metame-cli 1.6.1 → 1.6.3

package/scripts/daemon-bridges.js

@@ -49,7 +49,7 @@ function createBridgeStarter(deps) {
     return text || null;
   }
 
-  async function applyUserAcl({ bot, chatId, text, config, senderId, bypassAcl }) {
+  async function applyUserAcl({ bot, chatId, text, config, senderId, bypassAcl, fromAllowedChat }) {
     const trimmed = String(text || '').trim();
     const normalizedSenderId = normalizeSenderId(senderId);
     if (!trimmed || bypassAcl || !userAcl) {
@@ -58,10 +58,15 @@ function createBridgeStarter(deps) {
 
     let userCtx;
     try {
-      userCtx = userAcl.resolveUserCtx(normalizedSenderId, config || {});
+      userCtx = userAcl.resolveUserCtx(normalizedSenderId, config || {}, { fromAllowedChat: !!fromAllowedChat });
     } catch {
       return { blocked: false, readOnly: false, senderId: normalizedSenderId };
     }
+    // Audit trail for implicit-admin upgrades — these users are NOT in users.yaml
+    // and gain admin via group-whitelist trust, so make their action visible.
+    if (userCtx && userCtx.implicitAdmin) {
+      try { log('INFO', `[ACL] implicit admin via allowed_chat_ids: chat=${chatId} sender=${normalizedSenderId}`); } catch { /* non-fatal */ }
+    }
 
     const userCmd = userAcl.handleUserCommand(trimmed, userCtx);
     if (userCmd && userCmd.handled) {
@@ -736,21 +741,24 @@ function createBridgeStarter(deps) {
     const { createBot } = require('./feishu-adapter.js');
     const bot = createBot(config.feishu);
 
-    // Validate credentials before starting WebSocket — fail loud, not silent
+    // Credential pre-check is informational only. We always start the WS
+    // pipeline — it has its own network-ready-probe + backoff reconnect, so
+    // even if startup lands in a "just woke / network flaky" window, recovery
+    // is automatic instead of requiring a manual daemon restart.
     try {
       const validation = await bot.validateCredentials();
       if (!validation.ok) {
-        log('ERROR', `Feishu credential check FAILED: ${validation.error}`);
         if (validation.isAuthError) {
-          log('ERROR', 'Feishu bridge will NOT start — fix app_id/app_secret in ~/.metame/daemon.yaml and restart daemon');
-          return null;
+          log('ERROR', `Feishu credential check FAILED (likely bad app_id/app_secret): ${validation.error}`);
+          log('WARN', 'Starting bridge anyway — if this persists, fix ~/.metame/daemon.yaml and restart daemon');
+        } else {
+          log('WARN', `Feishu credential pre-check failed (transient): ${validation.error} — WS pipeline will retry`);
         }
-        log('WARN', 'Feishu credential check failed (possibly network issue) — attempting to start anyway');
       } else {
         log('INFO', 'Feishu credentials validated OK');
       }
     } catch (e) {
-      log('WARN', `Feishu credential pre-check error: ${e.message} — attempting to start anyway`);
+      log('WARN', `Feishu credential pre-check error: ${e.message} — WS pipeline will retry`);
     }
 
     try {
@@ -800,6 +808,7 @@ function createBridgeStarter(deps) {
             config: liveCfg,
             senderId,
             bypassAcl: !isAllowedChat && !!isBindCmd,
+            fromAllowedChat: isAllowedChat,
           });
           if (acl.blocked) return;
           log('INFO', `Feishu file from ${chatId}: ${fileInfo.fileName} (key: ${fileInfo.fileKey}, msgId: ${fileInfo.messageId}, type: ${fileInfo.msgType})`);
@@ -847,6 +856,7 @@ function createBridgeStarter(deps) {
             config: liveCfg,
             senderId,
             bypassAcl: !isAllowedChat && !!isBindCmd,
+            fromAllowedChat: isAllowedChat,
           });
           if (acl.blocked) return;
           log('INFO', `Feishu message from ${chatId}: ${text.slice(0, 50)}`);

package/scripts/daemon-command-router.js

@@ -593,7 +593,7 @@ function createCommandRouter(deps) {
         return;
       }
 
-      if (await tryHandleAgentIntent(bot, chatId, text, config)) {
+      if (await tryHandleAgentIntent(bot, chatId, text, config, senderId)) {
         return;
       }
     }

package/scripts/daemon-engine-runtime.js

@@ -15,6 +15,8 @@ const CODEX_TOOL_MAP = Object.freeze({
   web_fetch: 'WebFetch',
 });
 
+const CODEX_AUTO_MODEL = 'auto';
+
 const ENGINE_TIMEOUT_DEFAULTS = Object.freeze({
   codex: Object.freeze({
     idleMs: 10 * 60 * 1000,
@@ -80,16 +82,19 @@ const ENGINE_MODEL_CONFIG = Object.freeze({
     hint:     null,
   },
   codex: {
-    main:     'gpt-5.4',           // recommended for most tasks (official default)
+    main:     CODEX_AUTO_MODEL,     // follow official Codex CLI default model
     distill:  'gpt-5.1-codex-mini', // cost-effective mini
     options:  [                     // quick-pick buttons (official model names)
-      { value: 'gpt-5.4',            label: 'gpt-5.4 · 推荐' },
-      { value: 'gpt-5.3-codex',      label: 'gpt-5.3-codex · 最新 Codex 专用' },
+      { value: CODEX_AUTO_MODEL,     label: 'auto · 跟随 Codex 官方默认' },
+      { value: 'gpt-5-codex',        label: 'gpt-5-codex · 官方滚动别名' },
+      { value: 'gpt-5.5',            label: 'gpt-5.5 · 固定版本' },
+      { value: 'gpt-5.4',            label: 'gpt-5.4 · 固定版本' },
+      { value: 'gpt-5.3-codex',      label: 'gpt-5.3-codex · 固定 Codex' },
       { value: 'gpt-5.1-codex-max',  label: 'gpt-5.1-codex-max · 长任务' },
       { value: 'gpt-5.1-codex-mini', label: 'gpt-5.1-codex-mini · 轻量' },
     ],
     provider: 'openai',
-    hint:     '或直接发送任意 OpenAI 模型名切换',
+    hint:     '推荐 `auto` 或 `gpt-5-codex`，也可直接发送任意 OpenAI 模型名切换',
   },
 });
 
@@ -121,7 +126,8 @@ function looksLikeCodexModel(model) {
   const raw = String(model || '').trim().toLowerCase();
   if (!raw) return false;
   return (
-    raw.startsWith('gpt-')
+    raw === CODEX_AUTO_MODEL
+    || raw.startsWith('gpt-')
     || raw.startsWith('o1')
     || raw.startsWith('o3')
     || raw.startsWith('o4')
@@ -129,6 +135,10 @@ function looksLikeCodexModel(model) {
   );
 }
 
+function isCodexAutoModel(model) {
+  return String(model || '').trim().toLowerCase() === CODEX_AUTO_MODEL;
+}
+
 function resolveEngineModel(engineName, daemonCfg = {}, overrideModel = '') {
   const engine = normalizeEngineName(engineName);
   const engineCfg = ENGINE_MODEL_CONFIG[engine] || ENGINE_MODEL_CONFIG.claude;
@@ -393,7 +403,7 @@ function buildCodexArgs(options = {}) {
     : ['exec'];
 
   args.push('--json', '--skip-git-repo-check');
-  if (model) args.push('-m', model);
+  if (model && !isCodexAutoModel(model)) args.push('-m', model);
   // -C (cwd) is only supported on fresh exec, not resume
   if (cwd && !isResume) args.push('-C', cwd);
 

package/scripts/daemon-user-acl.js

@@ -178,9 +178,15 @@ const ADMIN_ONLY_ACTIONS = new Set(['system', 'agent', 'config', 'admin_acl']);
  * 根据 senderId 解析用户上下文
  * @param {string|null} senderId  飞书 open_id
  * @param {object} config         daemon 配置（兼容旧 operator_ids）
+ * @param {object} [opts]
+ * @param {boolean} [opts.fromAllowedChat]  消息来自 allowed_chat_ids 命中的群。
+ *   当为 true 且 senderId 未在 users.yaml 显式登记时，直接判为 admin
+ *   （群级白名单已经做过准入控制，再叠用户级 operator_ids 是冗余）。
+ *   users.yaml 里显式登记的角色仍然受尊重。
  * @returns {object} userCtx { senderId, role, name, allowedActions, can(action) }
  */
-function resolveUserCtx(senderId, config) {
+function resolveUserCtx(senderId, config, opts = {}) {
+  const fromAllowedChat = !!(opts && opts.fromAllowedChat);
   const userData = loadUsers();
   // Per-platform bootstrap: Feishu open_id starts with "ou_", Telegram IDs are numeric.
   const allUsers = userData && userData.users ? userData.users : {};
@@ -194,6 +200,7 @@ function resolveUserCtx(senderId, config) {
   const hasConfiguredUsers = hasPlatformAdmin;
 
   let role, name, allowedActions;
+  let implicitAdmin = false;
 
   if (!senderId) {
     // 无 ID（Telegram 等）— 兼容旧逻辑，视为 admin
@@ -215,6 +222,16 @@ function resolveUserCtx(senderId, config) {
       } else {
         allowedActions = [];
       }
+    } else if (fromAllowedChat) {
+      // Group-whitelist trust: messages reaching us through allowed_chat_ids
+      // already passed chat-level access control. Anyone who can speak in the
+      // group is treated as admin without needing operator_ids or yaml entry.
+      // (Explicit users.yaml entries above still win — admins can demote
+      // someone by writing them in.)
+      role = 'admin';
+      name = senderId.slice(-6);
+      allowedActions = ROLE_DEFAULT_ACTIONS.admin;
+      implicitAdmin = true;
     } else {
       // 兼容旧 operator_ids：若 senderId 在 operator_ids 中，视为 admin
       const operatorIds = (config && config.feishu && config.feishu.operator_ids) || [];
@@ -254,6 +271,7 @@ function resolveUserCtx(senderId, config) {
     isAdmin: role === 'admin',
     isMember: role === 'member',
     isStranger: role === 'stranger',
+    implicitAdmin,
     can(action) { return allowedActions.includes(action); },
     readOnly: role !== 'admin',
   };

package/scripts/daemon-weixin-bridge.js

@@ -182,6 +182,8 @@ function createWeixinBridge(deps = {}) {
     let currentAccount = null;
     let currentBot = null;
     let missingAccountLogged = false;
+    let pollErrorDelay = 1000;        // exponential backoff on poll errors
+    const MAX_POLL_ERROR_DELAY = 30000;
 
     function sameAccount(a, b) {
       if (!a || !b) return false;
@@ -238,6 +240,7 @@ function createWeixinBridge(deps = {}) {
           getUpdatesBuf,
           timeoutMs: liveBridgeCfg.pollTimeoutMs,
         });
+        pollErrorDelay = 1000; // reset as soon as HTTP poll succeeds — downstream processMessage errors should not cause poll backoff
         if (resp && typeof resp.get_updates_buf === 'string' && resp.get_updates_buf) {
           getUpdatesBuf = resp.get_updates_buf;
         }
@@ -263,8 +266,9 @@ function createWeixinBridge(deps = {}) {
           });
         }
       } catch (err) {
-        log('WARN', `[WEIXIN] poll error: ${err.message}`);
-        nextDelayMs = 1000;
+        log('WARN', `[WEIXIN] poll error: ${err.message} — retrying in ${Math.round(pollErrorDelay / 1000)}s`);
+        nextDelayMs = pollErrorDelay;
+        pollErrorDelay = Math.min(pollErrorDelay * 2, MAX_POLL_ERROR_DELAY);
       } finally {
         processing = false;
         scheduleNext(nextDelayMs);

package/scripts/daemon.js

@@ -106,6 +106,9 @@ const SKILL_ROUTES = [
   { name: 'heartbeat-task-manager', pattern: /提醒|remind|闹钟|定时|每[天周月]/i },
   { name: 'skill-manager', pattern: /找技能|管理技能|更新技能|安装技能|skill manager|skill scout|(?:find|look for)\s+skills?/i },
   { name: 'skill-evolution-manager', pattern: /\/evolve\b|复盘一下|记录一下(这个)?经验|保存到\s*skill|skill evolution/i },
+  // (?<!转) excludes "转发" forwarding semantics (e.g. "把这条消息转发给我")
+  // which is conversation relay, not file delivery.
+  { name: 'send-to-user', pattern: /(?<!转)发(?:到|给|出)?\s*(?:我|手机|飞书)|发(?:个|条|份)?\s*(?:文件|附件|图(?:片)?|日志|压缩包|截图|csv|pdf|zip|excel|表格)|(?<!转)发我|给我(?:下载|发个|发份)|send\s+(?:me|file|attachment|to\s+me)|push\s+(?:to\s+)?(?:me|phone|file)|attach\s+file/i },
 ];
 
 function routeSkill(prompt) {
@@ -1959,9 +1962,49 @@ const pendingAgentFlows = new Map();
 const pendingTeamFlows = new Map();
 
 // Pending activation: after creating an agent with skipChatBinding=true,
-// store here so any new unbound group can activate it with /activate
-// { agentKey, agentName, cwd, createdAt }
-const pendingActivations = new Map(); // key: agentKey -> activation record
+// store here so any new unbound group can activate it with /activate.
+// { agentKey, agentName, cwd, createdAt, preCreatedChatId?, preCreatedChatName? }
+//
+// Persisted to disk so an auto-update / lid-close / SIGUSR2 restart in the
+// 30-minute activation window doesn't strand a freshly created Feishu chat
+// that hadn't bound yet (esp. the orphan path: createChat ok + bind fail).
+// Stale entries (>30min) are dropped on load.
+const pendingActivations = new Map();
+const PENDING_ACTIVATIONS_FILE = path.join(HOME, '.metame', 'pending_activations.json');
+const PENDING_ACTIVATIONS_TTL_MS = 30 * 60 * 1000;
+function _persistPendingActivations() {
+  try {
+    const obj = Object.fromEntries(pendingActivations);
+    const tmp = PENDING_ACTIVATIONS_FILE + '.tmp';
+    fs.writeFileSync(tmp, JSON.stringify(obj), 'utf8');
+    fs.renameSync(tmp, PENDING_ACTIVATIONS_FILE);
+  } catch { /* best-effort, never throw from persistence */ }
+}
+function _restorePendingActivations() {
+  try {
+    if (!fs.existsSync(PENDING_ACTIVATIONS_FILE)) return;
+    const data = JSON.parse(fs.readFileSync(PENDING_ACTIVATIONS_FILE, 'utf8'));
+    const now = Date.now();
+    let restored = 0;
+    for (const [k, v] of Object.entries(data)) {
+      if (v && v.createdAt && now - v.createdAt < PENDING_ACTIVATIONS_TTL_MS) {
+        pendingActivations.set(k, v);
+        restored += 1;
+      }
+    }
+    if (restored > 0) log('INFO', `[pending] restored ${restored} pending activation(s) from disk`);
+  } catch { /* corrupt file → start fresh */ }
+}
+// Wrap Map.set/.delete so every mutation hits disk. Wrapping the prototype
+// methods (rather than reassigning) keeps the Map reference stable for callers
+// that stored it before the wrap (the daemon does not, but defensive).
+const _origPendingSet = pendingActivations.set.bind(pendingActivations);
+const _origPendingDelete = pendingActivations.delete.bind(pendingActivations);
+const _origPendingClear = pendingActivations.clear.bind(pendingActivations);
+pendingActivations.set = function (k, v) { const r = _origPendingSet(k, v); _persistPendingActivations(); return r; };
+pendingActivations.delete = function (k) { const r = _origPendingDelete(k); _persistPendingActivations(); return r; };
+pendingActivations.clear = function () { const r = _origPendingClear(); _persistPendingActivations(); return r; };
+_restorePendingActivations();
 
 const { handleAdminCommand } = createAdminCommandHandler({
   fs,