kimaki 0.4.78 → 0.4.80

package/src/hrana-server.ts

@@ -32,17 +32,87 @@
 import fs from 'node:fs'
 import http from 'node:http'
 import path from 'node:path'
+import crypto from 'node:crypto'
 import Database from 'libsql'
 import * as errore from 'errore'
 import { createLogger, LogPrefix } from './logger.js'
 import { ServerStartError, FetchError } from './errors.js'
 import { getLockPort } from './config.js'
+import { store } from './store.js'
 
 const hranaLogger = createLogger(LogPrefix.DB)
 
 let db: Database.Database | null = null
 let server: http.Server | null = null
 let hranaUrl: string | null = null
+let discordGatewayReady = false
+let readyWaiters: Array<() => void> = []
+
+export function markDiscordGatewayReady(): void {
+  if (discordGatewayReady) {
+    return
+  }
+  discordGatewayReady = true
+  for (const resolve of readyWaiters) {
+    resolve()
+  }
+  readyWaiters = []
+}
+
+async function waitForDiscordGatewayReady({ timeoutMs }: { timeoutMs: number }): Promise<boolean> {
+  if (discordGatewayReady) {
+    return true
+  }
+  const readyPromise = new Promise<boolean>((resolve) => {
+    readyWaiters.push(() => {
+      resolve(true)
+    })
+  })
+  const timeoutPromise = new Promise<boolean>((resolve) => {
+    setTimeout(() => {
+      resolve(false)
+    }, timeoutMs)
+  })
+  return Promise.race([readyPromise, timeoutPromise])
+}
+
+function getRequestAuthToken(req: http.IncomingMessage): string | null {
+  const authorizationHeader = req.headers.authorization
+  if (typeof authorizationHeader === 'string' && authorizationHeader.startsWith('Bearer ')) {
+    return authorizationHeader.slice('Bearer '.length)
+  }
+
+  return null
+}
+
+// Timing-safe comparison to prevent timing attacks when the hrana server
+// is internet-facing (bindAll=true / KIMAKI_INTERNET_REACHABLE_URL set).
+function isAuthorizedRequest(req: http.IncomingMessage): boolean {
+  const expectedToken = store.getState().gatewayToken
+  if (!expectedToken) {
+    return false
+  }
+  const providedToken = getRequestAuthToken(req)
+  if (!providedToken) {
+    return false
+  }
+  const expectedBuf = Buffer.from(expectedToken, 'utf8')
+  const providedBuf = Buffer.from(providedToken, 'utf8')
+  if (expectedBuf.length !== providedBuf.length) {
+    return false
+  }
+  return crypto.timingSafeEqual(expectedBuf, providedBuf)
+}
+
+function ensureServiceAuthTokenInStore(): string {
+  const existingToken = store.getState().gatewayToken
+  if (existingToken) {
+    return existingToken
+  }
+  const generatedToken = `${crypto.randomUUID()}:${crypto.randomBytes(32).toString('hex')}`
+  store.setState({ gatewayToken: generatedToken })
+  return generatedToken
+}
 
 /**
  * Get the Hrana HTTP URL for injecting into plugin child processes.
@@ -61,18 +131,24 @@ export function getHranaUrl(): string | null {
  */
 export async function startHranaServer({
   dbPath,
+  bindAll = false,
 }: {
   dbPath: string
+  /** Bind to 0.0.0.0 instead of 127.0.0.1. Set when KIMAKI_INTERNET_REACHABLE_URL is defined. */
+  bindAll?: boolean
 }) {
   if (server && db && hranaUrl) return hranaUrl
 
   const port = getLockPort()
+  const bindHost = bindAll ? '0.0.0.0' : '127.0.0.1'
+  const serviceAuthToken = ensureServiceAuthTokenInStore()
+  process.env.KIMAKI_DB_AUTH_TOKEN = serviceAuthToken
 
   fs.mkdirSync(path.dirname(dbPath), { recursive: true })
   await evictExistingInstance({ port })
 
   hranaLogger.log(
-    `Starting hrana server on 127.0.0.1:${port} with db: ${dbPath}`,
+    `Starting hrana server on ${bindHost}:${port} with db: ${dbPath}`,
   )
 
   const database = new Database(dbPath)
@@ -80,10 +156,53 @@ export async function startHranaServer({
   database.exec('PRAGMA busy_timeout = 5000')
   db = database
 
-  const handler = createHranaHandler(database)
+  const hranaHandler = createHranaHandler(database)
+
+  // Combined handler: all control/data routes require the same service auth token.
+  const handler: http.RequestListener = async (req, res) => {
+    const pathname = new URL(req.url || '/', 'http://localhost').pathname
+    if (pathname === '/kimaki/wake') {
+      if (req.method !== 'POST') {
+        res.writeHead(405, { 'content-type': 'application/json' })
+        res.end(JSON.stringify({ error: 'method_not_allowed' }))
+        return
+      }
+      if (!isAuthorizedRequest(req)) {
+        res.writeHead(401, { 'content-type': 'application/json' })
+        res.end(JSON.stringify({ error: 'unauthorized' }))
+        return
+      }
+      const isReady = await waitForDiscordGatewayReady({ timeoutMs: 30_000 })
+      if (!isReady) {
+        res.writeHead(504, { 'content-type': 'application/json' })
+        res.end(JSON.stringify({ ready: false, error: 'timeout_waiting_for_discord_ready' }))
+        return
+      }
+      res.writeHead(200, { 'content-type': 'application/json' })
+      res.end(JSON.stringify({ ready: true }))
+      return
+    }
+    // Hrana routes: /health, /v2, /v2/pipeline
+    if (pathname === '/health') {
+      hranaHandler(req, res)
+      return
+    }
+    if (pathname === '/v2' || pathname === '/v2/pipeline') {
+      if (!isAuthorizedRequest(req)) {
+        res.writeHead(401, { 'content-type': 'application/json' })
+        res.end(JSON.stringify({ error: 'unauthorized' }))
+        return
+      }
+      hranaHandler(req, res)
+      return
+    }
+    res.writeHead(404)
+    res.end()
+  }
 
   const started = await new Promise<ServerStartError | true>((resolve) => {
     const srv = http.createServer(handler)
+
     srv.on('error', (err: NodeJS.ErrnoException) => {
       resolve(
         new ServerStartError({
@@ -95,7 +214,7 @@ export async function startHranaServer({
         }),
       )
     })
-    srv.listen(port, '127.0.0.1', () => {
+    srv.listen(port, bindHost, () => {
       server = srv
       resolve(true)
     })
@@ -129,6 +248,8 @@ export async function stopHranaServer() {
     db = null
   }
   hranaUrl = null
+  discordGatewayReady = false
+  readyWaiters = []
   hranaLogger.log('Hrana server stopped')
 }
 

package/src/interaction-handler.ts

@@ -22,6 +22,7 @@ import {
 } from './commands/merge-worktree.js'
 import { handleToggleWorktreesCommand } from './commands/worktree-settings.js'
 import { handleWorktreesCommand } from './commands/worktrees.js'
+import { handleTasksCommand } from './commands/tasks.js'
 import { handleToggleMentionModeCommand } from './commands/mention-mode.js'
 import {
   handleResumeCommand,
@@ -51,8 +52,12 @@ import {
 import { handleUnsetModelCommand } from './commands/unset-model.js'
 import {
   handleLoginCommand,
-  handleLoginProviderSelectMenu,
-  handleLoginMethodSelectMenu,
+  handleLoginSelect,
+  handleLoginTextButton,
+  handleLoginTextModalSubmit,
+  handleLoginApiKeyButton,
+  handleOAuthCodeButton,
+  handleOAuthCodeModalSubmit,
   handleApiKeyModalSubmit,
 } from './commands/login.js'
 import {
@@ -205,6 +210,13 @@ export function registerInteractionHandler({
               })
               return
 
+            case 'tasks':
+              await handleTasksCommand({
+                command: interaction,
+                appId,
+              })
+              return
+
             case 'toggle-mention-mode':
               await handleToggleMentionModeCommand({
                 command: interaction,
@@ -396,6 +408,21 @@ export function registerInteractionHandler({
             return
           }
 
+          if (customId.startsWith('login_text_btn:')) {
+            await handleLoginTextButton(interaction)
+            return
+          }
+
+          if (customId.startsWith('login_apikey_btn:')) {
+            await handleLoginApiKeyButton(interaction)
+            return
+          }
+
+          if (customId.startsWith('login_oauth_code_btn:')) {
+            await handleOAuthCodeButton(interaction)
+            return
+          }
+
           if (customId.startsWith('action_button:')) {
             await handleActionButton(interaction)
             return
@@ -475,13 +502,8 @@ export function registerInteractionHandler({
             return
           }
 
-          if (customId.startsWith('login_provider:')) {
-            await handleLoginProviderSelectMenu(interaction)
-            return
-          }
-
-          if (customId.startsWith('login_method:')) {
-            await handleLoginMethodSelectMenu(interaction)
+          if (customId.startsWith('login_select:')) {
+            await handleLoginSelect(interaction)
             return
           }
           return
@@ -503,6 +525,16 @@ export function registerInteractionHandler({
             return
           }
 
+          if (customId.startsWith('login_text:')) {
+            await handleLoginTextModalSubmit(interaction)
+            return
+          }
+
+          if (customId.startsWith('login_oauth_code:')) {
+            await handleOAuthCodeModalSubmit(interaction)
+            return
+          }
+
           if (customId.startsWith('transcription_apikey_modal:')) {
             await handleTranscriptionApiKeyModalSubmit(interaction)
             return

package/src/ipc-tools-plugin.ts

@@ -0,0 +1,228 @@
+// OpenCode plugin that provides IPC-based tools for Discord interaction:
+// - kimaki_file_upload: prompts the Discord user to upload files via native picker
+// - kimaki_action_buttons: shows clickable action buttons in the Discord thread
+//
+// Tools communicate with the bot process via IPC rows in SQLite (the plugin
+// runs inside the OpenCode server process, not the bot process).
+//
+// Exported from opencode-plugin.ts — each export is treated as a separate
+// plugin by OpenCode's plugin loader.
+
+import type { Plugin } from '@opencode-ai/plugin'
+import type { ToolContext } from '@opencode-ai/plugin/tool'
+import dedent from 'string-dedent'
+import { z } from 'zod'
+import { getPrisma, createIpcRequest, getIpcRequestById } from './database.js'
+import { setDataDir } from './config.js'
+import { createLogger, LogPrefix, setLogFilePath } from './logger.js'
+import { initSentry } from './sentry.js'
+
+// Inlined from '@opencode-ai/plugin/tool' because the subpath value import
+// fails at runtime in global npm installs (#35). Opencode loads this plugin
+// file in its own process and resolves modules from kimaki's install dir,
+// but the '/tool' subpath export isn't found by opencode's module resolver.
+// The type-only imports above are fine (erased at compile time).
+//
+// NOTE: @opencode-ai/plugin bundles its own zod 4.1.x as a hard dependency
+// while goke (used by cli.ts) requires zod 4.3.x. This version skew makes
+// the Plugin return type structurally incompatible with our local tool()
+// even though runtime behavior is identical. ipcToolsPlugin is cast to
+// Plugin via unknown to bypass this purely type-level incompatibility.
+function tool<Args extends z.ZodRawShape>(input: {
+  description: string
+  args: Args
+  execute(
+    args: z.infer<z.ZodObject<Args>>,
+    context: ToolContext,
+  ): Promise<string>
+}) {
+  return input
+}
+
+const logger = createLogger(LogPrefix.OPENCODE)
+
+const FILE_UPLOAD_TIMEOUT_MS = 6 * 60 * 1000
+const DEFAULT_FILE_UPLOAD_MAX_FILES = 5
+const ACTION_BUTTON_TIMEOUT_MS = 30 * 1000
+
+// @opencode-ai/plugin bundles zod 4.1.x as a hard dep; our code uses 4.3.x
+// (required by goke for ~standard.jsonSchema). The Plugin return type is
+// structurally incompatible due to _zod.version.minor skew even though
+// runtime behavior is identical. `any` bypasses the type-level mismatch —
+// opencode's plugin loader doesn't care about the zod version at runtime.
+// eslint-disable-next-line @typescript-eslint/no-explicit-any
+const ipcToolsPlugin: any = async () => {
+  initSentry()
+
+  const dataDir = process.env.KIMAKI_DATA_DIR
+  if (dataDir) {
+    setDataDir(dataDir)
+    setLogFilePath(dataDir)
+  }
+
+  return {
+    tool: {
+      kimaki_file_upload: tool({
+        description:
+          'Prompt the Discord user to upload files using a native file picker modal. ' +
+          'The user sees a button, clicks it, and gets a file upload dialog. ' +
+          'Returns the local file paths of downloaded files in the project directory. ' +
+          'Use this when you need the user to provide files (images, documents, configs, etc.). ' +
+          'IMPORTANT: Always call this tool last in your message, after all text parts.',
+        args: {
+          prompt: z
+            .string()
+            .describe(
+              'Message shown to the user explaining what files to upload',
+            ),
+          maxFiles: z
+            .number()
+            .min(1)
+            .max(10)
+            .optional()
+            .describe(
+              'Maximum number of files the user can upload (1-10, default 5)',
+            ),
+        },
+        async execute({ prompt, maxFiles }, context) {
+          const prisma = await getPrisma()
+          const row = await prisma.thread_sessions.findFirst({
+            where: { session_id: context.sessionID },
+            select: { thread_id: true },
+          })
+
+          if (!row?.thread_id) {
+            return 'Could not find thread for current session'
+          }
+
+          const ipcRow = await createIpcRequest({
+            type: 'file_upload',
+            sessionId: context.sessionID,
+            threadId: row.thread_id,
+            payload: JSON.stringify({
+              prompt,
+              maxFiles: maxFiles || DEFAULT_FILE_UPLOAD_MAX_FILES,
+              directory: context.directory,
+            }),
+          })
+
+          const deadline = Date.now() + FILE_UPLOAD_TIMEOUT_MS
+          const POLL_INTERVAL_MS = 300
+          while (Date.now() < deadline) {
+            await new Promise((resolve) => {
+              setTimeout(resolve, POLL_INTERVAL_MS)
+            })
+            const updated = await getIpcRequestById({ id: ipcRow.id })
+            if (!updated || updated.status === 'cancelled') {
+              return 'File upload was cancelled'
+            }
+            if (updated.response) {
+              const parsed = JSON.parse(updated.response) as {
+                filePaths?: string[]
+                error?: string
+              }
+              if (parsed.error) {
+                return `File upload failed: ${parsed.error}`
+              }
+              const filePaths = parsed.filePaths || []
+              if (filePaths.length === 0) {
+                return 'No files were uploaded (user may have cancelled or sent a new message)'
+              }
+              return `Files uploaded successfully:\n${filePaths.join('\n')}`
+            }
+          }
+
+          return 'File upload timed out - user did not upload files within the time limit'
+        },
+      }),
+      kimaki_action_buttons: tool({
+        description: dedent`
+          Show action buttons in the current Discord thread for quick confirmations.
+          Use this when the user can respond by clicking one of up to 3 buttons.
+          Prefer a single button whenever possible.
+          Default color is white (same visual style as permission deny button).
+          If you need more than 3 options, use the question tool instead.
+          IMPORTANT: Always call this tool last in your message, after all text parts.
+
+          Examples:
+          - buttons: [{"label":"Yes, proceed"}]
+          - buttons: [{"label":"Approve","color":"green"}]
+          - buttons: [
+              {"label":"Confirm","color":"blue"},
+              {"label":"Cancel","color":"white"}
+            ]
+        `,
+        args: {
+          buttons: z
+            .array(
+              z.object({
+                label: z
+                  .string()
+                  .min(1)
+                  .max(80)
+                  .describe('Button label shown to the user (1-80 chars)'),
+                color: z
+                  .enum(['white', 'blue', 'green', 'red'])
+                  .optional()
+                  .describe(
+                    'Optional button color. white is default and preferred for most confirmations.',
+                  ),
+              }),
+            )
+            .min(1)
+            .max(3)
+            .describe(
+              'Array of 1-3 action buttons. Prefer one button whenever possible.',
+            ),
+        },
+        async execute({ buttons }, context) {
+          const prisma = await getPrisma()
+          const row = await prisma.thread_sessions.findFirst({
+            where: { session_id: context.sessionID },
+            select: { thread_id: true },
+          })
+
+          if (!row?.thread_id) {
+            return 'Could not find thread for current session'
+          }
+
+          const ipcRow = await createIpcRequest({
+            type: 'action_buttons',
+            sessionId: context.sessionID,
+            threadId: row.thread_id,
+            payload: JSON.stringify({
+              buttons,
+              directory: context.directory,
+            }),
+          })
+
+          const deadline = Date.now() + ACTION_BUTTON_TIMEOUT_MS
+          const POLL_INTERVAL_MS = 200
+          while (Date.now() < deadline) {
+            await new Promise((resolve) => {
+              setTimeout(resolve, POLL_INTERVAL_MS)
+            })
+            const updated = await getIpcRequestById({ id: ipcRow.id })
+            if (!updated || updated.status === 'cancelled') {
+              return 'Action button request was cancelled'
+            }
+            if (updated.response) {
+              const parsed = JSON.parse(updated.response) as {
+                ok?: boolean
+                error?: string
+              }
+              if (parsed.error) {
+                return `Action button request failed: ${parsed.error}`
+              }
+              return `Action button(s) shown: ${buttons.map((button) => button.label).join(', ')}`
+            }
+          }
+
+          return 'Action button request timed out'
+        },
+      }),
+    },
+  }
+}
+
+export { ipcToolsPlugin }

package/src/message-preprocessing.ts

@@ -16,6 +16,7 @@ import {
   getTextAttachments,
 } from './message-formatting.js'
 import { processVoiceAttachment } from './voice-handler.js'
+import { isVoiceAttachment } from './voice-attachment.js'
 import { initializeOpencodeForDirectory } from './opencode.js'
 import { getCompactSessionContext, getLastSessionId } from './markdown.js'
 import { getThreadSession } from './database.js'
@@ -42,6 +43,37 @@ function extractQueueSuffix(prompt: string): { prompt: string; forceQueue: boole
   return { prompt: prompt.replace(QUEUE_SUFFIX_RE, '').trimEnd(), forceQueue: true }
 }
 
+function shouldSkipEmptyPrompt({
+  message,
+  prompt,
+  images,
+  hasVoiceAttachment,
+}: {
+  message: Message
+  prompt: string
+  images?: DiscordFileAttachment[]
+  hasVoiceAttachment: boolean
+}): boolean {
+  if (prompt.trim()) {
+    return false
+  }
+  if ((images?.length || 0) > 0) {
+    return false
+  }
+
+  const inferredVoiceAttachment = message.attachments.some((attachment) => {
+    return isVoiceAttachment(attachment)
+  })
+  if (!hasVoiceAttachment && !inferredVoiceAttachment && message.attachments.size === 0) {
+    return false
+  }
+
+  voiceLogger.warn(
+    `[INGRESS] Skipping empty prompt after preprocessing attachments=${message.attachments.size} hasVoiceAttachment=${hasVoiceAttachment} inferredVoiceAttachment=${inferredVoiceAttachment}`,
+  )
+  return true
+}
+
 /**
  * Pre-process a message in an existing thread (thread already has a session or
  * needs a new one). Handles voice transcription, text/file attachments, and
@@ -156,15 +188,30 @@ export async function preprocessExistingThreadMessage({
     return { prompt: '', mode: 'opencode', skip: true }
   }
 
+  // Extract queue suffix from raw message content BEFORE appending text
+  // attachments. Otherwise a text file attachment pushes "? queue" away from
+  // the end of the string and the regex fails to match.
+  const qs = extractQueueSuffix(messageContent)
+
   const fileAttachments = await getFileAttachments(message)
   const textAttachmentsContent = await getTextAttachments(message)
-  const promptWithAttachments = textAttachmentsContent
-    ? `${messageContent}\n\n${textAttachmentsContent}`
-    : messageContent
+  const prompt = textAttachmentsContent
+    ? `${qs.prompt}\n\n${textAttachmentsContent}`
+    : qs.prompt
+
+  if (
+    shouldSkipEmptyPrompt({
+      message,
+      prompt,
+      images: fileAttachments,
+      hasVoiceAttachment,
+    })
+  ) {
+    return { prompt: '', mode: 'opencode', skip: true }
+  }
 
-  const qs = extractQueueSuffix(promptWithAttachments)
   return {
-    prompt: qs.prompt,
+    prompt,
     images: fileAttachments.length > 0 ? fileAttachments : undefined,
     mode: qs.forceQueue || voiceResult?.queueMessage ? 'local-queue' : 'opencode',
   }
@@ -212,7 +259,7 @@ export async function preprocessNewSessionMessage({
     .catch((error) => {
       logger.warn(
         `[SESSION] Failed to fetch starter message for thread ${thread.id}:`,
-        error instanceof Error ? error.message : String(error),
+        error instanceof Error ? error.stack : String(error),
       )
       return null
     })
@@ -228,6 +275,16 @@ export async function preprocessNewSessionMessage({
   }
 
   const qs = extractQueueSuffix(prompt)
+  if (
+    shouldSkipEmptyPrompt({
+      message,
+      prompt: qs.prompt,
+      hasVoiceAttachment,
+    })
+  ) {
+    return { prompt: '', mode: 'opencode', skip: true }
+  }
+
   return {
     prompt: qs.prompt,
     mode: qs.forceQueue || voiceResult?.queueMessage ? 'local-queue' : 'opencode',
@@ -268,15 +325,29 @@ export async function preprocessNewThreadMessage({
     return { prompt: '', mode: 'opencode', skip: true }
   }
 
+  // Extract queue suffix from raw message content BEFORE appending text
+  // attachments (same fix as preprocessExistingThreadMessage).
+  const qs = extractQueueSuffix(messageContent)
+
   const fileAttachments = await getFileAttachments(message)
   const textAttachmentsContent = await getTextAttachments(message)
-  const promptWithAttachments = textAttachmentsContent
-    ? `${messageContent}\n\n${textAttachmentsContent}`
-    : messageContent
+  const prompt = textAttachmentsContent
+    ? `${qs.prompt}\n\n${textAttachmentsContent}`
+    : qs.prompt
+
+  if (
+    shouldSkipEmptyPrompt({
+      message,
+      prompt,
+      images: fileAttachments,
+      hasVoiceAttachment,
+    })
+  ) {
+    return { prompt: '', mode: 'opencode', skip: true }
+  }
 
-  const qs = extractQueueSuffix(promptWithAttachments)
   return {
-    prompt: qs.prompt,
+    prompt,
     images: fileAttachments.length > 0 ? fileAttachments : undefined,
     mode: qs.forceQueue || voiceResult?.queueMessage ? 'local-queue' : 'opencode',
   }

package/src/onboarding-welcome.ts

@@ -43,7 +43,7 @@ export async function sendWelcomeMessage({
     logger.log(`Sent welcome message with thread to #${channel.name}`)
   } catch (error) {
     logger.warn(
-      `Failed to send welcome message to #${channel.name}: ${error instanceof Error ? error.message : String(error)}`,
+      `Failed to send welcome message to #${channel.name}: ${error instanceof Error ? error.stack : String(error)}`,
     )
   }
 }