hyperclaw 5.0.1 → 5.0.2

package/dist/connector-BUzzq7Ij.js

@@ -0,0 +1,568 @@
+const require_chunk = require('./chunk-jS-bbMI5.js');
+const chalk = require_chunk.__toESM(require("chalk"));
+const fs_extra = require_chunk.__toESM(require("fs-extra"));
+const path = require_chunk.__toESM(require("path"));
+const os = require_chunk.__toESM(require("os"));
+const http = require_chunk.__toESM(require("http"));
+const https = require_chunk.__toESM(require("https"));
+const events = require_chunk.__toESM(require("events"));
+
+//#region extensions/tlon/src/connector.ts
+const STATE_DIR = path.default.join(os.default.homedir(), ".hyperclaw");
+const STATE_FILE = path.default.join(STATE_DIR, "tlon-state.json");
+const PAIRING_EXPIRY_MS = 60 * 60 * 1e3;
+const SSE_RECONNECT_DELAY_MS = 5e3;
+const PAIRING_CHARS = "ABCDEFGHJKLMNPQRSTUVWXYZ23456789";
+const PRIVATE_RANGES = [
+	/^127\./,
+	/^10\./,
+	/^192\.168\./,
+	/^172\.(1[6-9]|2\d|3[01])\./,
+	/^169\.254\./,
+	/^::1$/,
+	/^fc[0-9a-f]{2}:/i,
+	/^fd[0-9a-f]{2}:/i
+];
+function isPrivateHost(hostname) {
+	return PRIVATE_RANGES.some((r) => r.test(hostname)) || hostname === "localhost";
+}
+function checkSsrf(shipUrl, allowPrivate) {
+	if (allowPrivate) return;
+	try {
+		const { hostname } = new URL(shipUrl);
+		if (isPrivateHost(hostname)) throw new Error(`Tlon: ship URL "${shipUrl}" resolves to a private/local address. Set channels.tlon.allowPrivateNetwork: true to allow this (SSRF opt-in).`);
+	} catch (e) {
+		if (e.message.startsWith("Tlon:")) throw e;
+	}
+}
+function markdownToInlines(text) {
+	const result = [];
+	const parts = text.split(/(\*\*[^*]+\*\*|\*[^*]+\*|`[^`]+`|~[a-z-]+)/g);
+	for (const part of parts) if (part.startsWith("**") && part.endsWith("**")) result.push({ bold: [{ text: part.slice(2, -2) }] });
+	else if (part.startsWith("*") && part.endsWith("*")) result.push({ italics: [{ text: part.slice(1, -1) }] });
+	else if (part.startsWith("`") && part.endsWith("`")) result.push({ code: part.slice(1, -1) });
+	else if (/^~[a-z-]+$/.test(part)) result.push({ ship: part });
+	else if (part) result.push({ text: part });
+	return result;
+}
+function textToVerseBlock(text) {
+	const lines = text.split("\n");
+	const verses = [];
+	for (const line of lines) if (line.startsWith("# ")) verses.push({ verse: { block: [{ header: {
+		tag: "h1",
+		content: line.slice(2)
+	} }] } });
+	else if (line.startsWith("## ")) verses.push({ verse: { block: [{ header: {
+		tag: "h2",
+		content: line.slice(3)
+	} }] } });
+	else if (line.startsWith("- ") || line.startsWith("* ")) verses.push({ verse: { block: [{ listing: { item: line.slice(2) } }] } });
+	else if (line.startsWith("```")) verses.push({ verse: { block: [{ code: {
+		code: line.slice(3),
+		lang: ""
+	} }] } });
+	else if (line.trim() === "") verses.push({ verse: { inline: [{ break: null }] } });
+	else verses.push({ verse: { inline: markdownToInlines(line) } });
+	return { story: verses };
+}
+function urbitReq(shipUrl, method, pathname, cookie, body, contentType) {
+	return new Promise((resolve, reject) => {
+		const url = new URL(pathname, shipUrl);
+		const isHttps = url.protocol === "https:";
+		const mod = isHttps ? https.default : http.default;
+		const headers = {};
+		if (cookie) headers["Cookie"] = cookie;
+		if (body) {
+			headers["Content-Type"] = contentType ?? "application/json";
+			headers["Content-Length"] = Buffer.byteLength(body);
+		}
+		const req = mod.request({
+			hostname: url.hostname,
+			port: url.port || (isHttps ? 443 : 80),
+			path: url.pathname + (url.search || ""),
+			method,
+			headers
+		}, (res) => {
+			const sc = res.headers["set-cookie"]?.[0]?.split(";")[0] ?? null;
+			let data = "";
+			res.on("data", (c) => data += c.toString());
+			res.on("end", () => resolve({
+				statusCode: res.statusCode ?? 200,
+				setCookie: sc,
+				body: data
+			}));
+		});
+		req.on("error", reject);
+		if (body) req.write(body);
+		req.end();
+	});
+}
+var TlonConnector = class extends events.EventEmitter {
+	cfg;
+	cookie = null;
+	channelUid = null;
+	running = false;
+	lastEventId = 0;
+	constructor(rawCfg) {
+		super();
+		this.cfg = {
+			dmPolicy: "pairing",
+			allowPrivateNetwork: false,
+			dmAllowlist: [],
+			autoAcceptDmInvites: true,
+			autoAcceptGroupInvites: false,
+			autoDiscoverChannels: true,
+			groupChannels: [],
+			defaultAuthorizedShips: [],
+			authorization: {},
+			showModelSignature: false,
+			mediaMaxMb: 20,
+			requireMention: true,
+			ownerShip: "",
+			_approvedPairings: [],
+			_pendingPairings: {},
+			_knownChannels: [],
+			...rawCfg
+		};
+	}
+	async connect() {
+		checkSsrf(this.cfg.url, this.cfg.allowPrivateNetwork);
+		await this.loadState();
+		await this.login();
+		await this.openChannel();
+		await this.subscribeAll();
+		this.running = true;
+		console.log(chalk.default.green(`  🦅 Tlon: connected as ${this.cfg.ship} → ${this.cfg.url}`));
+		this.emit("connected", {
+			ship: this.cfg.ship,
+			url: this.cfg.url
+		});
+		this.listenSSE();
+	}
+	disconnect() {
+		this.running = false;
+	}
+	isRunning() {
+		return this.running;
+	}
+	async login() {
+		const body = `password=${encodeURIComponent(this.cfg.code)}`;
+		const r = await urbitReq(this.cfg.url, "POST", "/~/login", null, body, "application/x-www-form-urlencoded");
+		if (!r.setCookie) throw new Error(`Tlon: login failed — check URL and code (HTTP ${r.statusCode})`);
+		this.cookie = r.setCookie;
+	}
+	async openChannel() {
+		this.channelUid = `hyperclaw-${Date.now()}`;
+		await this.urbitPut([]);
+	}
+	async subscribeAll() {
+		const actions = [];
+		actions.push(this.subscribeAction(this.cfg.ship, "chat", "/dm"));
+		const nests = [...this.cfg.groupChannels ?? []];
+		if (this.cfg.autoDiscoverChannels) {
+			const discovered = await this.discoverChannels();
+			for (const n of discovered) if (!nests.includes(n)) nests.push(n);
+		}
+		this.cfg._knownChannels = nests;
+		for (const nest of nests) {
+			const parts = nest.split("/");
+			if (parts.length >= 3) {
+				const [, hostShip] = parts;
+				actions.push(this.subscribeAction(hostShip ?? this.cfg.ship, "chat", `/${nest}`));
+			}
+		}
+		if (actions.length > 0) await this.urbitPut(actions);
+	}
+	subscribeAction(ship, app, subscriptionPath) {
+		return {
+			id: ++this.lastEventId,
+			action: "subscribe",
+			ship,
+			app,
+			path: subscriptionPath
+		};
+	}
+	/** Discover group channels by fetching the groups list from the ship. */
+	async discoverChannels() {
+		try {
+			const r = await urbitReq(this.cfg.url, "GET", "/~/scry/groups/groups.json", this.cookie);
+			if (r.statusCode !== 200) return [];
+			const data = JSON.parse(r.body);
+			const nests = [];
+			for (const groupData of Object.values(data)) {
+				const channels = groupData?.channels ?? {};
+				for (const nest of Object.keys(channels)) nests.push(nest);
+			}
+			return nests;
+		} catch {
+			return [];
+		}
+	}
+	listenSSE() {
+		const url = new URL(`/~/channel/${this.channelUid}`, this.cfg.url);
+		const isHttps = url.protocol === "https:";
+		const mod = isHttps ? https.default : http.default;
+		const doConnect = () => {
+			if (!this.running) return;
+			const req = mod.request({
+				hostname: url.hostname,
+				port: url.port || (isHttps ? 443 : 80),
+				path: url.pathname,
+				method: "GET",
+				headers: {
+					Cookie: this.cookie,
+					Accept: "text/event-stream",
+					"Cache-Control": "no-cache"
+				}
+			}, (res) => {
+				let buf = "";
+				res.on("data", (chunk) => {
+					buf += chunk.toString();
+					const lines = buf.split("\n");
+					buf = lines.pop() ?? "";
+					let dataLine = "";
+					for (const line of lines) if (line.startsWith("data:")) dataLine = line.slice(5).trim();
+					else if (line === "" && dataLine) {
+						try {
+							this.handleEvent(JSON.parse(dataLine));
+						} catch {}
+						dataLine = "";
+					}
+				});
+				res.on("end", () => {
+					if (this.running) setTimeout(doConnect, SSE_RECONNECT_DELAY_MS);
+				});
+				res.on("error", () => {
+					if (this.running) setTimeout(doConnect, SSE_RECONNECT_DELAY_MS);
+				});
+			});
+			req.on("error", () => {
+				if (this.running) setTimeout(doConnect, SSE_RECONNECT_DELAY_MS);
+			});
+			req.end();
+		};
+		doConnect();
+	}
+	async handleEvent(event) {
+		if (event.id) this.urbitDelete(event.id).catch(() => {});
+		const resp = event.response;
+		if (!resp || resp === "poke" || resp === "subscribe") return;
+		if (resp !== "diff") return;
+		const json = event.json;
+		if (!json) return;
+		const dmWrite = json["chat-dm-write"] ?? json["dm-update"]?.add?.message;
+		if (dmWrite) {
+			await this.handleDmWrite(dmWrite, json);
+			return;
+		}
+		const chatWrite = json["chat-write"] ?? json["chat-update"]?.post;
+		if (chatWrite) {
+			await this.handleGroupWrite(chatWrite, json);
+			return;
+		}
+		if (json["group-invite"] || json["dm-invite"]) await this.handleInvite(json);
+	}
+	async handleDmWrite(msg, _raw) {
+		const sender = msg.memo?.author ?? msg.ship ?? "unknown";
+		if (sender === this.cfg.ship) return;
+		const text = this.extractText(msg.memo?.content ?? msg.content ?? {});
+		if (!text) return;
+		const isDMAllowed = await this.checkDmPolicy(sender, text);
+		if (!isDMAllowed) return;
+		const chatId = `tlon:dm:${sender}`;
+		this.emit("message", {
+			id: `tlon-${Date.now()}`,
+			channelId: "tlon",
+			from: sender,
+			chatId,
+			text,
+			timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+			isDM: true,
+			threadId: msg.memo?.replyTo ?? void 0
+		});
+	}
+	async handleGroupWrite(msg, raw) {
+		const nest = msg.nest ?? raw.nest ?? "";
+		const sender = msg.memo?.author ?? msg.post?.author ?? "unknown";
+		if (sender === this.cfg.ship) return;
+		const text = this.extractText(msg.memo?.content ?? msg.post?.content ?? {});
+		if (!text) return;
+		if (this.cfg.requireMention && !text.includes(this.cfg.ship)) return;
+		const allowed = this.isAuthorizedForChannel(sender, nest);
+		if (!allowed) {
+			if (this.cfg.ownerShip) await this.sendDM(this.cfg.ownerShip, `🦅 Unauthorized mention in ${nest} from ${sender}`).catch(() => {});
+			return;
+		}
+		const chatId = `tlon:group:${nest}`;
+		this.emit("message", {
+			id: `tlon-${Date.now()}`,
+			channelId: "tlon",
+			from: sender,
+			chatId,
+			nest,
+			text,
+			timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+			isDM: false,
+			threadId: msg.memo?.replyTo ?? void 0
+		});
+	}
+	async handleInvite(json) {
+		if (json["dm-invite"]) {
+			const fromShip = json["dm-invite"].ship ?? "";
+			const isAllowed = this.cfg.dmAllowlist?.includes(fromShip) || fromShip === this.cfg.ownerShip;
+			if (isAllowed && this.cfg.autoAcceptDmInvites) {
+				await this.pokeChatDm(fromShip, { accept: null }).catch(() => {});
+				console.log(chalk.default.gray(`  Tlon: auto-accepted DM invite from ${fromShip}`));
+			} else if (this.cfg.ownerShip) await this.sendDM(this.cfg.ownerShip, `🦅 DM invite from ${fromShip} — approve with: hyperclaw pairing approve tlon ${fromShip}`).catch(() => {});
+		}
+		if (json["group-invite"] && this.cfg.autoAcceptGroupInvites) {
+			const groupRef = json["group-invite"].group ?? "";
+			await this.pokeGroups(groupRef, { join: null }).catch(() => {});
+			console.log(chalk.default.gray(`  Tlon: auto-accepted group invite for ${groupRef}`));
+		}
+	}
+	async checkDmPolicy(ship, text) {
+		const cfg = this.cfg;
+		if (cfg.ownerShip && ship === cfg.ownerShip) return true;
+		const policy = cfg.dmPolicy ?? "pairing";
+		if (policy === "disabled") return false;
+		if (policy === "open") return true;
+		if (policy === "allowlist") {
+			if (cfg.dmAllowlist?.includes(ship)) return true;
+			if (cfg.ownerShip) await this.sendDM(cfg.ownerShip, `🦅 DM request from ${ship} (not in allowlist)`).catch(() => {});
+			return false;
+		}
+		if (policy === "pairing") {
+			const now = Date.now();
+			for (const [code$1, entry$1] of Object.entries(cfg._pendingPairings)) if (entry$1.expiresAt < now) delete cfg._pendingPairings[code$1];
+			if (cfg._approvedPairings.includes(ship) || cfg.dmAllowlist?.includes(ship)) return true;
+			const upper = text.trim().toUpperCase();
+			const entry = Object.entries(cfg._pendingPairings).find(([code$1]) => code$1 === upper);
+			if (entry && entry[1].ship === ship) {
+				cfg._approvedPairings.push(ship);
+				delete cfg._pendingPairings[upper];
+				await this.saveState();
+				await this.sendDM(ship, "🦅 Paired! You can now chat with the assistant.");
+				this.emit("pairing:approved", { ship });
+				return false;
+			}
+			const code = Array.from({ length: 6 }, () => PAIRING_CHARS[Math.floor(Math.random() * PAIRING_CHARS.length)]).join("");
+			cfg._pendingPairings[code] = {
+				ship,
+				expiresAt: now + PAIRING_EXPIRY_MS
+			};
+			await this.saveState();
+			await this.sendDM(ship, `🦅 Pairing required. Code: **${code}**\nApprove: \`hyperclaw pairing approve tlon ${code}\`\n(Expires in 1 hour)`).catch(() => {});
+			if (cfg.ownerShip) await this.sendDM(cfg.ownerShip, `🦅 DM pairing request from ${ship} — code: ${code}`).catch(() => {});
+			return false;
+		}
+		return false;
+	}
+	isAuthorizedForChannel(ship, nest) {
+		if (this.cfg.ownerShip && ship === this.cfg.ownerShip) return true;
+		const rule = this.cfg.authorization?.channelRules?.[nest];
+		if (rule) {
+			if (rule.mode === "open") return true;
+			if (rule.mode === "restricted") return rule.allowedShips?.includes(ship) ?? false;
+		}
+		if (this.cfg.defaultAuthorizedShips?.includes(ship)) return true;
+		if (this.cfg.defaultAuthorizedShips?.includes("*")) return true;
+		return false;
+	}
+	extractText(content) {
+		if (!content) return "";
+		if (typeof content === "string") return content;
+		if (content.story && Array.isArray(content.story)) return content.story.map((verse) => {
+			const inline = verse?.verse?.inline;
+			const block = verse?.verse?.block;
+			if (Array.isArray(inline)) return this.inlinesToText(inline);
+			if (Array.isArray(block)) return this.blocksToText(block);
+			return "";
+		}).filter(Boolean).join("\n");
+		return "";
+	}
+	inlinesToText(inlines) {
+		return inlines.map((i) => {
+			if (typeof i === "string") return i;
+			if (i?.text) return i.text;
+			if (i?.bold) return this.inlinesToText(i.bold);
+			if (i?.italics) return this.inlinesToText(i.italics);
+			if (i?.code) return `\`${i.code}\``;
+			if (i?.ship) return i.ship;
+			if (i?.link) return i.link.content ?? i.link.href;
+			if (i?.break !== void 0) return "\n";
+			return "";
+		}).join("");
+	}
+	blocksToText(blocks) {
+		return blocks.map((b) => {
+			if (b?.header?.content) return b.header.content;
+			if (b?.listing?.item) return `- ${b.listing.item}`;
+			if (b?.code?.code) return `\`\`\`${b.code.code}\`\`\``;
+			if (b?.image?.src) return `[image: ${b.image.src}]`;
+			return "";
+		}).filter(Boolean).join("\n");
+	}
+	/** Send a DM to a Urbit ship. Converts Markdown to Tlon verse blocks. */
+	async sendDM(toShip, text) {
+		const content = textToVerseBlock(this.applySignature(text));
+		await this.pokeChatDm(toShip, { message: { memo: {
+			content,
+			author: this.cfg.ship,
+			sent: Date.now()
+		} } });
+	}
+	/** Send a message to a group channel nest (e.g. "chat/~host/name"). */
+	async sendToNest(nest, text, replyTo) {
+		const content = textToVerseBlock(this.applySignature(text));
+		const memo = {
+			content,
+			author: this.cfg.ship,
+			sent: Date.now()
+		};
+		if (replyTo) memo.replyTo = replyTo;
+		const parts = nest.split("/");
+		const hostShip = parts[1] ?? this.cfg.ship;
+		await this.urbitPut([{
+			id: ++this.lastEventId,
+			action: "poke",
+			ship: hostShip,
+			app: "chat",
+			mark: "chat-action-0",
+			json: { write: {
+				nest,
+				add: { memo }
+			} }
+		}]);
+	}
+	/** Send by delivery target string.
+	*  Formats: ~ship, dm/~ship, chat/~host/channel, group:~host/name
+	*/
+	async sendToTarget(target, text) {
+		const t = target.trim();
+		if (t.startsWith("dm/") || t.startsWith("~")) {
+			const ship = t.startsWith("dm/") ? t.slice(3) : t;
+			return this.sendDM(ship, text);
+		}
+		if (t.startsWith("chat/") || t.startsWith("group:")) {
+			const nest = t.startsWith("group:") ? `chat/${t.slice(6)}` : t;
+			return this.sendToNest(nest, text);
+		}
+		return this.sendDM(t, text);
+	}
+	async addReaction(nest, postId, emoji) {
+		const parts = nest.split("/");
+		const hostShip = parts[1] ?? this.cfg.ship;
+		await this.urbitPut([{
+			id: ++this.lastEventId,
+			action: "poke",
+			ship: hostShip,
+			app: "chat",
+			mark: "chat-action-0",
+			json: { react: {
+				nest,
+				postId,
+				react: emoji
+			} }
+		}]).catch(() => {});
+	}
+	async removeReaction(nest, postId, emoji) {
+		const parts = nest.split("/");
+		const hostShip = parts[1] ?? this.cfg.ship;
+		await this.urbitPut([{
+			id: ++this.lastEventId,
+			action: "poke",
+			ship: hostShip,
+			app: "chat",
+			mark: "chat-action-0",
+			json: { react: {
+				nest,
+				postId,
+				react: emoji === "" ? null : emoji
+			} }
+		}]).catch(() => {});
+	}
+	approvePairing(code) {
+		const upper = code.toUpperCase();
+		const entry = this.cfg._pendingPairings[upper];
+		if (!entry) return false;
+		if (Date.now() > entry.expiresAt) {
+			delete this.cfg._pendingPairings[upper];
+			this.saveState();
+			return false;
+		}
+		this.cfg._approvedPairings.push(entry.ship);
+		delete this.cfg._pendingPairings[upper];
+		this.saveState();
+		return true;
+	}
+	listPendingPairings() {
+		const now = Date.now();
+		const result = {};
+		for (const [code, entry] of Object.entries(this.cfg._pendingPairings)) if (entry.expiresAt > now) result[code] = entry.ship;
+		return result;
+	}
+	async urbitPut(actions) {
+		const body = JSON.stringify(actions);
+		await urbitReq(this.cfg.url, "PUT", `/~/channel/${this.channelUid}`, this.cookie, body);
+	}
+	async urbitDelete(eventId) {
+		await urbitReq(this.cfg.url, "DELETE", `/~/channel/${this.channelUid}/${eventId}`, this.cookie);
+	}
+	async pokeChatDm(toShip, dmAction) {
+		await this.urbitPut([{
+			id: ++this.lastEventId,
+			action: "poke",
+			ship: this.cfg.ship,
+			app: "chat",
+			mark: "chat-dm-action",
+			json: {
+				ship: toShip,
+				...dmAction
+			}
+		}]);
+	}
+	async pokeGroups(groupRef, action) {
+		await this.urbitPut([{
+			id: ++this.lastEventId,
+			action: "poke",
+			ship: this.cfg.ship,
+			app: "groups",
+			mark: "group-action-0",
+			json: {
+				group: groupRef,
+				...action
+			}
+		}]);
+	}
+	async loadState() {
+		try {
+			const s = await fs_extra.default.readJson(STATE_FILE);
+			if (Array.isArray(s.approved)) this.cfg._approvedPairings = s.approved;
+			if (s.pending && typeof s.pending === "object") this.cfg._pendingPairings = s.pending;
+			if (Array.isArray(s.knownChannels)) this.cfg._knownChannels = s.knownChannels;
+		} catch {}
+	}
+	async saveState() {
+		await fs_extra.default.ensureDir(STATE_DIR);
+		await fs_extra.default.writeJson(STATE_FILE, {
+			approved: this.cfg._approvedPairings,
+			pending: this.cfg._pendingPairings,
+			knownChannels: this.cfg._knownChannels
+		}, { spaces: 2 });
+	}
+	applySignature(text) {
+		if (!this.cfg.showModelSignature) return text;
+		return text;
+	}
+	/** Get all known channel nests (for CLI/cron delivery targets). */
+	getKnownChannels() {
+		return this.cfg._knownChannels;
+	}
+	getApprovedShips() {
+		return this.cfg._approvedPairings;
+	}
+};
+
+//#endregion
+exports.TlonConnector = TlonConnector;