npm - evolclaw - Versions diffs - 2.5.7 → 2.5.8 - Mend

evolclaw 2.5.7 → 2.5.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/dist/config.js +2 -0
package/dist/utils/init-channel.js +50 -20
package/dist/utils/init.js +10 -22
package/package.json +1 -1

package/dist/config.js CHANGED Viewed

@@ -377,6 +377,8 @@ function validateConfig(config) {
     // Feishu 配置可选，但如果配置了就要完整（支持 array / object 两种格式）
     const feishuInstances = normalizeChannelInstances(config.channels?.feishu, 'feishu');
     for (const inst of feishuInstances) {
+        if (inst.enabled === false)
+            continue;
         const label = feishuInstances.length > 1 ? ` [${inst.name}]` : '';
         if (!inst.appId || inst.appId.startsWith('YOUR_')) {
             logger.warn(`⚠ Feishu${label} appId not configured (Feishu channel will be disabled)`);

package/dist/utils/init-channel.js CHANGED Viewed

@@ -627,6 +627,44 @@ export function resolveAunCoreSdkPkg() {
     catch { /* not found */ }
     return null;
 }
+/**
+ * Download AUN CA root certificate to ~/.aun/CA/root/root.crt.
+ * Idempotent: skips if file already exists. Returns true if a cert is on disk
+ * after the call (either pre-existing or freshly downloaded).
+ *
+ * Must be called BEFORE constructing any AUNClient that needs to verify
+ * gateway-issued certificates (e.g. for uploadAgentMd) — the SDK loads trusted
+ * roots from disk at client construction time and won't pick up later writes.
+ */
+export async function downloadCaRoot(aunPath, gatewayUrl, indent = '') {
+    const caDir = path.join(aunPath, 'CA', 'root');
+    const caCertPath = path.join(caDir, 'root.crt');
+    if (fs.existsSync(caCertPath))
+        return true;
+    if (!gatewayUrl)
+        return false;
+    try {
+        fs.mkdirSync(caDir, { recursive: true });
+        const gwHttp = gatewayUrl.replace(/^wss?:/, 'https:').replace(/\/aun$/, '');
+        const resp = await fetch(`${gwHttp}/pki/chain`, { redirect: 'follow' });
+        if (!resp.ok) {
+            console.warn(`${indent}⚠ CA 根证书下载失败: HTTP ${resp.status}`);
+            return false;
+        }
+        const body = await resp.text();
+        if (!body.includes('BEGIN CERTIFICATE')) {
+            console.warn(`${indent}⚠ CA 根证书响应内容无效，跳过写入`);
+            return false;
+        }
+        fs.writeFileSync(caCertPath, body);
+        console.log(`${indent}✓ CA 根证书已下载`);
+        return true;
+    }
+    catch (e) {
+        console.warn(`${indent}⚠ CA 根证书下载失败: ${e}，可稍后手动下载`);
+        return false;
+    }
+}
 export async function checkAunEnvironment(rl) {
     console.log('\n🔍 AUN 环境检查...\n');
     const minVer = MIN_AUN_CORE_SDK.join('.');
@@ -718,7 +756,7 @@ export async function setupAunAid(rl, _config) {
         let failed = false;
         try {
             const { AUNClient } = await import('@agentunion/aun-node');
-            const client = new AUNClient({ aun_path: aunPath });
+            let client = new AUNClient({ aun_path: aunPath });
             // 如果用户指定了自定义端口，手动设置 gateway URL；否则让 SDK 自动发现
             if (gatewayPort) {
                 const domain = aid.split('.').slice(1).join('.');
@@ -727,26 +765,18 @@ export async function setupAunAid(rl, _config) {
             const result = await client.auth.createAid({ aid });
             console.log(`  ✓ AID ${result.aid} 创建成功`);
             // 下载 CA 根证书（如果本地不存在），从 SDK 返回的实际网关 URL 派生
-            const caDir = path.join(aunPath, 'CA', 'root');
-            const caCertPath = path.join(caDir, 'root.crt');
-            if (!fs.existsSync(caCertPath) && result.gateway) {
+            const caDownloaded = await downloadCaRoot(aunPath, result.gateway || '', '  ');
+            // 关键：CA 下载后必须重建 client，让 SDK 重新加载 trusted roots。
+            // 否则 uploadAgentMd 会因为 "no trusted roots available" 而失败。
+            if (caDownloaded) {
                 try {
-                    fs.mkdirSync(caDir, { recursive: true });
-                    const gwHttp = result.gateway.replace(/^wss?:/, 'https:').replace(/\/aun$/, '');
-                    const resp = await fetch(`${gwHttp}/pki/chain`, { redirect: 'follow' });
-                    if (resp.ok) {
-                        const body = await resp.text();
-                        if (body.includes('BEGIN CERTIFICATE')) {
-                            fs.writeFileSync(caCertPath, body);
-                            console.log('  ✓ CA 根证书已下载');
-                        }
-                        else {
-                            console.warn('  ⚠ CA 根证书响应内容无效，跳过写入');
-                        }
-                    }
+                    await client.close();
                 }
-                catch (e) {
-                    console.warn(`  ⚠ CA 根证书下载失败: ${e}，可稍后手动下载`);
+                catch { /* ignore */ }
+                client = new AUNClient({ aun_path: aunPath });
+                if (gatewayPort) {
+                    const domain = aid.split('.').slice(1).join('.');
+                    client._gatewayUrl = `wss://gateway.${domain}:${gatewayPort}/aun`;
                 }
             }
             // Collect agent.md info and publish
@@ -760,7 +790,7 @@ export async function setupAunAid(rl, _config) {
                 console.log('  ✓ agent.md 已发布');
             }
             catch (e) {
-                console.log(`  ⚠ agent.md 发布失败（可稍后用 /agentmd put 重试）: ${String(e.message || e).slice(0, 100)}`);
+                console.log(`  ⚠ agent.md 发布失败（首次连接将自动重试）: ${String(e.message || e).slice(0, 100)}`);
             }
             fs.writeFileSync(agentMdPath, agentMdContent, 'utf-8');
             if (!fs.existsSync(agentMdPath)) {

package/dist/utils/init.js CHANGED Viewed

@@ -406,7 +406,7 @@ export async function cmdInit(options) {
         }
         if (options.channel === 'aun' && options.aunAid) {
             // 自动安装 AUN SDK
-            const { resolveAunCoreSdkPkg, npmInstallGlobal } = await import('./init-channel.js');
+            const { resolveAunCoreSdkPkg, npmInstallGlobal, downloadCaRoot } = await import('./init-channel.js');
             if (!resolveAunCoreSdkPkg()) {
                 console.log('正在安装 @agentunion/aun-node...');
                 await npmInstallGlobal('@agentunion/aun-node@latest');
@@ -416,31 +416,19 @@ export async function cmdInit(options) {
             const aidDir = path.join(aunPath, 'AIDs', options.aunAid);
             if (!fs.existsSync(path.join(aidDir, 'private'))) {
                 const { AUNClient } = await import('@agentunion/aun-node');
-                const client = new AUNClient({ aun_path: aunPath });
+                let client = new AUNClient({ aun_path: aunPath });
                 // 让 SDK 通过 well-known 自动发现网关
                 const result = await client.auth.createAid({ aid: options.aunAid });
                 // 下载 CA 根证书（如果本地不存在），从 SDK 返回的实际网关 URL 派生
-                const caDir = path.join(aunPath, 'CA', 'root');
-                const caCertPath = path.join(caDir, 'root.crt');
-                if (!fs.existsSync(caCertPath) && result.gateway) {
+                const caDownloaded = await downloadCaRoot(aunPath, result.gateway || '');
+                // 关键：CA 下载后必须重建 client，让 SDK 重新加载 trusted roots。
+                // 否则 uploadAgentMd 会因为 "no trusted roots available" 而失败。
+                if (caDownloaded) {
                     try {
-                        fs.mkdirSync(caDir, { recursive: true });
-                        const gwHttp = result.gateway.replace(/^wss?:/, 'https:').replace(/\/aun$/, '');
-                        const resp = await fetch(`${gwHttp}/pki/chain`, { redirect: 'follow' });
-                        if (resp.ok) {
-                            const body = await resp.text();
-                            if (body.includes('BEGIN CERTIFICATE')) {
-                                fs.writeFileSync(caCertPath, body);
-                                console.log('✓ CA 根证书已下载');
-                            }
-                            else {
-                                console.warn('⚠ CA 根证书响应内容无效，跳过写入');
-                            }
-                        }
-                    }
-                    catch (e) {
-                        console.warn(`⚠ CA 根证书下载失败: ${e}，可稍后手动下载`);
+                        await client.close();
                     }
+                    catch { }
+                    client = new AUNClient({ aun_path: aunPath });
                 }
                 // 写入初始 agent.md（initialized: false）
                 const agentName = options.aunAid.split('.')[0];
@@ -450,7 +438,7 @@ export async function cmdInit(options) {
                     await client.auth.uploadAgentMd(agentMd);
                 }
                 catch (e) {
-                    console.warn(`⚠ agent.md 网络发布失败（可稍后重试）: ${String(e?.message || e).slice(0, 100)}`);
+                    console.warn(`⚠ agent.md 网络发布失败（首次连接将自动重试）: ${String(e?.message || e).slice(0, 100)}`);
                 }
                 fs.writeFileSync(agentMdPath, agentMd, 'utf-8');
                 if (!fs.existsSync(agentMdPath)) {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "evolclaw",
-  "version": "2.5.7",
+  "version": "2.5.8",
   "description": "Lightweight AI Agent gateway connecting Claude Agent SDK to messaging channels (Feishu, ACP) with multi-project session management",
   "type": "module",
   "main": "dist/index.js",