ji as resolveSlackGroupRequireMention, Jl as assertSecretInputResolved, Ki as resolveIMessageGroupRequireMention, L as TtsAutoSchema, La as resolveWhatsAppConfigDefaultTo, Li as resolveWhatsAppMentionStripPatterns, M as GroupPolicySchema, Ma as mapAllowFromEntries, Ml as resolveDefaultSecretProviderAlias, N as MarkdownConfigSchema, Na as resolveIMessageConfigAllowFrom, O as ToolPolicySchema, Oa as createScopedAccountConfigAccessors, Oi as normalizeSlackMessagingTarget, Oo as resolveChannelGroupRequireMention, P as MarkdownTableModeSchema, Pa as resolveIMessageConfigDefaultTo, Pl as encodeJsonPointerToken, Qi as resolveWhatsAppGroupRequireMention, Ql as isValidEnvSecretRefId, R as TtsConfigSchema, Ri as looksLikeSignalTargetId, Si as listSlackDirectoryPeersFromConfig, Ss as extractOriginalFilename, Ta as listSignalAccountIds, Ti as listWhatsAppDirectoryGroupsFromConfig, Ts as detectMime, Ui as resolveDiscordGroupToolPolicy, Ul as formatCliCommand, V as normalizeAllowFrom, Va as resolveWhatsAppAccount, Vi as resolveBlueBubblesGroupToolPolicy, Vl as acquireFileLock, Wi as resolveGoogleChatGroupRequireMention, Xi as resolveTelegramGroupRequireMention, Xl as hasConfiguredSecretInput, Yi as resolveSlackGroupToolPolicy, Zi as resolveTelegramGroupToolPolicy, Zl as isSecretRef, Zs as SsrFBlockedError, _ as TelegramConfigSchema, _a as listEnabledSlackAccounts, _o as isAllowedParsedChatSender, aa as listTelegramAccountIds, ao as looksLikeWhatsAppTargetId, ba as resolveSlackAccount, bi as listDiscordDirectoryPeersFromConfig, bs as rawDataToString, co as looksLikeHandleOrPhoneTarget, d as DiscordConfigSchema, do as normalizeWhatsAppTarget, du as createAccountListHelpers, ec as isBlockedHostname, eu as normalizeSecretInputString, f as GoogleChatConfigSchema, fo as clearAccountEntryFields, g as SlackConfigSchema, ga as inspectSlackAccount, go as formatNormalizedAllowFromEntries, h as SignalConfigSchema, ha as buildSlackThreadingToolContext, ho as formatAllowFromLowercase, io as resolveIMessageAccount, j as DmPolicySchema, ja as formatWhatsAppConfigAllowFromEntries, jl as isValidFileSecretRefId, k as BlockStreamingCoalesceSchema, ka as createScopedChannelConfigBase, lo as trimMessagingTarget, m as MSTeamsConfigSchema, ma as resolveAccountWithDefaultFallback, ml as registerContextEngine, mo as setAccountEnabledInConfigSection, na as inspectTelegramAccount, nc as isPrivateIpAddress, no as listIMessageAccountIds, oa as resolveDefaultTelegramAccountId, ol as normalizePluginHttpPath, oo as normalizeWhatsAppAllowFromEntries, p as IMessageConfigSchema, pa as listConfiguredAccountIds, po as deleteAccountFromConfigSection, qi as resolveIMessageGroupToolPolicy, ro as resolveDefaultIMessageAccountId, sa as resolveTelegramAccount, so as normalizeWhatsAppMessagingTarget, tc as isBlockedHostnameOrIp, u as WhatsAppConfigSchema, uo as isWhatsAppGroupJid, va as listSlackAccountIds, vo as isNormalizedSenderAllowed, wi as listTelegramDirectoryPeersFromConfig, wl as resolveSecretRefString, wo as resolveDiscordAccount, xa as resolveSlackReplyToMode, xi as listSlackDirectoryGroupsFromConfig, xo as listDiscordAccountIds, ya as resolveDefaultSlackAccountId, yi as listDiscordDirectoryGroupsFromConfig, yo as inspectDiscordAccount, z as TtsModeSchema, za as listWhatsAppAccountIds, zi as normalizeSignalMessagingTarget } from "./config-B9ODwgpz.js";
-import { $t as installRequestBodyLimitGuard, A as createReplyPrefixContext, At as createReceiptCard, B as evictOldHistoryKeys, Bt as DM_GROUP_ACCESS_REASON, C as resolveDiscordChannelAllowlist, Cn as CHANNEL_MESSAGE_ACTION_NAMES, D as resolveMentionGating, Dt as hasMarkdownToConvert, F as DEFAULT_GROUP_HISTORY_LIMIT, G as recordInboundSession, Gt as resolveDmGroupAccessWithLists, H as recordPendingHistoryEntryIfEnabled, Ht as resolveDmAllowState, It as formatInboundFromLabel, J as shouldAckReactionForWhatsApp, Jt as resolveControlCommandGate, K as removeAckReactionAfterReply, Kt as resolveEffectiveAllowFromLists, L as buildPendingHistoryContextFromMap, Lt as formatUtcTimestamp, M as logAckFailure, Mt as extractToolSend, N as logInboundDrop, Nt as issuePairingChallenge, O as resolveMentionGatingWithBypass, Ot as processLineMessage, P as logTypingFailure, Pt as resolveInboundSessionEnvelopeContext, Qt as RequestBodyLimitError, R as clearHistoryEntries, Rt as formatZonedTimestamp, S as resolveDiscordUserAllowlist, Sn as BLUEBUBBLES_GROUP_ACTIONS, T as summarizeMapping, U as buildMediaPayload, Ut as resolveDmGroupAccessDecision, V as recordPendingHistoryEntry, Vt as readStoreAllowFromForDmPolicy, W as collectDiscordAuditChannelIds, Wt as resolveDmGroupAccessWithCommandGate, Xt as DEFAULT_WEBHOOK_BODY_TIMEOUT_MS, Yt as pruneMapToMaxSize, Zt as DEFAULT_WEBHOOK_MAX_BODY_BYTES, _ as listLineAccountIds, _n as formatAllowlistMatchMeta, an as enqueueKeyedTask, b as resolveLineAccount, bn as BLUEBUBBLES_ACTIONS, bt as listDevicePairing, cn as getAcpRuntimeBackend, dn as unregisterAcpRuntimeBackend, dt as readBooleanParam, en as isRequestBodyLimitError, f as formatDocsLink, fn as ACP_ERROR_CODES, ft as optionalStringEnum, g as resolveSlackChannelAllowlist, gn as unbindThreadBindingsBySessionKey, gt as resolveAckReaction, h as resolveSlackUserAllowlist, hn as listThreadBindingsBySessionKey, in as KeyedAsyncQueue, j as createReplyPrefixOptions, jt as attachFooterText, k as createTypingCallbacks, kt as stripMarkdown, ln as registerAcpRuntimeBackend, lt as parseTelegramReplyToMessageId, mn as autoBindSpawnedDiscordSubagent, n as dispatchReplyFromConfig, nn as readRequestBodyWithLimit, on as isDangerousNameMatchingEnabled, ot as createDedupeCache, pn as AcpRuntimeError, pt as stringEnum, q as shouldAckReaction, rn as requestBodyErrorToText, sn as registerPluginHttpRoute, t as withReplyDispatcher, tn as readJsonBodyWithLimit, un as requireAcpRuntimeBackend, ut as parseTelegramThreadId, v as normalizeAccountId$1, vn as resolveAllowlistMatchByCandidates, w as mergeAllowlist, x as detectBinary, xn as BLUEBUBBLES_ACTION_NAMES, xt as rejectDevicePairing, y as resolveDefaultLineAccountId, yn as resolveAllowlistMatchSimple, yt as approveDevicePairing, z as clearHistoryEntriesIfEnabled, zt as resolveTimezone } from "./dispatch-BqlR4dPx.js";
+import { E as redactSensitiveText, Ft as DEFAULT_ACCOUNT_ID, It as normalizeAccountId, Mt as resolveThreadSessionKeys, _ as openFileWithinRoot, c as applyWindowsSpawnProgramPolicy, ct as sameFileIdentity, d as resolveWindowsSpawnProgram, dt as isPathInside, f as resolveWindowsSpawnProgramCandidate, kt as normalizeAgentId, l as materializeWindowsSpawnProgram, nt as runCommandWithTimeout, p as SafeOpenError, u as resolveWindowsExecutablePath, ut as isNotFoundPathError, v as openWritableFileWithinRoot } from "./paths-BMopnplU.js";
+import { $i as resolveWhatsAppGroupToolPolicy, $l as normalizeResolvedSecretInputString, $t as requireApiKey, A as DmConfigSchema, Aa as formatTrimmedAllowFromEntries, Ao as resolveToolsBySender, B as TtsProviderSchema, Ba as resolveDefaultWhatsAppAccountId, Bi as resolveBlueBubblesGroupRequireMention, Ci as listTelegramDirectoryGroupsFromConfig, Co as resolveDefaultDiscordAccountId, Da as resolveSignalAccount, Di as looksLikeSlackTargetId, Ds as getFileExtension, Ea as resolveDefaultSignalAccountId, Ei as listWhatsAppDirectoryPeersFromConfig, Es as extensionForMime, F as ReplyRuntimeConfigSchemaShape, Fa as resolveOptionalConfigString, Gi as resolveGoogleChatGroupToolPolicy, H as requireOpenAllowFrom, Ha as resolveWhatsAppAuthDir, Hi as resolveDiscordGroupRequireMention, Hl as withFileLock, Hs as formatErrorMessage, I as SecretInputSchema, Ia as resolveWhatsAppConfigAllowFrom, Ii as resolveWhatsAppGroupIntroHint, Jc as getChatChannelMeta, Ji as resolveSlackGroupRequireMention, Jl as assertSecretInputResolved, Ki as resolveIMessageGroupRequireMention, L as TtsAutoSchema, La as resolveWhatsAppConfigDefaultTo, Li as resolveWhatsAppMentionStripPatterns, M as GroupPolicySchema, Ma as mapAllowFromEntries, Ml as resolveDefaultSecretProviderAlias, N as MarkdownConfigSchema, Na as resolveIMessageConfigAllowFrom, O as ToolPolicySchema, Oa as createScopedAccountConfigAccessors, Oi as normalizeSlackMessagingTarget, Oo as resolveChannelGroupRequireMention, P as MarkdownTableModeSchema, Pa as resolveIMessageConfigDefaultTo, Pl as encodeJsonPointerToken, Qi as resolveWhatsAppGroupRequireMention, Ql as isValidEnvSecretRefId, R as TtsConfigSchema, Ri as looksLikeSignalTargetId, Si as listSlackDirectoryPeersFromConfig, Ss as extractOriginalFilename, Ta as listSignalAccountIds, Ti as listWhatsAppDirectoryGroupsFromConfig, Ts as detectMime, Ui as resolveDiscordGroupToolPolicy, Ul as formatCliCommand, V as normalizeAllowFrom, Va as resolveWhatsAppAccount, Vi as resolveBlueBubblesGroupToolPolicy, Vl as acquireFileLock, Wi as resolveGoogleChatGroupRequireMention, Xi as resolveTelegramGroupRequireMention, Xl as hasConfiguredSecretInput, Yi as resolveSlackGroupToolPolicy, Zi as resolveTelegramGroupToolPolicy, Zl as isSecretRef, Zs as SsrFBlockedError, _ as TelegramConfigSchema, _a as listEnabledSlackAccounts, _o as isAllowedParsedChatSender, aa as listTelegramAccountIds, ao as looksLikeWhatsAppTargetId, ba as resolveSlackAccount, bi as listDiscordDirectoryPeersFromConfig, bs as rawDataToString, co as looksLikeHandleOrPhoneTarget, d as DiscordConfigSchema, do as normalizeWhatsAppTarget, du as createAccountListHelpers, ec as isBlockedHostname, eu as normalizeSecretInputString, f as GoogleChatConfigSchema, fo as clearAccountEntryFields, g as SlackConfigSchema, ga as inspectSlackAccount, go as formatNormalizedAllowFromEntries, h as SignalConfigSchema, ha as buildSlackThreadingToolContext, ho as formatAllowFromLowercase, io as resolveIMessageAccount, j as DmPolicySchema, ja as formatWhatsAppConfigAllowFromEntries, jl as isValidFileSecretRefId, k as BlockStreamingCoalesceSchema, ka as createScopedChannelConfigBase, lo as trimMessagingTarget, m as MSTeamsConfigSchema, ma as resolveAccountWithDefaultFallback, ml as registerContextEngine, mo as setAccountEnabledInConfigSection, na as inspectTelegramAccount, nc as isPrivateIpAddress, no as listIMessageAccountIds, oa as resolveDefaultTelegramAccountId, ol as normalizePluginHttpPath, oo as normalizeWhatsAppAllowFromEntries, p as IMessageConfigSchema, pa as listConfiguredAccountIds, po as deleteAccountFromConfigSection, qi as resolveIMessageGroupToolPolicy, ro as resolveDefaultIMessageAccountId, sa as resolveTelegramAccount, so as normalizeWhatsAppMessagingTarget, tc as isBlockedHostnameOrIp, u as WhatsAppConfigSchema, uo as isWhatsAppGroupJid, va as listSlackAccountIds, vo as isNormalizedSenderAllowed, wi as listTelegramDirectoryPeersFromConfig, wl as resolveSecretRefString, wo as resolveDiscordAccount, xa as resolveSlackReplyToMode, xi as listSlackDirectoryGroupsFromConfig, xo as listDiscordAccountIds, ya as resolveDefaultSlackAccountId, yi as listDiscordDirectoryGroupsFromConfig, yo as inspectDiscordAccount, z as TtsModeSchema, za as listWhatsAppAccountIds, zi as normalizeSignalMessagingTarget } from "./config-B6fwS1Kz.js";
+import { $t as installRequestBodyLimitGuard, A as createReplyPrefixContext, At as createReceiptCard, B as evictOldHistoryKeys, Bt as DM_GROUP_ACCESS_REASON, C as resolveDiscordChannelAllowlist, Cn as CHANNEL_MESSAGE_ACTION_NAMES, D as resolveMentionGating, Dt as hasMarkdownToConvert, F as DEFAULT_GROUP_HISTORY_LIMIT, G as recordInboundSession, Gt as resolveDmGroupAccessWithLists, H as recordPendingHistoryEntryIfEnabled, Ht as resolveDmAllowState, It as formatInboundFromLabel, J as shouldAckReactionForWhatsApp, Jt as resolveControlCommandGate, K as removeAckReactionAfterReply, Kt as resolveEffectiveAllowFromLists, L as buildPendingHistoryContextFromMap, Lt as formatUtcTimestamp, M as logAckFailure, Mt as extractToolSend, N as logInboundDrop, Nt as issuePairingChallenge, O as resolveMentionGatingWithBypass, Ot as processLineMessage, P as logTypingFailure, Pt as resolveInboundSessionEnvelopeContext, Qt as RequestBodyLimitError, R as clearHistoryEntries, Rt as formatZonedTimestamp, S as resolveDiscordUserAllowlist, Sn as BLUEBUBBLES_GROUP_ACTIONS, T as summarizeMapping, U as buildMediaPayload, Ut as resolveDmGroupAccessDecision, V as recordPendingHistoryEntry, Vt as readStoreAllowFromForDmPolicy, W as collectDiscordAuditChannelIds, Wt as resolveDmGroupAccessWithCommandGate, Xt as DEFAULT_WEBHOOK_BODY_TIMEOUT_MS, Yt as pruneMapToMaxSize, Zt as DEFAULT_WEBHOOK_MAX_BODY_BYTES, _ as listLineAccountIds, _n as formatAllowlistMatchMeta, an as enqueueKeyedTask, b as resolveLineAccount, bn as BLUEBUBBLES_ACTIONS, bt as listDevicePairing, cn as getAcpRuntimeBackend, dn as unregisterAcpRuntimeBackend, dt as readBooleanParam, en as isRequestBodyLimitError, f as formatDocsLink, fn as ACP_ERROR_CODES, ft as optionalStringEnum, g as resolveSlackChannelAllowlist, gn as unbindThreadBindingsBySessionKey, gt as resolveAckReaction, h as resolveSlackUserAllowlist, hn as listThreadBindingsBySessionKey, in as KeyedAsyncQueue, j as createReplyPrefixOptions, jt as attachFooterText, k as createTypingCallbacks, kt as stripMarkdown, ln as registerAcpRuntimeBackend, lt as parseTelegramReplyToMessageId, mn as autoBindSpawnedDiscordSubagent, n as dispatchReplyFromConfig, nn as readRequestBodyWithLimit, on as isDangerousNameMatchingEnabled, ot as createDedupeCache, pn as AcpRuntimeError, pt as stringEnum, q as shouldAckReaction, rn as requestBodyErrorToText, sn as registerPluginHttpRoute, t as withReplyDispatcher, tn as readJsonBodyWithLimit, un as requireAcpRuntimeBackend, ut as parseTelegramThreadId, v as normalizeAccountId$1, vn as resolveAllowlistMatchByCandidates, w as mergeAllowlist, x as detectBinary, xn as BLUEBUBBLES_ACTION_NAMES, xt as rejectDevicePairing, y as resolveDefaultLineAccountId, yn as resolveAllowlistMatchSimple, yt as approveDevicePairing, z as clearHistoryEntriesIfEnabled, zt as resolveTimezone } from "./dispatch-DHll-mp1.js";
 import "./paths-eFexkPEh.js";
 import "./github-copilot-token-Cxf8QYZb.js";
-import { C as normalizeE164, O as safeParseJson, Q as resolvePreferredOpenClawTmpDir, b as isRecord, j as sleep, m as clamp, p as CONFIG_DIR, q as registerLogTransport, s as stripAnsi, v as escapeRegExp, w as pathExists } from "./logger-D6zRubj0.js";
-import { t as isTruthyEnvValue } from "./env-b9k1PHMI.js";
-import { At as GROUP_POLICY_BLOCKED_LABEL, Bt as buildChannelKeyCandidates, Dt as evaluateSenderGroupAccess, Et as evaluateMatchedGroupAccessForPolicy, Ft as resolveRuntimeGroupPolicy, Ht as resolveChannelEntryMatch, It as warnMissingProviderGroupPolicyFallbackOnce, Mt as resolveAllowlistProviderRuntimeGroupPolicy, Nt as resolveDefaultGroupPolicy, Ot as evaluateSenderGroupAccessForPolicy, Pt as resolveOpenProviderRuntimeGroupPolicy, Tt as evaluateGroupRouteAccessForPolicy, Ut as resolveChannelEntryMatchWithFallback, Vt as normalizeChannelSlug, Wt as resolveNestedAllowlistDecision, at as parseDiscordTarget, dt as normalizeDiscordSlug, jt as resetMissingProviderGroupPolicyFallbackWarningsForTesting, kt as resolveSenderScopedGroupPolicy } from "./send-DP_c8JfR.js";
+import { C as normalizeE164, O as safeParseJson, Q as resolvePreferredOpenClawTmpDir, b as isRecord, j as sleep, m as clamp, p as CONFIG_DIR, q as registerLogTransport, s as stripAnsi, v as escapeRegExp, w as pathExists } from "./logger-4h9G_BiT.js";
+import { t as isTruthyEnvValue } from "./env-16_axnas.js";
+import { At as GROUP_POLICY_BLOCKED_LABEL, Bt as buildChannelKeyCandidates, Dt as evaluateSenderGroupAccess, Et as evaluateMatchedGroupAccessForPolicy, Ft as resolveRuntimeGroupPolicy, Ht as resolveChannelEntryMatch, It as warnMissingProviderGroupPolicyFallbackOnce, Mt as resolveAllowlistProviderRuntimeGroupPolicy, Nt as resolveDefaultGroupPolicy, Ot as evaluateSenderGroupAccessForPolicy, Pt as resolveOpenProviderRuntimeGroupPolicy, Tt as evaluateGroupRouteAccessForPolicy, Ut as resolveChannelEntryMatchWithFallback, Vt as normalizeChannelSlug, Wt as resolveNestedAllowlistDecision, at as parseDiscordTarget, dt as normalizeDiscordSlug, jt as resetMissingProviderGroupPolicyFallbackWarningsForTesting, kt as resolveSenderScopedGroupPolicy } from "./send-CrviNQqd.js";
 import "./fetch-BSKpf2dM.js";
-import "./channel-activity-DO0FEzyj.js";
-import { t as fetchWithSsrFGuard } from "./fetch-guard-4UVSZ0uS.js";
-import "./local-roots-adnEg9zb.js";
-import { p as chunkTextByBreakResolver, v as loadWebMedia } from "./ir-CugsqGH8.js";
+import "./channel-activity-D1ewxjRA.js";
+import { t as fetchWithSsrFGuard } from "./fetch-guard-D5xZ4NgD.js";
+import "./local-roots-BmJJ0DW6.js";
+import { p as chunkTextByBreakResolver, v as loadWebMedia } from "./ir-sjcp8bOx.js";
 import "./render-CKf6NJ1M.js";
-import "./tables-D5VgpTmm.js";
-import { J as formatLocationText, Y as toLocationContext, nt as readJsonFileWithFallback, rt as writeJsonFileAtomically } from "./send-l-77_s1_.js";
-import { d as readNumberParam, f as readReactionParams, h as readStringParam, l as jsonResult, n as missingTargetError, o as createActionGate } from "./target-errors-C6zZ_OpA.js";
-import { s as parseSlackBlocksInput } from "./send-CeHhnld6.js";
-import { h as resolveChannelMediaMaxBytes } from "./deliver-B1fFpKjV.js";
-import { g as onDiagnosticEvent, h as isDiagnosticsEnabled, m as emitDiagnosticEvent } from "./diagnostic-CxIvS-C2.js";
-import "./pi-model-discovery-Dh4ziodY.js";
-import { d as buildRandomTempFilePath, f as withTempDownloadPath } from "./audio-transcription-runner-CTIHpebA.js";
-import "./image-Ch6M4tnJ.js";
-import "./api-key-rotation-CimGYMBc.js";
-import "./proxy-fetch-CJEmoBxi.js";
-import { i as isSilentReplyText, n as SILENT_REPLY_TOKEN } from "./tokens-DUnJnpMS.js";
-import "./commands-registry-6no2NNrY.js";
+import "./tables-BDIh5Jdg.js";
+import { J as formatLocationText, Y as toLocationContext, nt as readJsonFileWithFallback, rt as writeJsonFileAtomically } from "./send-z35HNVtD.js";
+import { d as readNumberParam, f as readReactionParams, h as readStringParam, l as jsonResult, n as missingTargetError, o as createActionGate } from "./target-errors-B3_uM5qQ.js";
+import { s as parseSlackBlocksInput } from "./send-DoQSSC-e.js";
+import { h as resolveChannelMediaMaxBytes } from "./deliver-sDS_neu8.js";
+import { g as onDiagnosticEvent, h as isDiagnosticsEnabled, m as emitDiagnosticEvent } from "./diagnostic-BShsSCRy.js";
+import "./pi-model-discovery-DDQEBQc9.js";
+import { d as buildRandomTempFilePath, f as withTempDownloadPath } from "./audio-transcription-runner-BUqRvf08.js";
+import "./image-DQ8fBtXx.js";
+import "./api-key-rotation-DPjUBVuJ.js";
+import "./proxy-fetch-DN1cfotw.js";
+import { i as isSilentReplyText, n as SILENT_REPLY_TOKEN } from "./tokens-BQbFuzFW.js";
+import "./commands-registry-CIaR-qRn.js";
 import { n as normalizeTelegramLookupTarget, r as parseTelegramTarget } from "./targets-s9KeyATC.js";
-import { n as listSkillCommandsForAgents } from "./skill-commands-BohYCgkq.js";
-import "./send-CScblaI4.js";
-import "./outbound-attachment-khXJwucX.js";
-import { c as createAllowedChatSenderMatcher, d as resolveServicePrefixedAllowTarget, f as resolveServicePrefixedChatTarget, l as parseChatAllowTargetPrefixes, m as resolveServicePrefixedTarget, o as normalizeIMessageHandle, p as resolveServicePrefixedOrChatAllowTarget, u as parseChatTargetPrefixesOrThrow } from "./send-Dc5fI6e8.js";
-import "./sqlite-CJE3X7Mv.js";
-import { i as isWSLSync, n as isWSL2Sync, r as isWSLEnv } from "./fetch-PoxzAANT.js";
-import "./manager-CHy8IclH.js";
-import { t as resolveWhatsAppOutboundTarget } from "./resolve-outbound-target-BiICvIKs.js";
-import { r as resolveWhatsAppHeartbeatRecipients } from "./channel-web-Da-__nUF.js";
-import "./outbound-Wzs2iN7X.js";
-import "./session-CkOKZaqa.js";
-import { t as loginWeb } from "./login-CYvkQ0At.js";
+import { n as listSkillCommandsForAgents } from "./skill-commands-DuKOrryr.js";
+import "./send-2kliIusR.js";
+import "./outbound-attachment-B1n9VVI8.js";
+import { c as createAllowedChatSenderMatcher, d as resolveServicePrefixedAllowTarget, f as resolveServicePrefixedChatTarget, l as parseChatAllowTargetPrefixes, m as resolveServicePrefixedTarget, o as normalizeIMessageHandle, p as resolveServicePrefixedOrChatAllowTarget, u as parseChatTargetPrefixesOrThrow } from "./send-BhMWDqI9.js";
+import "./sqlite-BPMcn30D.js";
+import { i as isWSLSync, n as isWSL2Sync, r as isWSLEnv } from "./fetch-BYCV2n_Y.js";
+import "./manager-tIwC8DEO.js";
+import { t as resolveWhatsAppOutboundTarget } from "./resolve-outbound-target-DfAPWL26.js";
+import { r as resolveWhatsAppHeartbeatRecipients } from "./channel-web-DRnh0GDK.js";
+import "./outbound-DutV0sq6.js";
+import "./session-C5WI4lUa.js";
+import { t as loginWeb } from "./login-A9QduCfA.js";
 import fs, { constants, createWriteStream } from "node:fs";
 import path from "node:path";
 import os from "node:os";

package/dist/plugin-sdk/signal.js

@@ -5,7 +5,7 @@ import chalk, { Chalk } from "chalk";
 import fs, { constants, createWriteStream } from "node:fs";
 import { Logger } from "tslog";
 import os from "node:os";
-import json5 from "json5";
+import JSON5 from "json5";
 import { promisify } from "node:util";
 import { randomUUID } from "node:crypto";
 import fs$1 from "node:fs/promises";
@@ -752,7 +752,7 @@ function readLoggingConfig() {
 	try {
 		if (!fs.existsSync(configPath)) return;
 		const raw = fs.readFileSync(configPath, "utf-8");
-		const logging = json5.parse(raw)?.logging;
+		const logging = JSON5.parse(raw)?.logging;
 		if (!logging || typeof logging !== "object" || Array.isArray(logging)) return;
 		return logging;
 	} catch {

package/extensions/mfa-auth/src/notification-service.ts

@@ -22,34 +22,47 @@ class NotificationService {
   }
 
   async sendAuthNotification(session: AuthSession, message: string): Promise<void> {
-    const { channel, accountId, to } = session.originalContext;
+    const { channel } = session.originalContext;
 
     if (!this.cfg) {
       console.warn("[mfa-auth] Config not set, skipping notification");
       return;
     }
 
-    if (channel === "webchat" || channel === "web" || channel === "main" || channel === "desktop") {
-      console.log(`[mfa-auth] ${channel} channel: sending notification via WebSocket`);
-      await this.sendToWebChat(session, message);
-      return;
-    }
+    const normalizedChannel = String(channel || "")
+      .trim()
+      .toLowerCase();
 
-    if (channel === "feishu") {
-      await this.sendToFeishu(session, message);
+    if (normalizedChannel === "feishu") {
+      try {
+        await this.sendToFeishu(session, message);
+      } catch (error) {
+        // Fallback to gateway injection to avoid silent message loss when channel API
+        // permissions are temporarily missing.
+        console.warn(
+          `[mfa-auth] Feishu direct send failed, falling back to gateway inject: ${String(error)}`,
+        );
+        await this.sendViaGatewayInject(session, message, normalizedChannel);
+      }
       return;
     }
 
-    console.warn(`[mfa-auth] Unsupported channel: ${channel}`);
+    await this.sendViaGatewayInject(session, message, normalizedChannel);
   }
 
-  private async sendToWebChat(session: AuthSession, message: string): Promise<void> {
-    const { sessionKey } = session.originalContext;
+  private async sendViaGatewayInject(
+    session: AuthSession,
+    message: string,
+    channelHint?: string,
+  ): Promise<void> {
+    const { sessionKey, accountId } = session.originalContext;
     const port = this.cfg?.gateway?.port || 18789;
     const token = this.cfg?.gateway?.auth?.token;
     const host = config.gatewayHost || "127.0.0.1";
 
-    console.log(`[mfa-auth] sendToWebChat: sessionKey=${sessionKey}, host=${host}, port=${port}`);
+    console.log(
+      `[mfa-auth] sendViaGatewayInject: channel=${channelHint || "unknown"}, sessionKey=${sessionKey}, host=${host}, port=${port}`,
+    );
 
     // eslint-disable-next-line @typescript-eslint/no-explicit-any
     const wsModule = await import("ws");
@@ -133,7 +146,9 @@ class NotificationService {
               reject(new Error(`sessions.list failed: ${JSON.stringify(response.error)}`));
               return;
             }
-            candidateSessionKeys = this.resolveWebchatSessionCandidates({
+            candidateSessionKeys = this.resolveSessionCandidates({
+              channelHint,
+              accountId,
               requestedSessionKey: sessionKey,
               userId: session.userId,
               targetTo: session.originalContext.to,
@@ -141,11 +156,11 @@ class NotificationService {
             });
             if (candidateSessionKeys.length === 0) {
               ws.close();
-              reject(new Error("No candidate webchat sessions found"));
+              reject(new Error("No candidate sessions found for gateway inject"));
               return;
             }
             console.log(
-              `[mfa-auth] candidate webchat sessions: ${candidateSessionKeys.join(", ")}`,
+              `[mfa-auth] candidate sessions (${channelHint || "any"}): ${candidateSessionKeys.join(", ")}`,
             );
             injectIndex = 0;
             sendInject(candidateSessionKeys[injectIndex]);
@@ -193,12 +208,20 @@ class NotificationService {
     });
   }
 
-  private resolveWebchatSessionCandidates(params: {
+  private resolveSessionCandidates(params: {
+    channelHint?: string;
+    accountId?: string;
     requestedSessionKey?: string;
     userId: string;
     targetTo?: string;
     sessionsListResult: unknown;
   }): string[] {
+    const normalizedChannelHint = String(params.channelHint || "")
+      .trim()
+      .toLowerCase();
+    const normalizedAccountId = String(params.accountId || "")
+      .trim()
+      .toLowerCase();
     const normalizedTarget = String(params.targetTo || params.userId || "")
       .trim()
       .toLowerCase();
@@ -207,7 +230,7 @@ class NotificationService {
         ? (params.sessionsListResult as Record<string, unknown>)
         : undefined;
     const sessionsRaw = Array.isArray(resultObject?.sessions) ? resultObject.sessions : [];
-    const webchatRows = sessionsRaw
+    const matchingRows = sessionsRaw
       .map((row) => (row && typeof row === "object" ? (row as Record<string, unknown>) : undefined))
       .filter((row): row is Record<string, unknown> => Boolean(row))
       .filter((row) => {
@@ -218,20 +241,40 @@ class NotificationService {
         const dcChannel = String(dc?.channel ?? "")
           .trim()
           .toLowerCase();
-        return ch === "webchat" || ch === "web" || dcChannel === "webchat" || dcChannel === "web";
+
+        if (!normalizedChannelHint) {
+          return true;
+        }
+
+        if (normalizedChannelHint === "web" || normalizedChannelHint === "webchat") {
+          return ch === "webchat" || ch === "web" || dcChannel === "webchat" || dcChannel === "web";
+        }
+
+        return ch === normalizedChannelHint || dcChannel === normalizedChannelHint;
+      })
+      .filter((row) => {
+        if (!normalizedAccountId) return true;
+        const dc = row.deliveryContext as Record<string, unknown> | undefined;
+        const rowAccount = String(row.accountId ?? "")
+          .trim()
+          .toLowerCase();
+        const dcAccount = String(dc?.accountId ?? "")
+          .trim()
+          .toLowerCase();
+        return rowAccount === normalizedAccountId || dcAccount === normalizedAccountId;
       });
 
-    const exactRows = webchatRows.filter((row) => {
+    const exactRows = matchingRows.filter((row) => {
       const dc = row.deliveryContext as Record<string, unknown> | undefined;
       const peer = String(dc?.to ?? row.lastTo ?? "")
         .trim()
         .toLowerCase();
       return peer.length > 0 && peer === normalizedTarget;
     });
-    const fallbackRows = webchatRows.filter((row) => !exactRows.includes(row));
+    const fallbackRows = matchingRows.filter((row) => !exactRows.includes(row));
 
-    // Fuzzy match: include any webchat session that contains the userId in its key
-    const fuzzyRows = webchatRows.filter((row) => {
+    // Fuzzy match: include any session whose key contains the target id.
+    const fuzzyRows = matchingRows.filter((row) => {
       const key = String(row.key ?? "").toLowerCase();
       // Ensure we don't duplicate rows already found
       return (
@@ -253,9 +296,10 @@ class NotificationService {
       ...exactRows.map((row) => String(row.key ?? "").trim()),
       ...fallbackRows.map((row) => String(row.key ?? "").trim()),
       ...fuzzyRows.map((row) => String(row.key ?? "").trim()),
-      // Add standard webchat patterns
+      // Common fallback patterns.
       `agent:main:${normalizedTarget}`,
-      `webchat:${normalizedTarget}`,
+      `${normalizedChannelHint}:${normalizedTarget}`,
+      normalizedAccountId ? `${normalizedChannelHint}:${normalizedAccountId}:${normalizedTarget}` : "",
       normalizedTarget,
       "main",
     ];

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "cclawd",
-    "version": "1.0.4",
+    "version": "1.0.5",
     "description": "Multi-channel AI gateway with extensible messaging integrations",
     "keywords": [],
     "homepage": "https://github.com/openclaw/openclaw#readme",

package/dist/plugin-sdk/active-listener-CN-tMEvN.js

@@ -1,35 +0,0 @@
-import { Ft as DEFAULT_ACCOUNT_ID } from "./paths-BtVqCdw4.js";
-import { Ul as formatCliCommand } from "./config-B9ODwgpz.js";
-//#region src/web/active-listener.ts
-const listeners = /* @__PURE__ */ new Map();
-function resolveWebAccountId(accountId) {
-	return (accountId ?? "").trim() || "default";
-}
-function requireActiveWebListener(accountId) {
-	const id = resolveWebAccountId(accountId);
-	const listener = listeners.get(id) ?? null;
-	if (!listener) throw new Error(`No active WhatsApp Web listener (account: ${id}). Start the gateway, then link WhatsApp with: ${formatCliCommand(`openclaw channels login --channel whatsapp --account ${id}`)}.`);
-	return {
-		accountId: id,
-		listener
-	};
-}
-function setActiveWebListener(accountIdOrListener, maybeListener) {
-	const { accountId, listener } = typeof accountIdOrListener === "string" ? {
-		accountId: accountIdOrListener,
-		listener: maybeListener ?? null
-	} : {
-		accountId: DEFAULT_ACCOUNT_ID,
-		listener: accountIdOrListener ?? null
-	};
-	const id = resolveWebAccountId(accountId);
-	if (!listener) listeners.delete(id);
-	else listeners.set(id, listener);
-	if (id === "default") {}
-}
-function getActiveWebListener(accountId) {
-	const id = resolveWebAccountId(accountId);
-	return listeners.get(id) ?? null;
-}
-//#endregion
-export { requireActiveWebListener as n, setActiveWebListener as r, getActiveWebListener as t };

package/dist/plugin-sdk/api-key-rotation-CimGYMBc.js

@@ -1,176 +0,0 @@
-import { Hs as formatErrorMessage, Vt as normalizeProviderId } from "./config-B9ODwgpz.js";
-//#region src/infra/gemini-auth.ts
-/**
-* Shared Gemini authentication utilities.
-*
-* Supports both traditional API keys and OAuth JSON format.
-*/
-/**
-* Parse Gemini API key and return appropriate auth headers.
-*
-* OAuth format: `{"token": "...", "projectId": "..."}`
-*
-* @param apiKey - Either a traditional API key string or OAuth JSON
-* @returns Headers object with appropriate authentication
-*/
-function parseGeminiAuth(apiKey) {
-	if (apiKey.startsWith("{")) try {
-		const parsed = JSON.parse(apiKey);
-		if (typeof parsed.token === "string" && parsed.token) return { headers: {
-			Authorization: `Bearer ${parsed.token}`,
-			"Content-Type": "application/json"
-		} };
-	} catch {}
-	return { headers: {
-		"x-goog-api-key": apiKey,
-		"Content-Type": "application/json"
-	} };
-}
-//#endregion
-//#region src/agents/live-auth-keys.ts
-const KEY_SPLIT_RE = /[\s,;]+/g;
-const GOOGLE_LIVE_SINGLE_KEY = "OPENCLAW_LIVE_GEMINI_KEY";
-const PROVIDER_PREFIX_OVERRIDES = {
-	google: "GEMINI",
-	"google-vertex": "GEMINI"
-};
-const PROVIDER_API_KEY_CONFIG = {
-	anthropic: {
-		liveSingle: "OPENCLAW_LIVE_ANTHROPIC_KEY",
-		listVar: "OPENCLAW_LIVE_ANTHROPIC_KEYS",
-		primaryVar: "ANTHROPIC_API_KEY",
-		prefixedVar: "ANTHROPIC_API_KEY_"
-	},
-	google: {
-		liveSingle: GOOGLE_LIVE_SINGLE_KEY,
-		listVar: "GEMINI_API_KEYS",
-		primaryVar: "GEMINI_API_KEY",
-		prefixedVar: "GEMINI_API_KEY_"
-	},
-	"google-vertex": {
-		liveSingle: GOOGLE_LIVE_SINGLE_KEY,
-		listVar: "GEMINI_API_KEYS",
-		primaryVar: "GEMINI_API_KEY",
-		prefixedVar: "GEMINI_API_KEY_"
-	},
-	openai: {
-		liveSingle: "OPENCLAW_LIVE_OPENAI_KEY",
-		listVar: "OPENAI_API_KEYS",
-		primaryVar: "OPENAI_API_KEY",
-		prefixedVar: "OPENAI_API_KEY_"
-	}
-};
-function parseKeyList(raw) {
-	if (!raw) return [];
-	return raw.split(KEY_SPLIT_RE).map((value) => value.trim()).filter(Boolean);
-}
-function collectEnvPrefixedKeys(prefix) {
-	const keys = [];
-	for (const [name, value] of Object.entries(process.env)) {
-		if (!name.startsWith(prefix)) continue;
-		const trimmed = value?.trim();
-		if (!trimmed) continue;
-		keys.push(trimmed);
-	}
-	return keys;
-}
-function resolveProviderApiKeyConfig(provider) {
-	const normalized = normalizeProviderId(provider);
-	const custom = PROVIDER_API_KEY_CONFIG[normalized];
-	const base = PROVIDER_PREFIX_OVERRIDES[normalized] ?? normalized.toUpperCase().replace(/-/g, "_");
-	const liveSingle = custom?.liveSingle ?? `OPENCLAW_LIVE_${base}_KEY`;
-	const listVar = custom?.listVar ?? `${base}_API_KEYS`;
-	const primaryVar = custom?.primaryVar ?? `${base}_API_KEY`;
-	const prefixedVar = custom?.prefixedVar ?? `${base}_API_KEY_`;
-	if (normalized === "google" || normalized === "google-vertex") return {
-		liveSingle,
-		listVar,
-		primaryVar,
-		prefixedVar,
-		fallbackVars: ["GOOGLE_API_KEY"]
-	};
-	return {
-		liveSingle,
-		listVar,
-		primaryVar,
-		prefixedVar,
-		fallbackVars: []
-	};
-}
-function collectProviderApiKeys(provider) {
-	const config = resolveProviderApiKeyConfig(provider);
-	const forcedSingle = config.liveSingle ? process.env[config.liveSingle]?.trim() : void 0;
-	if (forcedSingle) return [forcedSingle];
-	const fromList = parseKeyList(config.listVar ? process.env[config.listVar] : void 0);
-	const primary = config.primaryVar ? process.env[config.primaryVar]?.trim() : void 0;
-	const fromPrefixed = config.prefixedVar ? collectEnvPrefixedKeys(config.prefixedVar) : [];
-	const fallback = config.fallbackVars.map((envVar) => process.env[envVar]?.trim()).filter(Boolean);
-	const seen = /* @__PURE__ */ new Set();
-	const add = (value) => {
-		if (!value) return;
-		if (seen.has(value)) return;
-		seen.add(value);
-	};
-	for (const value of fromList) add(value);
-	add(primary);
-	for (const value of fromPrefixed) add(value);
-	for (const value of fallback) add(value);
-	return Array.from(seen);
-}
-function isApiKeyRateLimitError(message) {
-	const lower = message.toLowerCase();
-	if (lower.includes("rate_limit")) return true;
-	if (lower.includes("rate limit")) return true;
-	if (lower.includes("429")) return true;
-	if (lower.includes("quota exceeded") || lower.includes("quota_exceeded")) return true;
-	if (lower.includes("resource exhausted") || lower.includes("resource_exhausted")) return true;
-	if (lower.includes("too many requests")) return true;
-	return false;
-}
-//#endregion
-//#region src/agents/api-key-rotation.ts
-function dedupeApiKeys(raw) {
-	const seen = /* @__PURE__ */ new Set();
-	const keys = [];
-	for (const value of raw) {
-		const apiKey = value.trim();
-		if (!apiKey || seen.has(apiKey)) continue;
-		seen.add(apiKey);
-		keys.push(apiKey);
-	}
-	return keys;
-}
-function collectProviderApiKeysForExecution(params) {
-	const { primaryApiKey, provider } = params;
-	return dedupeApiKeys([primaryApiKey?.trim() ?? "", ...collectProviderApiKeys(provider)]);
-}
-async function executeWithApiKeyRotation(params) {
-	const keys = dedupeApiKeys(params.apiKeys);
-	if (keys.length === 0) throw new Error(`No API keys configured for provider "${params.provider}".`);
-	let lastError;
-	for (let attempt = 0; attempt < keys.length; attempt += 1) {
-		const apiKey = keys[attempt];
-		try {
-			return await params.execute(apiKey);
-		} catch (error) {
-			lastError = error;
-			const message = formatErrorMessage(error);
-			if (!(params.shouldRetry ? params.shouldRetry({
-				apiKey,
-				error,
-				attempt,
-				message
-			}) : isApiKeyRateLimitError(message)) || attempt + 1 >= keys.length) break;
-			params.onRetry?.({
-				apiKey,
-				error,
-				attempt,
-				message
-			});
-		}
-	}
-	if (lastError === void 0) throw new Error(`Failed to run API request for ${params.provider}.`);
-	throw lastError;
-}
-//#endregion
-export { executeWithApiKeyRotation as n, parseGeminiAuth as r, collectProviderApiKeysForExecution as t };

package/dist/plugin-sdk/audio-preflight-C-xXBoE2.js

@@ -1,51 +0,0 @@
-import "./paths-BtVqCdw4.js";
-import "./config-B9ODwgpz.js";
-import "./paths-eFexkPEh.js";
-import "./github-copilot-token-Cxf8QYZb.js";
-import { B as shouldLogVerbose, R as logVerbose } from "./logger-D6zRubj0.js";
-import "./env-b9k1PHMI.js";
-import "./fetch-guard-4UVSZ0uS.js";
-import "./local-roots-adnEg9zb.js";
-import { i as normalizeMediaAttachments, m as isAudioAttachment, o as resolveMediaAttachmentLocalRoots, t as runAudioTranscription } from "./audio-transcription-runner-CTIHpebA.js";
-import "./image-Ch6M4tnJ.js";
-import "./api-key-rotation-CimGYMBc.js";
-import "./proxy-fetch-CJEmoBxi.js";
-//#region src/media-understanding/audio-preflight.ts
-/**
-* Transcribes the first audio attachment BEFORE mention checking.
-* This allows voice notes to be processed in group chats with requireMention: true.
-* Returns the transcript or undefined if transcription fails or no audio is found.
-*/
-async function transcribeFirstAudio(params) {
-	const { ctx, cfg } = params;
-	const audioConfig = cfg.tools?.media?.audio;
-	if (!audioConfig || audioConfig.enabled === false) return;
-	const attachments = normalizeMediaAttachments(ctx);
-	if (!attachments || attachments.length === 0) return;
-	const firstAudio = attachments.find((att) => att && isAudioAttachment(att) && !att.alreadyTranscribed);
-	if (!firstAudio) return;
-	if (shouldLogVerbose()) logVerbose(`audio-preflight: transcribing attachment ${firstAudio.index} for mention check`);
-	try {
-		const { transcript } = await runAudioTranscription({
-			ctx,
-			cfg,
-			attachments,
-			agentDir: params.agentDir,
-			providers: params.providers,
-			activeModel: params.activeModel,
-			localPathRoots: resolveMediaAttachmentLocalRoots({
-				cfg,
-				ctx
-			})
-		});
-		if (!transcript) return;
-		firstAudio.alreadyTranscribed = true;
-		if (shouldLogVerbose()) logVerbose(`audio-preflight: transcribed ${transcript.length} chars from attachment ${firstAudio.index}`);
-		return transcript;
-	} catch (err) {
-		if (shouldLogVerbose()) logVerbose(`audio-preflight: transcription failed: ${String(err)}`);
-		return;
-	}
-}
-//#endregion
-export { transcribeFirstAudio };