npm - evolclaw - Versions diffs - 2.5.3 → 2.5.4 - Mend

evolclaw 2.5.3 → 2.5.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/dist/utils/init-channel.js +39 -35
package/dist/utils/init.js +14 -8
package/evolclaw-install-aun.md +15 -3
package/package.json +1 -1

package/dist/utils/init-channel.js CHANGED Viewed

@@ -10,7 +10,7 @@ import readline from 'readline';
 import path from 'path';
 import os from 'os';
 import crypto from 'crypto';
-import { createRequire } from 'module';
+import { fileURLToPath } from 'url';
 import { execFile, execFileSync } from 'child_process';
 import { promisify } from 'util';
 import { resolvePaths } from '../paths.js';
@@ -20,8 +20,9 @@ import { isWindows } from './cross-platform.js';
 const execFileAsync = promisify(execFile);
 export async function npmInstallGlobal(pkg) {
     const npmCmd = isWindows ? 'npm.cmd' : 'npm';
+    const execOpts = { timeout: 180000, shell: isWindows };
     try {
-        await execFileAsync(npmCmd, ['install', '-g', pkg], { timeout: 180000 });
+        await execFileAsync(npmCmd, ['install', '-g', pkg], execOpts);
     }
     catch (e) {
         if (e.stderr?.includes('EACCES') || e.message?.includes('EACCES')) {
@@ -577,35 +578,31 @@ function compareVersion(a, min) {
     return parts[2] >= min[2];
 }
 export function resolveAunCoreSdkPkg() {
-    // Strategy 1: createRequire (works when evolclaw and SDK share the same node_modules)
+    const pkgName = AUN_CORE_SDK_PKG;
+    // Strategy 1: walk up node_modules from this file (no require.resolve — avoids ESM exports issues)
     try {
-        const esmRequire = createRequire(import.meta.url);
-        const entry = esmRequire.resolve(AUN_CORE_SDK_PKG);
-        const pkgPath = path.join(path.dirname(entry), 'package.json');
-        if (!fs.existsSync(pkgPath)) {
-            // 向上回溯查找 package.json
-            let dir = path.dirname(entry);
-            for (let i = 0; i < 5; i++) {
-                const candidate = path.join(dir, 'package.json');
-                if (fs.existsSync(candidate)) {
-                    const data = JSON.parse(fs.readFileSync(candidate, 'utf-8'));
-                    if (data.name === AUN_CORE_SDK_PKG)
-                        return { version: data.version, path: candidate };
-                }
-                dir = path.dirname(dir);
+        let dir = path.dirname(fileURLToPath(import.meta.url));
+        while (true) {
+            const candidate = path.join(dir, 'node_modules', pkgName, 'package.json');
+            if (fs.existsSync(candidate)) {
+                const data = JSON.parse(fs.readFileSync(candidate, 'utf-8'));
+                if (data.name === pkgName)
+                    return { version: data.version, path: candidate };
             }
-        }
-        else {
-            const data = JSON.parse(fs.readFileSync(pkgPath, 'utf-8'));
-            return { version: data.version, path: pkgPath };
+            const parent = path.dirname(dir);
+            if (parent === dir)
+                break;
+            dir = parent;
         }
     }
-    catch { /* fall through to strategy 2 */ }
-    // Strategy 2: npm root -g fallback (handles Windows / path mismatch)
+    catch { /* fall through */ }
+    // Strategy 2: npm root -g fallback (globally installed SDK)
     try {
         const npmCmd = isWindows ? 'npm.cmd' : 'npm';
-        const globalRoot = execFileSync(npmCmd, ['root', '-g'], { encoding: 'utf-8', timeout: 10000 }).trim();
-        const pkgPath = path.join(globalRoot, AUN_CORE_SDK_PKG, 'package.json');
+        const globalRoot = execFileSync(npmCmd, ['root', '-g'], {
+            encoding: 'utf-8', timeout: 10000, shell: isWindows,
+        }).trim();
+        const pkgPath = path.join(globalRoot, pkgName, 'package.json');
         if (fs.existsSync(pkgPath)) {
             const data = JSON.parse(fs.readFileSync(pkgPath, 'utf-8'));
             return { version: data.version, path: pkgPath };
@@ -706,23 +703,30 @@ export async function setupAunAid(rl, _config) {
         try {
             const { AUNClient } = await import('@eleans/aun-core-sdk');
             const client = new AUNClient({ aun_path: aunPath });
-            // Set gateway URL from AID domain + port
-            const domain = aid.split('.').slice(1).join('.');
-            const port = gatewayPort || 443;
-            client._gatewayUrl = `wss://gateway.${domain}:${port}/aun`;
+            // 如果用户指定了自定义端口，手动设置 gateway URL；否则让 SDK 自动发现
+            if (gatewayPort) {
+                const domain = aid.split('.').slice(1).join('.');
+                client._gatewayUrl = `wss://gateway.${domain}:${gatewayPort}/aun`;
+            }
             const result = await client.auth.createAid({ aid });
             console.log(`  ✓ AID ${result.aid} 创建成功`);
-            // 下载 CA 根证书（如果本地不存在）
+            // 下载 CA 根证书（如果本地不存在），从 SDK 返回的实际网关 URL 派生
             const caDir = path.join(aunPath, 'CA', 'root');
             const caCertPath = path.join(caDir, 'root.crt');
-            if (!fs.existsSync(caCertPath)) {
+            if (!fs.existsSync(caCertPath) && result.gateway) {
                 try {
                     fs.mkdirSync(caDir, { recursive: true });
-                    // Derive HTTPS URL from gateway WebSocket URL (same as SDK's _gatewayHttpUrl)
-                    const resp = await fetch(`https://gateway.${domain}:${port}/pki/chain`);
+                    const gwHttp = result.gateway.replace(/^wss?:/, 'https:').replace(/\/aun$/, '');
+                    const resp = await fetch(`${gwHttp}/pki/chain`, { redirect: 'follow' });
                     if (resp.ok) {
-                        fs.writeFileSync(caCertPath, await resp.text());
-                        console.log('  ✓ CA 根证书已下载');
+                        const body = await resp.text();
+                        if (body.includes('BEGIN CERTIFICATE')) {
+                            fs.writeFileSync(caCertPath, body);
+                            console.log('  ✓ CA 根证书已下载');
+                        }
+                        else {
+                            console.warn('  ⚠ CA 根证书响应内容无效，跳过写入');
+                        }
                     }
                 }
                 catch (e) {

package/dist/utils/init.js CHANGED Viewed

@@ -417,19 +417,25 @@ export async function cmdInit(options) {
             if (!fs.existsSync(path.join(aidDir, 'private'))) {
                 const { AUNClient } = await import('@eleans/aun-core-sdk');
                 const client = new AUNClient({ aun_path: aunPath });
-                const domain = options.aunAid.split('.').slice(1).join('.');
-                client._gatewayUrl = `wss://gateway.${domain}:443/aun`;
-                await client.auth.createAid({ aid: options.aunAid });
-                // 下载 CA 根证书（如果本地不存在）
+                // 让 SDK 通过 well-known 自动发现网关
+                const result = await client.auth.createAid({ aid: options.aunAid });
+                // 下载 CA 根证书（如果本地不存在），从 SDK 返回的实际网关 URL 派生
                 const caDir = path.join(aunPath, 'CA', 'root');
                 const caCertPath = path.join(caDir, 'root.crt');
-                if (!fs.existsSync(caCertPath)) {
+                if (!fs.existsSync(caCertPath) && result.gateway) {
                     try {
                         fs.mkdirSync(caDir, { recursive: true });
-                        const resp = await fetch(`https://gateway.${domain}/pki/chain`);
+                        const gwHttp = result.gateway.replace(/^wss?:/, 'https:').replace(/\/aun$/, '');
+                        const resp = await fetch(`${gwHttp}/pki/chain`, { redirect: 'follow' });
                         if (resp.ok) {
-                            fs.writeFileSync(caCertPath, await resp.text());
-                            console.log('✓ CA 根证书已下载');
+                            const body = await resp.text();
+                            if (body.includes('BEGIN CERTIFICATE')) {
+                                fs.writeFileSync(caCertPath, body);
+                                console.log('✓ CA 根证书已下载');
+                            }
+                            else {
+                                console.warn('⚠ CA 根证书响应内容无效，跳过写入');
+                            }
                         }
                     }
                     catch (e) {

package/evolclaw-install-aun.md CHANGED Viewed

@@ -50,11 +50,13 @@ npm install -g evolclaw
 | 参数 | 说明 | 示例 |
 |------|------|------|
-| `--aun-aid` | **必填**，你的 AUN Agent ID | `mybot.agentid.pub` |
-| `--aun-owner` | **必填**，Owner 的 AUN ID | `alice.agentid.pub` |
+| `--aun-aid` | **必填**，Agent 自身的 AID，作为 bot 在 AUN 网络上的独立身份 | `mybot.agentid.pub` |
+| `--aun-owner` | **必填**，Owner 的 AID，用于接收欢迎消息和管理权限 | `alice.agentid.pub` |
 | `--default-path` | 默认项目路径（可选，默认当前目录） | `/home/user/myproject` |
-如果用户在触发安装时已提供 Owner AID（例如消息中包含"将 xxx 添加为 Owner ID"），直接使用该值，否则询问用户。
+**注意**：`--aun-aid` 和 `--aun-owner` 必须是不同的 AID。Agent 需要独立身份，不能与 Owner 相同。
+如果用户在触发安装时已提供 Owner AID（例如消息中包含"将 xxx 添加为 Owner ID"），直接使用该值，否则询问用户。Agent AID 必须单独询问用户，不能默认使用 Owner AID。
 ### 步骤 4：非交互式初始化
@@ -146,3 +148,13 @@ EvolClaw 首次连接 AUN 网络时自动：
 evolclaw restart
 evolclaw logs
 ```
+**Q: Windows 上 npm install 报 spawn EINVAL？**
+Node.js 24+ 的安全变更（CVE-2024-27980）导致此错误。升级到 evolclaw >= 2.5.4 即可解决。
+临时方案：先手动运行 `npm install -g @eleans/aun-core-sdk`，再执行 init。
+**Q: 如何清理损坏的 AID 重新注册？**
+```bash
+rm -rf ~/.aun/AIDs/<aid>
+evolclaw init --non-interactive --channel aun --aun-aid <aid> --aun-owner <owner>
+```

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "evolclaw",
-  "version": "2.5.3",
+  "version": "2.5.4",
   "description": "Lightweight AI Agent gateway connecting Claude Agent SDK to messaging channels (Feishu, ACP) with multi-project session management",
   "type": "module",
   "main": "dist/index.js",