neoagent 2.3.0 → 2.3.1-beta.10

package/server/routes/integrations.js

@@ -159,6 +159,9 @@ router.get('/:provider/connect/:sessionId', (req, res) => {
     if (!session) {
       return res.status(404).send('Connection session not found.');
     }
+    const provider = manager.getProvider(req.params.provider);
+    const providerLabel = provider?.label || req.params.provider;
+    const appLabel = provider?.getApp?.(session.appKey)?.label || session.appKey || 'account';
     const trustedOrigin = JSON.stringify(getTrustedPostMessageOrigin(req));
     const statusUrl = `/api/integrations/${encodeURIComponent(req.params.provider)}/connect/${encodeURIComponent(req.params.sessionId)}/status?agentId=${encodeURIComponent(agentId)}`;
     res.send(`
@@ -166,7 +169,7 @@ router.get('/:provider/connect/:sessionId', (req, res) => {
         <head>
           <meta charset="utf-8" />
           <meta name="viewport" content="width=device-width, initial-scale=1" />
-          <title>Connect ${escapeHtml(req.params.provider)}</title>
+          <title>Connect ${escapeHtml(providerLabel)}</title>
           <style>
             body { font-family: ui-sans-serif, system-ui, sans-serif; background: #0b1220; color: #f8fafc; margin: 0; padding: 24px; }
             .card { max-width: 560px; margin: 0 auto; background: #111827; border: 1px solid #1f2937; border-radius: 20px; padding: 24px; }
@@ -179,11 +182,11 @@ router.get('/:provider/connect/:sessionId', (req, res) => {
         <body>
           <div class="card">
             <div class="pill">Official integration</div>
-            <h1>Connect WhatsApp</h1>
-            <p class="muted">This link is isolated from the separate messaging-platform WhatsApp bridge. Scan the QR code with your personal WhatsApp account to finish linking.</p>
+            <h1>Connect ${escapeHtml(providerLabel)}</h1>
+            <p class="muted">Complete connection for ${escapeHtml(appLabel)}. This window closes automatically when linking is finished.</p>
             <div id="status" class="muted">Starting connection…</div>
-            <img id="qr" alt="WhatsApp QR code" style="display:none;" />
-            <p class="muted">When the link finishes, this window will close automatically. If it does not, you can close it manually.</p>
+            <img id="qr" alt="Integration QR code" style="display:none;" />
+            <p class="muted">If this flow needs QR scan approval, the code will appear below.</p>
           </div>
           <script>
             const statusEl = document.getElementById('status');
@@ -207,12 +210,12 @@ router.get('/:provider/connect/:sessionId', (req, res) => {
               const data = await response.json();
               const status = String(data.status || 'connecting');
               if (status === 'awaiting_qr' && data.qr) {
-                statusEl.textContent = 'Scan this QR code with WhatsApp on your phone.';
+                statusEl.textContent = 'Scan this QR code to continue linking.';
                 qrEl.src = 'https://api.qrserver.com/v1/create-qr-code/?data=' + encodeURIComponent(data.qr) + '&size=320x320';
                 qrEl.style.display = 'block';
               } else if (status === 'connected') {
                 qrEl.style.display = 'none';
-                statusEl.textContent = 'Connected as ' + (data.accountEmail || 'your WhatsApp account') + '. Closing…';
+                statusEl.textContent = 'Connected as ' + (data.accountEmail || 'your account') + '. Closing…';
                 notifyOpener({
                   type: 'integration_oauth_success',
                   provider,
@@ -233,7 +236,7 @@ router.get('/:provider/connect/:sessionId', (req, res) => {
                 });
                 return;
               } else {
-                statusEl.textContent = 'Waiting for WhatsApp to generate a QR code…';
+                statusEl.textContent = 'Waiting for the integration to finish linking…';
               }
               setTimeout(refresh, 1500);
             }
@@ -358,4 +361,90 @@ router.get('/:provider/tools/status', (req, res) => {
   }
 });
 
+router.get('/:provider/config', (req, res) => {
+  try {
+    const manager = getIntegrationManager(req);
+    if (!manager) {
+      throw new Error('Official integration manager is not available on app.locals.integrationManager.');
+    }
+    const provider = manager.getProvider(req.params.provider);
+    if (!provider) {
+      throw new Error(`Unknown integration provider: ${req.params.provider}`);
+    }
+    if (typeof provider.getUserConfig !== 'function') {
+      return res.status(404).json({
+        error: `${provider.label} does not support per-user configuration.`,
+      });
+    }
+    const config = provider.getUserConfig({
+      userId: req.session.userId,
+      agentId: resolveAgentId(req.session.userId, getAgentIdFromRequest(req)),
+    });
+    res.json({
+      provider: provider.key,
+      config,
+    });
+  } catch (err) {
+    res.status(400).json({ error: sanitizeError(err) });
+  }
+});
+
+router.put('/:provider/config', async (req, res) => {
+  try {
+    const manager = getIntegrationManager(req);
+    if (!manager) {
+      throw new Error('Official integration manager is not available on app.locals.integrationManager.');
+    }
+    const provider = manager.getProvider(req.params.provider);
+    if (!provider) {
+      throw new Error(`Unknown integration provider: ${req.params.provider}`);
+    }
+    if (typeof provider.saveUserConfig !== 'function') {
+      return res.status(404).json({
+        error: `${provider.label} does not support per-user configuration.`,
+      });
+    }
+    const config = await provider.saveUserConfig({
+      userId: req.session.userId,
+      agentId: resolveAgentId(req.session.userId, getAgentIdFromRequest(req)),
+      config: req.body?.config || req.body || {},
+    });
+    res.json({
+      provider: provider.key,
+      config,
+      saved: true,
+    });
+  } catch (err) {
+    res.status(400).json({ error: sanitizeError(err) });
+  }
+});
+
+router.delete('/:provider/config', async (req, res) => {
+  try {
+    const manager = getIntegrationManager(req);
+    if (!manager) {
+      throw new Error('Official integration manager is not available on app.locals.integrationManager.');
+    }
+    const provider = manager.getProvider(req.params.provider);
+    if (!provider) {
+      throw new Error(`Unknown integration provider: ${req.params.provider}`);
+    }
+    if (typeof provider.clearUserConfig !== 'function') {
+      return res.status(404).json({
+        error: `${provider.label} does not support per-user configuration.`,
+      });
+    }
+    await provider.clearUserConfig({
+      userId: req.session.userId,
+      agentId: resolveAgentId(req.session.userId, getAgentIdFromRequest(req)),
+    });
+    res.json({
+      provider: provider.key,
+      cleared: true,
+    });
+  } catch (err) {
+    res.status(400).json({ error: sanitizeError(err) });
+  }
+});
+
 module.exports = router;

package/server/routes/memory.js

@@ -1,11 +1,20 @@
 const express = require('express');
 const router = express.Router();
+const rateLimit = require('express-rate-limit');
 const { requireAuth } = require('../middleware/auth');
 const { sanitizeError } = require('../utils/security');
 const { getAgentIdFromRequest, resolveAgentId } = require('../services/agents/manager');
 
 router.use(requireAuth);
 
+const apiKeyMutationLimiter = rateLimit({
+  windowMs: 15 * 60 * 1000,
+  max: 60,
+  message: { error: 'Too many API key update attempts, try again later' },
+  standardHeaders: true,
+  legacyHeaders: false,
+});
+
 function normalizeMemoryIds(value) {
   return [...new Set(
     (Array.isArray(value) ? value : [])
@@ -232,12 +241,12 @@ router.get('/api-keys', (req, res) => {
   res.json(masked);
 });
 
-router.put('/api-keys/:service', (req, res) => {
+router.put('/api-keys/:service', apiKeyMutationLimiter, (req, res) => {
   req.app.locals.memoryManager.setApiKey(req.params.service, req.body.key, req.session.userId);
   res.json({ success: true });
 });
 
-router.delete('/api-keys/:service', (req, res) => {
+router.delete('/api-keys/:service', apiKeyMutationLimiter, (req, res) => {
   req.app.locals.memoryManager.deleteApiKey(req.params.service, req.session.userId);
   res.json({ success: true });
 });

package/server/routes/screenHistory.js

@@ -0,0 +1,46 @@
+'use strict';
+
+const express = require('express');
+const db = require('../db/database');
+const { getErrorMessage } = require('../services/bootstrap_helpers');
+
+const router = express.Router();
+
+router.get('/search', (req, res) => {
+  const { q, limit = 50, offset = 0 } = req.query;
+
+  if (!req.user || !req.user.id) {
+    return res.status(401).json({ error: 'Unauthorized' });
+  }
+
+  try {
+    let results = [];
+    if (q) {
+      // Full text search
+      results = db.prepare(`
+        SELECT s.id, s.timestamp, s.app_name, s.text_content
+        FROM screen_history_fts fts
+        JOIN screen_history s ON fts.rowid = s.id
+        WHERE screen_history_fts MATCH ? AND s.user_id = ?
+        ORDER BY s.timestamp DESC
+        LIMIT ? OFFSET ?
+      `).all(q, req.user.id, Number(limit), Number(offset));
+    } else {
+      // Recent history
+      results = db.prepare(`
+        SELECT id, timestamp, app_name, text_content
+        FROM screen_history
+        WHERE user_id = ?
+        ORDER BY timestamp DESC
+        LIMIT ? OFFSET ?
+      `).all(req.user.id, Number(limit), Number(offset));
+    }
+
+    res.json({ results });
+  } catch (err) {
+    console.error('[ScreenHistory] Search error:', getErrorMessage(err));
+    res.status(500).json({ error: 'Failed to search screen history' });
+  }
+});
+
+module.exports = router;

package/server/routes/triggers.js

@@ -0,0 +1,81 @@
+'use strict';
+
+const express = require('express');
+const db = require('../db/database');
+const { getErrorMessage } = require('../services/bootstrap_helpers');
+const { requireAuth } = require('../middleware/auth');
+
+const router = express.Router();
+
+router.use(requireAuth);
+
+router.post('/geofence', async (req, res) => {
+  const { label, latitude, longitude, radius_meters, action } = req.body;
+
+  try {
+    const userRow = db.prepare('SELECT id FROM users WHERE id = ?').get(req.user.id);
+    if (!userRow) return res.status(401).json({ error: 'Unauthorized' });
+
+    console.log(`[Triggers] Geofence entered: ${label} by user ${req.user.id}`);
+
+    // If an agentEngine is running, we can inject a prompt to process this context
+    const agentEngine = req.app.locals.agentEngine;
+    if (agentEngine) {
+      // Find active agent or use default
+      const defaultAgentId = db.prepare('SELECT id FROM agents WHERE user_id = ? ORDER BY is_default DESC LIMIT 1').get(req.user.id)?.id;
+      
+      if (defaultAgentId) {
+        // Fire and forget a trigger message to the agent
+        agentEngine.handleBackgroundTrigger(req.user.id, defaultAgentId, {
+          source: 'geofence',
+          label,
+          action: action || 'User entered a geofenced area. Check if there are any active reminders or tasks related to this location.'
+        }).catch(err => console.error('[Triggers] Agent evaluation failed:', err));
+      }
+    }
+
+    res.json({ success: true, message: 'Geofence trigger processed' });
+  } catch (err) {
+    console.error('[Triggers] Geofence error:', getErrorMessage(err));
+    res.status(500).json({ error: 'Failed to process geofence trigger' });
+  }
+});
+
+router.post('/notification', async (req, res) => {
+  const { app_package, title, body, action_taken } = req.body;
+
+  try {
+    const userRow = db.prepare('SELECT id FROM users WHERE id = ?').get(req.user.id);
+    if (!userRow) return res.status(401).json({ error: 'Unauthorized' });
+
+    console.log(`[Triggers] Notification received: ${app_package} - ${title}`);
+
+    db.prepare(`
+      INSERT INTO notification_history (user_id, app_package, title, body, action_taken)
+      VALUES (?, ?, ?, ?, ?)
+    `).run(req.user.id, app_package || 'unknown', title || '', body || '', action_taken || 'none');
+
+    // Notify agent engine to proactively evaluate the notification
+    const agentEngine = req.app.locals.agentEngine;
+    if (agentEngine) {
+      const defaultAgentId = db.prepare('SELECT id FROM agents WHERE user_id = ? ORDER BY is_default DESC LIMIT 1').get(req.user.id)?.id;
+      
+      if (defaultAgentId) {
+        agentEngine.handleBackgroundTrigger(req.user.id, defaultAgentId, {
+          source: 'notification',
+          app_package,
+          title,
+          body,
+          instruction: 'Evaluate this notification. If it is an important reminder, calendar event, or urgent message, inform the user or take appropriate action.'
+        }).catch(err => console.error('[Triggers] Agent evaluation failed:', err));
+      }
+    }
+
+    res.json({ success: true, message: 'Notification trigger processed and stored' });
+  } catch (err) {
+    console.error('[Triggers] Notification error:', getErrorMessage(err));
+    res.status(500).json({ error: 'Failed to process notification trigger' });
+  }
+});
+
+module.exports = router;

package/server/services/ai/engine.js

@@ -686,6 +686,7 @@ class AgentEngine {
     content,
     kind,
     expectsReply = false,
+    deferFollowUp = false,
   } = {}) {
     const runMeta = this.getRunMeta(runId);
     if (!runMeta || runMeta.aborted) {
@@ -715,6 +716,9 @@ class AgentEngine {
       kind: normalizedKind,
       expectsReply,
     });
+    if (deferFollowUp === true) {
+      metadata.defer_follow_up = true;
+    }
     const createdAt = new Date().toISOString();
 
     if (triggerSource === 'messaging') {
@@ -739,6 +743,7 @@ class AgentEngine {
         content: normalizedContent,
         kind: normalizedKind,
         expectsReply,
+        deferFollowUp,
       });
     } else {
       db.prepare(
@@ -758,6 +763,7 @@ class AgentEngine {
       content: normalizedContent,
       kind: normalizedKind,
       expectsReply: expectsReply === true,
+      deferFollowUp: deferFollowUp === true,
       createdAt,
     });
     runMeta.lastInterimMessage = normalizedContent;
@@ -767,6 +773,7 @@ class AgentEngine {
       content: normalizedContent,
       kind: normalizedKind,
       expectsReply: expectsReply === true,
+      deferFollowUp: deferFollowUp === true,
       triggerSource,
       platform: triggerSource === 'messaging' ? platform : 'web',
     });
@@ -783,6 +790,7 @@ class AgentEngine {
       latestInterim: {
         kind: normalizedKind,
         expectsReply: expectsReply === true,
+        deferFollowUp: deferFollowUp === true,
         content: normalizedContent,
         createdAt,
       },
@@ -795,6 +803,7 @@ class AgentEngine {
       sent: true,
       kind: normalizedKind,
       expectsReply: expectsReply === true,
+      deferFollowUp: deferFollowUp === true,
       content: normalizedContent,
       terminal: terminalInterim,
     };

package/server/services/ai/models.js

@@ -3,6 +3,8 @@ const { GoogleProvider } = require('./providers/google');
 const { GrokProvider } = require('./providers/grok');
 const { OllamaProvider } = require('./providers/ollama');
 const { OpenAIProvider } = require('./providers/openai');
+const { GithubCopilotProvider } = require('./providers/githubCopilot');
+const { OpenAICodexProvider } = require('./providers/openaiCodex');
 const {
     AI_PROVIDER_DEFINITIONS,
     getProviderConfigs,
@@ -16,6 +18,30 @@ const STATIC_MODELS = [
         provider: 'grok',
         purpose: 'general'
     },
+    {
+        id: 'gpt-5.3',
+        label: 'GPT-5.3 (Copilot Default)',
+        provider: 'github-copilot',
+        purpose: 'general'
+    },
+    {
+        id: 'gpt-4.1',
+        label: 'GPT-4.1 (Copilot Fast)',
+        provider: 'github-copilot',
+        purpose: 'coding'
+    },
+    {
+        id: 'gpt-5.3-codex',
+        label: 'GPT-5.3 (Codex Default)',
+        provider: 'openai-codex',
+        purpose: 'general'
+    },
+    {
+        id: 'gpt-4.1-codex',
+        label: 'GPT-4.1 (Codex Fast)',
+        provider: 'openai-codex',
+        purpose: 'coding'
+    },
     {
         id: 'gpt-5-nano',
         label: 'GPT-5 Nano (Fast / Subagents)',
@@ -302,6 +328,10 @@ function createProviderInstance(providerStr, userId = null, configOverrides = {}
         return new AnthropicProvider({ apiKey: runtime.apiKey, baseUrl: runtime.baseUrl, ...providerOverrides });
     } else if (providerStr === 'ollama') {
         return new OllamaProvider({ baseUrl: runtime.baseUrl, ...providerOverrides });
+    } else if (providerStr === 'github-copilot') {
+        return new GithubCopilotProvider({ apiKey: runtime.apiKey, ...providerOverrides });
+    } else if (providerStr === 'openai-codex') {
+        return new OpenAICodexProvider({ apiKey: runtime.apiKey, ...providerOverrides });
     }
     throw new Error(`Unknown provider: ${providerStr}`);
 }

package/server/services/ai/providers/githubCopilot.js

@@ -0,0 +1,97 @@
+const { OpenAIProvider } = require('./openai');
+
+class GithubCopilotProvider extends OpenAIProvider {
+  constructor(config = {}) {
+    // GitHub Copilot base URL defaults to the individual endpoint
+    const defaultBaseUrl = 'https://api.individual.githubcopilot.com';
+    const baseUrl = config.baseUrl || process.env.GITHUB_COPILOT_BASE_URL || defaultBaseUrl;
+
+    super({
+      ...config,
+      apiKey: config.apiKey || process.env.GITHUB_COPILOT_ACCESS_TOKEN,
+      baseUrl,
+      // Pass special headers required by GitHub Copilot
+      defaultHeaders: {
+        'Editor-Version': 'vscode/1.90.0',
+        'Editor-Plugin-Version': 'copilot-chat/0.15.0',
+        'User-Agent': 'GithubCopilot/1.155.0',
+        'X-Github-Api-Version': '2023-07-07',
+        'Copilot-Integration-Id': 'vscode-chat'
+      }
+    });
+    this.name = 'github-copilot';
+    this.githubToken = config.apiKey || process.env.GITHUB_COPILOT_ACCESS_TOKEN;
+    this.copilotToken = null;
+    this.tokenExpiresAt = 0;
+    this._refreshPromise = null;
+  }
+
+  async _refreshCopilotToken() {
+    if (this._refreshPromise) return this._refreshPromise;
+
+    const now = Math.floor(Date.now() / 1000);
+    // Refresh token if missing or expiring in less than 5 minutes
+    if (this.copilotToken && this.tokenExpiresAt >= now + 300) {
+      return;
+    }
+
+    this._refreshPromise = (async () => {
+      try {
+        if (!this.githubToken) {
+          throw new Error('GitHub Copilot access token is missing. Please run `neoagent login github-copilot`.');
+        }
+
+        const res = await fetch('https://api.github.com/copilot_internal/v2/token', {
+          headers: {
+            'Authorization': `token ${this.githubToken}`,
+            'Accept': 'application/json',
+            'User-Agent': 'NeoAgent/1.0.0'
+          }
+        });
+
+        if (!res.ok) {
+          const errorText = await res.text().catch(() => 'Unknown error');
+          throw new Error(`Failed to refresh GitHub Copilot token: HTTP ${res.status} - ${errorText}`);
+        }
+
+        const data = await res.json();
+        if (!data || typeof data.token !== 'string' || !data.token) {
+          throw new Error('Invalid token response from GitHub Copilot.');
+        }
+
+        this.copilotToken = data.token;
+        this.tokenExpiresAt = typeof data.expires_at === 'number'
+          ? data.expires_at
+          : Math.floor(new Date(data.expires_at).getTime() / 1000);
+
+        if (isNaN(this.tokenExpiresAt)) {
+          this.tokenExpiresAt = Math.floor(Date.now() / 1000) + 1800;
+        }
+
+        // Update the client's API key
+        this.client.apiKey = this.copilotToken;
+      } finally {
+        this._refreshPromise = null;
+      }
+    })();
+
+    return this._refreshPromise;
+  }
+
+  async chat(messages, tools = [], options = {}) {
+    await this._refreshCopilotToken();
+    return super.chat(messages, tools, options);
+  }
+
+  async *stream(messages, tools = [], options = {}) {
+    await this._refreshCopilotToken();
+    yield* super.stream(messages, tools, options);
+  }
+
+  async analyzeImage(options = {}) {
+    await this._refreshCopilotToken();
+    return super.analyzeImage(options);
+  }
+}
+
+module.exports = { GithubCopilotProvider };

package/server/services/ai/providers/openaiCodex.js

@@ -0,0 +1,26 @@
+const { OpenAIProvider } = require('./openai');
+
+class OpenAICodexProvider extends OpenAIProvider {
+  constructor(config = {}) {
+    const officialBaseUrl = 'https://api.openai.com/v1';
+    const baseUrl = config.baseUrl || process.env.OPENAI_CODEX_BASE_URL || 'https://chatgpt.com/backend-api/codex';
+    
+    if (!baseUrl.includes('api.openai.com') && !baseUrl.includes('chatgpt.com')) {
+      console.warn(`[OpenAICodex] Using non-official base URL: ${baseUrl}`);
+    } else if (baseUrl.includes('chatgpt.com')) {
+      console.info(`[OpenAICodex] Using ChatGPT subscription endpoint: ${baseUrl}`);
+    }
+
+    super({
+      ...config,
+      apiKey: config.apiKey || process.env.OPENAI_CODEX_ACCESS_TOKEN,
+      baseUrl
+    });
+    this.name = 'openai-codex';
+  }
+
+  // OpenAI Codex (subscription-based) uses the OAuth token directly as the API key.
+  // The base URL routes it through the ChatGPT backend-api.
+}
+
+module.exports = { OpenAICodexProvider };

package/server/services/ai/settings.js

@@ -59,6 +59,26 @@ const AI_PROVIDER_DEFINITIONS = Object.freeze({
     defaultEnabled: false,
     defaultBaseUrl: 'https://api.minimax.io/anthropic'
   },
+  'github-copilot': {
+    id: 'github-copilot',
+    label: 'GitHub Copilot',
+    description: 'Use your GitHub Copilot subscription as an AI provider.',
+    envKey: 'GITHUB_COPILOT_ACCESS_TOKEN',
+    supportsApiKey: true,
+    supportsBaseUrl: true,
+    defaultEnabled: false,
+    defaultBaseUrl: 'https://api.githubcopilot.com'
+  },
+  'openai-codex': {
+    id: 'openai-codex',
+    label: 'OpenAI Codex',
+    description: 'Use your ChatGPT/Codex subscription as an AI provider.',
+    envKey: 'OPENAI_CODEX_ACCESS_TOKEN',
+    supportsApiKey: true,
+    supportsBaseUrl: true,
+    defaultEnabled: false,
+    defaultBaseUrl: 'https://api.openai.com/v1'
+  },
   ollama: {
     id: 'ollama',
     label: 'Ollama',

package/server/services/ai/systemPrompt.js

@@ -138,7 +138,7 @@ When drafting on behalf of the user, match their likely voice from available con
 If the user approves a previously shown draft, send that draft rather than silently rewriting it.
 
 TASKS
-Use one-time schedule triggers for single reminders or delayed actions, recurring schedule triggers for repeating automation, and official integration triggers when the task should react to connected Gmail, Outlook, Slack, Teams, or WhatsApp Personal events. Make task prompts self-contained: who/what to check, exact action to take, when to notify, and which channel to use if known.
+Use manual triggers for run-on-demand tasks, one-time schedule triggers for single reminders or delayed actions, recurring schedule triggers for repeating automation, and official integration triggers when the task should react to connected Gmail, Outlook, Slack, Teams, or WhatsApp Personal events. When calling task tools, prefer one unified trigger section: trigger={ type, config }. Make task prompts self-contained: who/what to check, exact action to take, when to notify, and which channel to use if known.
 Do not create vague tasks like "check this" when the future run would not know what "this" means. Resolve references into names, links, file paths, IDs, dates, and success criteria before saving the task.
 For notification tasks, distinguish between notifying the user in their current messaging channel, emailing the user, and contacting someone else. Default reminders should notify the user through the active messaging channel unless the user explicitly asks for email, phone, or a third party.
 When creating or updating a task, include whether it should notify every time, only on change, only on errors, or only when a condition is met. If unspecified, choose the least noisy useful behavior and say what you chose.