npm - nothumanallowed - Versions diffs - 16.0.22 → 16.0.24 - Mend

nothumanallowed 16.0.22 → 16.0.24

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/package.json +1 -1
package/src/constants.mjs +1 -1
package/src/server/routes/webcraft.mjs +650 -48
package/src/services/message-responder.mjs +145 -27

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "nothumanallowed",
-  "version": "16.0.22",
+  "version": "16.0.24",
   "description": "NotHumanAllowed — 38 AI agents, 80 tools, Studio (visual agentic workflows). Email, calendar, browser automation, screen capture, canvas, cron/heartbeat, Alexandria E2E messaging, GitHub, Notion, Slack, voice chat, free AI (Liara), 28 languages. Zero-dependency CLI.",
   "type": "module",
   "bin": {

package/src/constants.mjs CHANGED Viewed

@@ -5,7 +5,7 @@ import { fileURLToPath } from 'url';
 const __filename = fileURLToPath(import.meta.url);
 const __dirname = path.dirname(__filename);
-export const VERSION = '16.0.22';
+export const VERSION = '16.0.24';
 export const BASE_URL = 'https://nothumanallowed.com/cli';
 export const API_BASE = 'https://nothumanallowed.com/api/v1';

package/src/server/routes/webcraft.mjs CHANGED Viewed

@@ -155,19 +155,40 @@ class SandboxManager {
     }
     emit({ type: 'status', msg: `Entry point: ${entryFile}` });
-    // ── Phase 2: Dependencies ─────────────────────────────────────────────
+    // ── Phase 2: Dependencies (pre-scan + batch install) ──────────────────
+    // Pre-scan the project source files for require()/import statements and
+    // diff against package.json + node_modules. Install everything missing in
+    // ONE batch BEFORE spawning the sandbox, so the Tier 1 retry-on-crash
+    // becomes a fallback, not the main code path.
     if (fs.existsSync(path.join(projectDir, 'package.json'))) {
+      const scanned = _scanProjectImports(projectDir);
+      const declared = _declaredDeps(projectDir);
+      const installed = _installedDeps(projectDir);
+      const missing = [...scanned].filter(m => !declared.has(m) && !installed.has(m) && !_SHIMMED_MODULES.has(m));
+      if (missing.length > 0) {
+        emit({ type: 'phase', phase: 'deps-prescan', msg: `Pre-scan: ${missing.length} missing module${missing.length === 1 ? '' : 's'} → ${missing.slice(0, 8).join(', ')}${missing.length > 8 ? '...' : ''}` });
+      }
       emit({ type: 'phase', phase: 'deps', msg: 'Installing dependencies...' });
+      const installCmd = missing.length > 0
+        ? `npm install --save --prefer-offline --no-audit --no-fund ${missing.map(m => JSON.stringify(m)).join(' ')} 2>&1`
+        : 'npm install --prefer-offline --no-audit --no-fund 2>&1';
       try {
-        const { stdout } = await execAsync('npm install --prefer-offline --no-audit --no-fund 2>&1', {
+        const { stdout } = await execAsync(installCmd, {
           cwd: projectDir,
-          timeout: 120_000,
+          timeout: 180_000,
           env: { ...process.env, NODE_ENV: 'development' },
         });
         const added = stdout.match(/added (\d+) package/)?.[1] || '0';
-        emit({ type: 'status', msg: `Dependencies installed (${added} packages)` });
+        emit({ type: 'status', msg: `Dependencies installed (${added} packages${missing.length ? `, batch: ${missing.join(', ')}` : ''})` });
       } catch (e) {
-        emit({ type: 'warn', msg: `npm install warning: ${e.message.slice(0, 300)}` });
+        const diag = _classifyInstallError(e);
+        emit({ type: 'warn', msg: `npm install failed — reason: ${diag.reason}. ${diag.hint}` });
+        if (diag.offlineFallback) {
+          emit({ type: 'status', msg: 'Activating NHA_OFFLINE_SHIM=1 fallback for missing modules.' });
+          this._offlineShim = true;
+        }
       }
     }
@@ -201,14 +222,16 @@ class SandboxManager {
     // Capture stderr for missing module detection
     let stderrBuf = '';
+    const childEnv = {
+      ...process.env,
+      PORT: String(port),
+      NODE_ENV: 'development',
+      NHA_SANDBOX: '1',
+    };
+    if (this._offlineShim) childEnv.NHA_OFFLINE_SHIM = '1';
     const proc = spawn('node', [patchedEntry], {
       cwd: projectDir,
-      env: {
-        ...process.env,
-        PORT: String(port),
-        NODE_ENV: 'development',
-        NHA_SANDBOX: '1',
-      },
+      env: childEnv,
       detached: true,
       stdio: ['ignore', 'pipe', 'pipe'],
     });
@@ -291,25 +314,38 @@ class SandboxManager {
       emit({ type: 'warn', msg: 'Process exited but stderr is EMPTY — could be: process killed by OS, spawn failed before any output, or stdio mis-routed. Run "node .nha-launcher.js" manually in the project dir to reproduce.' });
     }
-    // ── Tier 1: missing module → npm install + retry ─────────────────────
-    const missingMatch = stderrBuf.match(/Cannot find module ['"]([^'"]+)['"]/);
-    if (missingMatch && _attempt < MAX_RETRIES) {
-      const missingMod = missingMatch[1];
-      if (!missingMod.startsWith('.') && !missingMod.startsWith('/') && !missingMod.startsWith('node:')) {
-        const pkgName = missingMod.startsWith('@') ? missingMod.split('/').slice(0, 2).join('/') : missingMod.split('/')[0];
-        emit({ type: 'phase', phase: 'autofix', msg: `Missing module "${pkgName}" — installing...` });
-        try {
-          await execAsync(`npm install --save ${pkgName} --no-audit --no-fund`, {
-            cwd: projectDir,
-            timeout: 60_000,
-            env: { ...process.env, NODE_ENV: 'development' },
-          });
-          emit({ type: 'status', msg: `Installed ${pkgName} — retrying (attempt ${_attempt + 1}/${MAX_RETRIES})...` });
+    // ── Tier 1: missing module → batch install all missing + retry ───────
+    // The pre-scan in Phase 2 catches most cases. Tier 1 here is the safety
+    // net for files generated AFTER pre-scan (e.g. user added a require()
+    // during chat) or for transitive crashes that surface only at runtime.
+    const missingModules = [...stderrBuf.matchAll(/Cannot find module ['"]([^'"]+)['"]/g)]
+      .map(m => m[1])
+      .filter(m => !m.startsWith('.') && !m.startsWith('/') && !m.startsWith('node:'))
+      .map(m => m.startsWith('@') ? m.split('/').slice(0, 2).join('/') : m.split('/')[0]);
+    const uniqueMissing = [...new Set(missingModules)].filter(m => !_SHIMMED_MODULES.has(m));
+    if (uniqueMissing.length > 0 && _attempt < MAX_RETRIES) {
+      emit({ type: 'phase', phase: 'autofix', msg: `Missing module${uniqueMissing.length === 1 ? '' : 's'}: ${uniqueMissing.join(', ')} — batch installing...` });
+      try {
+        await execAsync(`npm install --save --no-audit --no-fund ${uniqueMissing.map(m => JSON.stringify(m)).join(' ')}`, {
+          cwd: projectDir,
+          timeout: 120_000,
+          env: { ...process.env, NODE_ENV: 'development' },
+        });
+        emit({ type: 'status', msg: `Installed ${uniqueMissing.join(', ')} — retrying (attempt ${_attempt + 1}/${MAX_RETRIES})...` });
+        return this.start(projectName, projectDir, emit, _attempt + 1);
+      } catch (installErr) {
+        const diag = _classifyInstallError(installErr);
+        emit({ type: 'warn', msg: `Batch install failed — reason: ${diag.reason}. ${diag.hint}` });
+        if (diag.offlineFallback) {
+          emit({ type: 'status', msg: `Activating NHA_OFFLINE_SHIM=1 fallback — retrying with offline shim...` });
+          this._offlineShim = true;
           return this.start(projectName, projectDir, emit, _attempt + 1);
-        } catch (installErr) {
-          emit({ type: 'warn', msg: `Failed to install ${pkgName}: ${installErr.message.slice(0, 200)}` });
         }
       }
+    } else if (missingModules.length > 0 && uniqueMissing.length === 0) {
+      // All missing modules are shimmable — should never reach here because
+      // the shim handles them transparently. If it does, log the surprise.
+      emit({ type: 'warn', msg: `Crash mentions modules that ARE shimmed (${missingModules.join(', ')}). The shim index.js may not have been preloaded — check .nha-launcher.js wiring.` });
     }
     // ── Tier 2: runtime errors that need code fix (require/import mismatch,
@@ -3399,7 +3435,137 @@ function _patchEntry(projectDir, entryFile, shimDir, port) {
   return '.nha-launcher.js';
 }
-function _writeShims(shimDir) {
+// Authoritative list of modules covered by our offline-safe shims.
+// Used by both the pre-scan (to skip them from npm install) and the Tier 1
+// retry (to detect "missing module" stderr that's already covered by a shim).
+export const _SHIMMED_MODULES = new Set([
+  'pg', 'redis', 'ioredis', 'helmet', 'mongoose', 'sequelize',
+  'dotenv', 'cors', 'morgan', 'body-parser', 'cookie-parser',
+  'compression', 'express-rate-limit', 'jsonwebtoken', 'bcryptjs', 'bcrypt',
+  'uuid', 'lodash', 'debug', 'chalk', 'multer', 'axios',
+]);
+/** Read declared dependencies from package.json (deps + devDeps + peer). */
+function _declaredDeps(projectDir) {
+  const pkgPath = path.join(projectDir, 'package.json');
+  if (!fs.existsSync(pkgPath)) return new Set();
+  try {
+    const pkg = JSON.parse(fs.readFileSync(pkgPath, 'utf-8'));
+    return new Set([
+      ...Object.keys(pkg.dependencies || {}),
+      ...Object.keys(pkg.devDependencies || {}),
+      ...Object.keys(pkg.peerDependencies || {}),
+      ...Object.keys(pkg.optionalDependencies || {}),
+    ]);
+  } catch { return new Set(); }
+}
+/** List top-level node_modules entries already on disk. */
+function _installedDeps(projectDir) {
+  const nm = path.join(projectDir, 'node_modules');
+  if (!fs.existsSync(nm)) return new Set();
+  try {
+    const out = new Set();
+    for (const entry of fs.readdirSync(nm)) {
+      if (entry.startsWith('.')) continue;
+      if (entry.startsWith('@')) {
+        const scopedDir = path.join(nm, entry);
+        try {
+          for (const sub of fs.readdirSync(scopedDir)) out.add(`${entry}/${sub}`);
+        } catch {}
+      } else {
+        out.add(entry);
+      }
+    }
+    return out;
+  } catch { return new Set(); }
+}
+/** Walk project files and extract all bare-import module names. */
+export function _scanProjectImports(projectDir, maxFiles = 500, maxBytes = 200_000) {
+  const found = new Set();
+  const exts = new Set(['.js', '.mjs', '.cjs', '.ts', '.tsx', '.jsx']);
+  const skipDirs = new Set(['node_modules', '.git', '.nha-shims', 'dist', 'build', '.next', 'coverage']);
+  const reRequire = /\brequire\s*\(\s*['"]([^'".][^'"]*)['"]\s*\)/g;
+  const reImport = /\bimport\s+(?:[^'"]*\s+from\s+)?['"]([^'".][^'"]*)['"]/g;
+  const reImportSide = /\bimport\s*\(\s*['"]([^'".][^'"]*)['"]\s*\)/g;
+  const stack = [projectDir];
+  let scanned = 0;
+  while (stack.length && scanned < maxFiles) {
+    const dir = stack.pop();
+    let entries;
+    try { entries = fs.readdirSync(dir, { withFileTypes: true }); } catch { continue; }
+    for (const entry of entries) {
+      if (skipDirs.has(entry.name) || entry.name.startsWith('.')) continue;
+      const full = path.join(dir, entry.name);
+      if (entry.isDirectory()) { stack.push(full); continue; }
+      if (!exts.has(path.extname(entry.name))) continue;
+      let content;
+      try {
+        const stat = fs.statSync(full);
+        if (stat.size > maxBytes) continue;
+        content = fs.readFileSync(full, 'utf-8');
+      } catch { continue; }
+      scanned++;
+      for (const re of [reRequire, reImport, reImportSide]) {
+        re.lastIndex = 0;
+        let m;
+        while ((m = re.exec(content)) !== null) {
+          const spec = m[1];
+          if (spec.startsWith('node:')) continue;
+          const pkg = spec.startsWith('@') ? spec.split('/').slice(0, 2).join('/') : spec.split('/')[0];
+          if (pkg) found.add(pkg);
+        }
+      }
+    }
+  }
+  return found;
+}
+/** Classify npm install errors into actionable categories. */
+export function _classifyInstallError(err) {
+  const msg = String(err?.message || err?.stderr || err?.stdout || err || '').toLowerCase();
+  if (/enotfound|etimedout|econnrefused|econnreset|network/.test(msg)) {
+    return { reason: 'offline (npm registry unreachable)', offlineFallback: true,
+      hint: 'Check VM network bridge/NAT, DNS, or corporate proxy (HTTP_PROXY/HTTPS_PROXY). Activating shim fallback.' };
+  }
+  if (/e404|notarget|not found in the npm registry/.test(msg)) {
+    return { reason: 'package does not exist on npm', offlineFallback: false,
+      hint: 'The package name from the LLM-generated code is likely a hallucination. Tier 2 LLM-rewrite will rename it.' };
+  }
+  if (/eacces|eperm|permission denied/.test(msg)) {
+    return { reason: 'permissions denied', offlineFallback: false,
+      hint: 'Run `sudo chown -R $USER ~/.nha` or move the project out of a root-owned directory.' };
+  }
+  if (/engine|unsupported.*node|requires node/.test(msg)) {
+    return { reason: 'Node version mismatch', offlineFallback: false,
+      hint: 'The package requires a different Node version. Check `node --version` and consider using nvm.' };
+  }
+  if (/eintegrity|sha-?(?:1|512) integrity|tarball/.test(msg)) {
+    return { reason: 'package integrity failure', offlineFallback: false,
+      hint: 'Try `rm -rf node_modules package-lock.json && npm install` to clear the cache.' };
+  }
+  return { reason: 'unknown', offlineFallback: false,
+    hint: (err?.message || '').slice(0, 200) };
+}
+export function _writeShims(shimDir) {
+  // ── Functional offline-safe shims for the 14 most common npm dependencies.
+  // These are NOT no-ops: they implement enough of the real API to keep code
+  // generated by the LLM running even when npm install is unavailable (VMs
+  // without network, corporate proxies, CI cache misses, etc.).
+  //
+  // Categories:
+  //   • Storage stubs:    pg, redis, ioredis, mongoose, sequelize
+  //   • Security stubs:   helmet, jsonwebtoken, bcryptjs
+  //   • Express middlew:  cors, morgan, body-parser, cookie-parser,
+  //                       compression, express-rate-limit, multer
+  //   • Utility stubs:    dotenv, uuid, lodash, debug, chalk, axios
+  //
+  // Every shim exports both CJS `module.exports` AND `.default` so it works
+  // under both `require('x')` and `import x from 'x'` interop.
   // In-memory pg replacement
   const pgShim = `
 const EventEmitter = require('events');
@@ -3476,35 +3642,471 @@ handler.xssFilter = handler;
 module.exports = handler;
 `;
-  // Generic no-op shim for unknown enterprise deps
-  const noopShim = `module.exports = new Proxy({}, { get: () => new Proxy(() => {}, { get: (_, p) => p === 'then' ? undefined : new Proxy(() => {}, { get: (__, q) => q === 'then' ? undefined : () => {} }) }) });`;
+  // dotenv — actually parses .env files and sets process.env
+  const dotenvShim = `
+const fs = require('fs');
+const path = require('path');
+function parse(src) {
+  const out = {};
+  const s = src.toString();
+  const re = /^\\s*([A-Za-z_][A-Za-z0-9_]*)\\s*=\\s*(.*?)\\s*$/;
+  for (const raw of s.split(/\\r?\\n/)) {
+    if (!raw || raw.trim().startsWith('#')) continue;
+    const m = raw.match(re);
+    if (!m) continue;
+    let v = m[2];
+    if ((v.startsWith('"') && v.endsWith('"')) || (v.startsWith("'") && v.endsWith("'"))) {
+      v = v.slice(1, -1);
+    }
+    out[m[1]] = v;
+  }
+  return out;
+}
+function config(opts) {
+  opts = opts || {};
+  try {
+    const p = opts.path || path.join(process.cwd(), '.env');
+    if (!fs.existsSync(p)) return { parsed: {} };
+    const parsed = parse(fs.readFileSync(p, 'utf-8'));
+    for (const k of Object.keys(parsed)) {
+      if (opts.override || !(k in process.env)) process.env[k] = parsed[k];
+    }
+    return { parsed };
+  } catch (e) { return { error: e }; }
+}
+module.exports = { config, parse };
+module.exports.default = module.exports;
+`;
+  // cors — full Express middleware factory
+  const corsShim = `
+function cors(opts) {
+  opts = opts || {};
+  const origin = opts.origin === undefined ? '*' : opts.origin;
+  const methods = opts.methods || 'GET,HEAD,PUT,PATCH,POST,DELETE';
+  const credentials = opts.credentials === true;
+  const allowedHeaders = opts.allowedHeaders || 'Content-Type,Authorization';
+  return function (req, res, next) {
+    const o = typeof origin === 'function' ? origin(req) : origin;
+    res.setHeader('Access-Control-Allow-Origin', Array.isArray(o) ? o.join(',') : o);
+    res.setHeader('Access-Control-Allow-Methods', methods);
+    res.setHeader('Access-Control-Allow-Headers', allowedHeaders);
+    if (credentials) res.setHeader('Access-Control-Allow-Credentials', 'true');
+    if (req.method === 'OPTIONS') { res.statusCode = 204; return res.end(); }
+    next();
+  };
+}
+module.exports = cors;
+module.exports.default = cors;
+`;
+  // morgan — minimal request logger
+  const morganShim = `
+function morgan(format) {
+  return function (req, res, next) {
+    const start = Date.now();
+    res.on('finish', () => {
+      const ms = Date.now() - start;
+      console.log(\`[\${new Date().toISOString()}] \${req.method} \${req.url} \${res.statusCode} \${ms}ms\`);
+    });
+    next();
+  };
+}
+morgan.token = () => morgan;
+morgan.format = () => morgan;
+module.exports = morgan;
+module.exports.default = morgan;
+`;
+  // body-parser — JSON + urlencoded
+  const bodyParserShim = `
+function readBody(req, limit) {
+  return new Promise((resolve, reject) => {
+    let data = '';
+    let size = 0;
+    req.on('data', (chunk) => {
+      size += chunk.length;
+      if (size > limit) { req.destroy(); return reject(new Error('Payload too large')); }
+      data += chunk;
+    });
+    req.on('end', () => resolve(data));
+    req.on('error', reject);
+  });
+}
+function jsonMw(opts) {
+  const limit = (opts && opts.limit) ? 1024 * 1024 * 10 : 1024 * 1024;
+  return async function (req, res, next) {
+    if (!/json/i.test(req.headers['content-type'] || '')) return next();
+    try { const raw = await readBody(req, limit); req.body = raw ? JSON.parse(raw) : {}; next(); }
+    catch (e) { res.statusCode = 400; res.end('Invalid JSON'); }
+  };
+}
+function urlencodedMw(opts) {
+  return async function (req, res, next) {
+    if (!/x-www-form-urlencoded/i.test(req.headers['content-type'] || '')) return next();
+    try {
+      const raw = await readBody(req, 1024 * 1024);
+      const body = {};
+      for (const pair of raw.split('&')) {
+        const [k, v] = pair.split('=').map(decodeURIComponent);
+        if (k) body[k] = v || '';
+      }
+      req.body = body;
+      next();
+    } catch (e) { res.statusCode = 400; res.end('Invalid form data'); }
+  };
+}
+const bp = { json: jsonMw, urlencoded: urlencodedMw, raw: () => (req, res, next) => next(), text: () => (req, res, next) => next() };
+module.exports = bp;
+module.exports.default = bp;
+`;
+  // cookie-parser
+  const cookieParserShim = `
+function parse(str) {
+  const out = {};
+  if (!str) return out;
+  for (const pair of str.split(';')) {
+    const idx = pair.indexOf('=');
+    if (idx < 0) continue;
+    const k = pair.slice(0, idx).trim();
+    const v = pair.slice(idx + 1).trim();
+    out[k] = decodeURIComponent(v);
+  }
+  return out;
+}
+function cookieParser() {
+  return function (req, res, next) { req.cookies = parse(req.headers.cookie || ''); next(); };
+}
+module.exports = cookieParser;
+module.exports.default = cookieParser;
+`;
+  // compression — pass-through (no-op middleware, real compression needs zlib)
+  const compressionShim = `
+function compression() { return function (req, res, next) { next(); }; }
+module.exports = compression;
+module.exports.default = compression;
+`;
+  // express-rate-limit — in-memory bucket
+  const rateLimitShim = `
+function rateLimit(opts) {
+  opts = opts || {};
+  const max = opts.max || 100;
+  const windowMs = opts.windowMs || 60_000;
+  const store = new Map();
+  return function (req, res, next) {
+    const key = (req.ip || req.headers['x-forwarded-for'] || req.socket.remoteAddress || 'anon') + ':' + (req.path || req.url || '/');
+    const now = Date.now();
+    const rec = store.get(key) || { count: 0, reset: now + windowMs };
+    if (now > rec.reset) { rec.count = 0; rec.reset = now + windowMs; }
+    rec.count++;
+    store.set(key, rec);
+    res.setHeader('X-RateLimit-Limit', String(max));
+    res.setHeader('X-RateLimit-Remaining', String(Math.max(0, max - rec.count)));
+    if (rec.count > max) { res.statusCode = 429; return res.end('Too many requests'); }
+    next();
+  };
+}
+module.exports = rateLimit;
+module.exports.default = rateLimit;
+`;
+  // jsonwebtoken — HS256 sign/verify (sandbox-grade, NOT for production secrets)
+  const jwtShim = `
+const crypto = require('crypto');
+function b64url(buf) { return Buffer.from(buf).toString('base64').replace(/\\+/g, '-').replace(/\\//g, '_').replace(/=+$/, ''); }
+function b64urlDecode(s) { s = s.replace(/-/g, '+').replace(/_/g, '/'); while (s.length % 4) s += '='; return Buffer.from(s, 'base64'); }
+function sign(payload, secret, opts) {
+  opts = opts || {};
+  const header = { alg: 'HS256', typ: 'JWT' };
+  const p = Object.assign({}, payload);
+  if (opts.expiresIn) {
+    const sec = typeof opts.expiresIn === 'string' ? parseInt(opts.expiresIn) * (opts.expiresIn.endsWith('h') ? 3600 : opts.expiresIn.endsWith('d') ? 86400 : opts.expiresIn.endsWith('m') ? 60 : 1) : opts.expiresIn;
+    p.exp = Math.floor(Date.now() / 1000) + sec;
+  }
+  const h = b64url(JSON.stringify(header));
+  const b = b64url(JSON.stringify(p));
+  const sig = b64url(crypto.createHmac('sha256', String(secret)).update(h + '.' + b).digest());
+  return h + '.' + b + '.' + sig;
+}
+function verify(token, secret) {
+  const parts = String(token).split('.');
+  if (parts.length !== 3) throw new Error('jwt malformed');
+  const [h, b, s] = parts;
+  const expected = b64url(crypto.createHmac('sha256', String(secret)).update(h + '.' + b).digest());
+  if (expected !== s) throw new Error('invalid signature');
+  const payload = JSON.parse(b64urlDecode(b).toString('utf-8'));
+  if (payload.exp && payload.exp < Math.floor(Date.now() / 1000)) throw new Error('jwt expired');
+  return payload;
+}
+function decode(token) { try { return JSON.parse(b64urlDecode(String(token).split('.')[1]).toString('utf-8')); } catch { return null; } }
+module.exports = { sign, verify, decode };
+module.exports.default = module.exports;
+`;
+  // bcryptjs — pbkdf2-based, NOT real bcrypt (sandbox-grade)
+  const bcryptShim = `
+const crypto = require('crypto');
+function hashSync(pwd, rounds) {
+  const salt = crypto.randomBytes(16);
+  const iter = Math.pow(2, Math.min(rounds || 10, 14));
+  const hash = crypto.pbkdf2Sync(String(pwd), salt, iter, 32, 'sha256');
+  return '$nha$' + iter + '$' + salt.toString('base64') + '$' + hash.toString('base64');
+}
+function compareSync(pwd, stored) {
+  const m = String(stored).match(/^\\$nha\\$(\\d+)\\$([^$]+)\\$(.+)$/);
+  if (!m) return false;
+  const iter = parseInt(m[1]);
+  const salt = Buffer.from(m[2], 'base64');
+  const expected = Buffer.from(m[3], 'base64');
+  const actual = crypto.pbkdf2Sync(String(pwd), salt, iter, 32, 'sha256');
+  return crypto.timingSafeEqual(expected, actual);
+}
+async function hash(pwd, rounds) { return hashSync(pwd, rounds); }
+async function compare(pwd, stored) { return compareSync(pwd, stored); }
+function genSaltSync() { return 10; }
+async function genSalt() { return 10; }
+module.exports = { hash, hashSync, compare, compareSync, genSalt, genSaltSync };
+module.exports.default = module.exports;
+`;
+  // uuid — v4 only
+  const uuidShim = `
+const crypto = require('crypto');
+function v4() {
+  const b = crypto.randomBytes(16);
+  b[6] = (b[6] & 0x0f) | 0x40;
+  b[8] = (b[8] & 0x3f) | 0x80;
+  const h = b.toString('hex');
+  return h.slice(0, 8) + '-' + h.slice(8, 12) + '-' + h.slice(12, 16) + '-' + h.slice(16, 20) + '-' + h.slice(20);
+}
+function v1() { return v4(); }
+function validate(s) { return /^[0-9a-f]{8}-[0-9a-f]{4}-[1-5][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$/i.test(String(s)); }
+module.exports = { v1, v4, validate };
+module.exports.default = module.exports;
+`;
-  fs.writeFileSync(path.join(shimDir, 'pg.js'), pgShim, 'utf-8');
-  fs.writeFileSync(path.join(shimDir, 'redis.js'), redisShim, 'utf-8');
-  fs.writeFileSync(path.join(shimDir, 'helmet.js'), helmetShim, 'utf-8');
-  fs.writeFileSync(path.join(shimDir, 'ioredis.js'), redisShim, 'utf-8');
-  fs.writeFileSync(path.join(shimDir, 'mongoose.js'), noopShim, 'utf-8');
-  fs.writeFileSync(path.join(shimDir, 'sequelize.js'), noopShim, 'utf-8');
+  // lodash — minimal subset (the 95th-percentile-used functions)
+  const lodashShim = `
+const _ = {};
+_.isArray = Array.isArray;
+_.isObject = (x) => x !== null && typeof x === 'object';
+_.isString = (x) => typeof x === 'string';
+_.isNumber = (x) => typeof x === 'number' && !isNaN(x);
+_.isFunction = (x) => typeof x === 'function';
+_.isEmpty = (x) => x == null || (Array.isArray(x) && x.length === 0) || (typeof x === 'object' && Object.keys(x).length === 0) || (typeof x === 'string' && x.length === 0);
+_.get = (obj, path, def) => {
+  const keys = Array.isArray(path) ? path : String(path).split('.');
+  let cur = obj;
+  for (const k of keys) { if (cur == null) return def; cur = cur[k]; }
+  return cur === undefined ? def : cur;
+};
+_.set = (obj, path, val) => {
+  const keys = Array.isArray(path) ? path : String(path).split('.');
+  let cur = obj;
+  for (let i = 0; i < keys.length - 1; i++) { if (cur[keys[i]] == null) cur[keys[i]] = {}; cur = cur[keys[i]]; }
+  cur[keys[keys.length - 1]] = val;
+  return obj;
+};
+_.cloneDeep = (x) => JSON.parse(JSON.stringify(x));
+_.merge = (target, ...sources) => Object.assign(target, ...sources);
+_.pick = (obj, keys) => keys.reduce((o, k) => (k in obj ? (o[k] = obj[k], o) : o), {});
+_.omit = (obj, keys) => Object.keys(obj).reduce((o, k) => (!keys.includes(k) ? (o[k] = obj[k], o) : o), {});
+_.uniq = (arr) => [...new Set(arr)];
+_.uniqBy = (arr, fn) => { const seen = new Set(); return arr.filter(x => { const k = typeof fn === 'function' ? fn(x) : x[fn]; if (seen.has(k)) return false; seen.add(k); return true; }); };
+_.chunk = (arr, n) => { const out = []; for (let i = 0; i < arr.length; i += n) out.push(arr.slice(i, i + n)); return out; };
+_.flatten = (arr) => arr.flat();
+_.flattenDeep = (arr) => arr.flat(Infinity);
+_.groupBy = (arr, fn) => arr.reduce((o, x) => { const k = typeof fn === 'function' ? fn(x) : x[fn]; (o[k] = o[k] || []).push(x); return o; }, {});
+_.sortBy = (arr, fn) => [...arr].sort((a, b) => { const av = typeof fn === 'function' ? fn(a) : a[fn]; const bv = typeof fn === 'function' ? fn(b) : b[fn]; return av < bv ? -1 : av > bv ? 1 : 0; });
+_.keyBy = (arr, fn) => arr.reduce((o, x) => { o[typeof fn === 'function' ? fn(x) : x[fn]] = x; return o; }, {});
+_.debounce = (fn, wait) => { let t; return function (...args) { clearTimeout(t); t = setTimeout(() => fn.apply(this, args), wait); }; };
+_.throttle = (fn, wait) => { let last = 0; return function (...args) { const now = Date.now(); if (now - last >= wait) { last = now; fn.apply(this, args); } }; };
+_.range = (start, end, step) => { if (end === undefined) { end = start; start = 0; } step = step || 1; const out = []; for (let i = start; step > 0 ? i < end : i > end; i += step) out.push(i); return out; };
+_.sum = (arr) => arr.reduce((a, b) => a + b, 0);
+_.mean = (arr) => arr.length ? _.sum(arr) / arr.length : 0;
+_.max = (arr) => arr.length ? Math.max(...arr) : undefined;
+_.min = (arr) => arr.length ? Math.min(...arr) : undefined;
+_.capitalize = (s) => String(s).charAt(0).toUpperCase() + String(s).slice(1).toLowerCase();
+_.camelCase = (s) => String(s).replace(/[-_\\s]+(.)?/g, (_m, c) => c ? c.toUpperCase() : '');
+_.kebabCase = (s) => String(s).replace(/([a-z])([A-Z])/g, '$1-$2').replace(/[\\s_]+/g, '-').toLowerCase();
+_.snakeCase = (s) => String(s).replace(/([a-z])([A-Z])/g, '$1_$2').replace(/[\\s-]+/g, '_').toLowerCase();
+module.exports = _;
+module.exports.default = _;
+`;
-  // Shim index — overrides require() for known modules via Module._resolveFilename
+  // debug — namespace-aware logger
+  const debugShim = `
+const enabled = (process.env.DEBUG || '').split(',').filter(Boolean);
+function isEnabled(ns) { return enabled.some(p => p === '*' || ns === p || (p.endsWith('*') && ns.startsWith(p.slice(0, -1)))); }
+function debug(namespace) {
+  const fn = function (...args) { if (isEnabled(namespace)) console.error('[' + namespace + ']', ...args); };
+  fn.namespace = namespace;
+  fn.enabled = isEnabled(namespace);
+  fn.extend = (ns) => debug(namespace + ':' + ns);
+  return fn;
+}
+debug.enable = (ns) => { enabled.push(...ns.split(',')); };
+debug.disable = () => { enabled.length = 0; };
+module.exports = debug;
+module.exports.default = debug;
+`;
+  // chalk — ANSI color codes
+  const chalkShim = `
+const codes = { reset: [0, 0], bold: [1, 22], dim: [2, 22], italic: [3, 23], underline: [4, 24],
+  black: [30, 39], red: [31, 39], green: [32, 39], yellow: [33, 39], blue: [34, 39], magenta: [35, 39], cyan: [36, 39], white: [37, 39], gray: [90, 39],
+  bgBlack: [40, 49], bgRed: [41, 49], bgGreen: [42, 49], bgYellow: [43, 49], bgBlue: [44, 49] };
+function wrap(open, close, text) { return '\\x1b[' + open + 'm' + text + '\\x1b[' + close + 'm'; }
+function build(styles) {
+  const fn = function (...args) {
+    let s = args.join(' ');
+    for (let i = styles.length - 1; i >= 0; i--) { const [o, c] = codes[styles[i]]; s = wrap(o, c, s); }
+    return s;
+  };
+  for (const k of Object.keys(codes)) Object.defineProperty(fn, k, { get: () => build([...styles, k]) });
+  return fn;
+}
+const chalk = build([]);
+chalk.level = 1;
+chalk.supportsColor = { level: 1, hasBasic: true };
+module.exports = chalk;
+module.exports.default = chalk;
+`;
+  // multer — file upload middleware (no-op, no actual disk write)
+  const multerShim = `
+function multer(opts) {
+  return {
+    single: () => (req, res, next) => { req.file = null; next(); },
+    array: () => (req, res, next) => { req.files = []; next(); },
+    fields: () => (req, res, next) => { req.files = {}; next(); },
+    any: () => (req, res, next) => { req.files = []; next(); },
+    none: () => (req, res, next) => next(),
+  };
+}
+multer.diskStorage = (opts) => ({ _kind: 'disk', opts });
+multer.memoryStorage = () => ({ _kind: 'memory' });
+module.exports = multer;
+module.exports.default = multer;
+`;
+  // axios — minimal fetch-based replacement
+  const axiosShim = `
+async function request(config) {
+  const url = typeof config === 'string' ? config : config.url;
+  const method = (typeof config === 'object' && config.method) || 'GET';
+  const headers = (typeof config === 'object' && config.headers) || {};
+  const body = typeof config === 'object' ? config.data : undefined;
+  const init = { method, headers: { ...headers }, };
+  if (body !== undefined) {
+    if (typeof body === 'object' && !(body instanceof URLSearchParams)) {
+      init.body = JSON.stringify(body);
+      if (!init.headers['Content-Type']) init.headers['Content-Type'] = 'application/json';
+    } else { init.body = body; }
+  }
+  const res = await fetch(url, init);
+  const ct = res.headers.get('content-type') || '';
+  const data = ct.includes('json') ? await res.json().catch(() => null) : await res.text();
+  if (res.status >= 400) { const err = new Error('Request failed with status code ' + res.status); err.response = { status: res.status, data, headers: Object.fromEntries(res.headers) }; throw err; }
+  return { data, status: res.status, statusText: res.statusText, headers: Object.fromEntries(res.headers) };
+}
+const axios = function (config) { return request(config); };
+axios.request = request;
+axios.get = (url, config) => request({ ...config, url, method: 'GET' });
+axios.post = (url, data, config) => request({ ...config, url, method: 'POST', data });
+axios.put = (url, data, config) => request({ ...config, url, method: 'PUT', data });
+axios.patch = (url, data, config) => request({ ...config, url, method: 'PATCH', data });
+axios.delete = (url, config) => request({ ...config, url, method: 'DELETE' });
+axios.create = (defaults) => axios;
+module.exports = axios;
+module.exports.default = axios;
+`;
+  // Generic no-op shim — deeply chainable proxy. Survives any .a().b.c().d
+  // access chain because every get/apply returns another proxy of the same shape.
+  const noopShim = `
+const noop = function () {};
+const handler = {
+  get(target, prop) {
+    if (prop === 'then' || prop === Symbol.toPrimitive || prop === Symbol.iterator) return undefined;
+    if (prop === 'default') return proxy;
+    if (prop === 'toString') return () => '[nha-noop]';
+    return proxy;
+  },
+  apply() { return proxy; },
+  construct() { return proxy; },
+};
+const proxy = new Proxy(noop, handler);
+module.exports = proxy;
+module.exports.default = proxy;
+`;
+  const shimFiles = {
+    'pg.js': pgShim,
+    'redis.js': redisShim,
+    'ioredis.js': redisShim,
+    'helmet.js': helmetShim,
+    'mongoose.js': noopShim,
+    'sequelize.js': noopShim,
+    'dotenv.js': dotenvShim,
+    'cors.js': corsShim,
+    'morgan.js': morganShim,
+    'body-parser.js': bodyParserShim,
+    'cookie-parser.js': cookieParserShim,
+    'compression.js': compressionShim,
+    'express-rate-limit.js': rateLimitShim,
+    'jsonwebtoken.js': jwtShim,
+    'bcryptjs.js': bcryptShim,
+    'bcrypt.js': bcryptShim,
+    'uuid.js': uuidShim,
+    'lodash.js': lodashShim,
+    'debug.js': debugShim,
+    'chalk.js': chalkShim,
+    'multer.js': multerShim,
+    'axios.js': axiosShim,
+    'noop.js': noopShim,
+  };
+  for (const [name, content] of Object.entries(shimFiles)) {
+    fs.writeFileSync(path.join(shimDir, name), content, 'utf-8');
+  }
+  // Shim index — only activates a shim if the REAL package is missing.
+  // This lets a project that has its own dotenv/cors/etc. installed use the
+  // real implementation, and only falls back to our shim when resolution fails.
+  // Also supports NHA_OFFLINE_SHIM=1 to no-op any unresolvable module.
+  const shimList = JSON.stringify(Object.keys(shimFiles).filter(f => f !== 'noop.js').map(f => f.replace(/\.js$/, '')));
   const shimIndex = `
 const Module = require('module');
 const path = require('path');
 const __shimDir = ${JSON.stringify(shimDir)};
+const SHIM_NAMES = new Set(${shimList});
+const ALIAS = { 'bcrypt': 'bcryptjs' };
+const OFFLINE = process.env.NHA_OFFLINE_SHIM === '1';
+const _original = Module._resolveFilename.bind(Module);
-const SHIMS = {
-  'pg': path.join(__shimDir, 'pg.js'),
-  'redis': path.join(__shimDir, 'redis.js'),
-  'ioredis': path.join(__shimDir, 'redis.js'),
-  'helmet': path.join(__shimDir, 'helmet.js'),
-  'mongoose': path.join(__shimDir, 'mongoose.js'),
-  'sequelize': path.join(__shimDir, 'sequelize.js'),
-};
+function shimPath(name) {
+  const f = (ALIAS[name] || name) + '.js';
+  return path.join(__shimDir, f);
+}
-const _original = Module._resolveFilename.bind(Module);
 Module._resolveFilename = function(request, parent, isMain, options) {
-  if (SHIMS[request]) return SHIMS[request];
-  return _original(request, parent, isMain, options);
+  try {
+    return _original(request, parent, isMain, options);
+  } catch (err) {
+    if (err && err.code === 'MODULE_NOT_FOUND') {
+      if (SHIM_NAMES.has(request) || ALIAS[request]) {
+        return shimPath(request);
+      }
+      if (OFFLINE && !request.startsWith('.') && !request.startsWith('/') && !request.startsWith('node:')) {
+        try { console.error('[nha-shim] offline-noop for missing module: ' + request); } catch {}
+        return path.join(__shimDir, 'noop.js');
+      }
+    }
+    throw err;
+  }
 };
 `;
   fs.writeFileSync(path.join(shimDir, 'index.js'), shimIndex, 'utf-8');

package/src/services/message-responder.mjs CHANGED Viewed

@@ -774,6 +774,43 @@ class TelegramResponder {
     this.log('[Telegram] Responder stopped');
   }
+  /**
+   * Send a Telegram message that may exceed the 4096-char API limit.
+   * Splits on paragraph/line boundaries when possible, never on a multi-byte
+   * sequence. Sends in order with a small delay to avoid rate-limit 429.
+   * Returns the array of message IDs sent.
+   */
+  async _sendMessageSafe(chatId, text, extraOpts = {}) {
+    const TG_MAX = 4000; // safety margin from 4096 to account for emoji weight
+    const str = String(text == null ? '' : text);
+    if (str.length <= TG_MAX) {
+      return [await this._telegramCall('sendMessage', { chat_id: chatId, text: str, ...extraOpts })];
+    }
+    // Split intelligently: try paragraph breaks, then lines, then hard slice.
+    const chunks = [];
+    let remaining = str;
+    while (remaining.length > TG_MAX) {
+      let cutAt = remaining.lastIndexOf('\n\n', TG_MAX);
+      if (cutAt < TG_MAX / 2) cutAt = remaining.lastIndexOf('\n', TG_MAX);
+      if (cutAt < TG_MAX / 2) cutAt = remaining.lastIndexOf(' ', TG_MAX);
+      if (cutAt < TG_MAX / 2) cutAt = TG_MAX;
+      chunks.push(remaining.slice(0, cutAt).trim());
+      remaining = remaining.slice(cutAt).trim();
+    }
+    if (remaining) chunks.push(remaining);
+    const ids = [];
+    for (let i = 0; i < chunks.length; i++) {
+      const part = chunks.length > 1 ? `(${i + 1}/${chunks.length})\n${chunks[i]}` : chunks[i];
+      try {
+        ids.push(await this._telegramCall('sendMessage', { chat_id: chatId, text: part, ...extraOpts }));
+      } catch (e) {
+        this.log(`[Telegram] sendMessage chunk ${i + 1}/${chunks.length} failed: ${e.message}`);
+      }
+      await this._sleep(180); // avoid 429 rate limit
+    }
+    return ids;
+  }
   async _scheduleUpdateCheck() {
     await this._checkAndNotifyUpdate();
     await this._checkLocalUpdateAndRestart();
@@ -834,14 +871,10 @@ class TelegramResponder {
       for (const chatId of chatIds) {
         try {
-          await this._telegramCall('sendMessage', {
-            chat_id: parseInt(chatId, 10),
-            text: msg,
-          });
+          await this._sendMessageSafe(parseInt(chatId, 10), msg);
         } catch {
           // User blocked bot or chat no longer exists — ignore
         }
-        // Small delay to avoid Telegram rate limits
         await this._sleep(300);
       }
     } catch (err) {
@@ -1037,12 +1070,11 @@ class TelegramResponder {
         const prefix = personaMode === 'persona-only' && personaName ? ''
                      : personaName ? `[${personaName}]\n\n`
                      : `[HERALD]\n\n`;
-        await this._telegramCall('sendMessage', { chat_id: chatId, text: prefix + truncated });
+        await this._sendMessageSafe(chatId, prefix + description);
         this.log(`[Telegram] Image vision response to ${fromUser} (${buf.length} bytes, ${description.length} chars)`);
       } catch (err) {
         this.log(`[Telegram] Vision failed: ${err.message}`);
-        await this._telegramCall('sendMessage', { chat_id: chatId,
-          text: `Non riesco ad analizzare l'immagine: ${err.message}` }).catch(() => {});
+        await this._sendMessageSafe(chatId, `Non riesco ad analizzare l'immagine: ${err.message}`).catch(() => {});
       }
       return;
     }
@@ -1055,16 +1087,13 @@ class TelegramResponder {
         await this._telegramCall('sendChatAction', { chat_id: chatId, action: 'typing' });
         rawText = await this._transcribeVoice(fileId);
         if (!rawText.trim()) {
-          await this._telegramCall('sendMessage', { chat_id: chatId, text: 'Non ho capito il vocale. Riprova.' });
+          await this._sendMessageSafe(chatId, 'Non ho capito il vocale. Riprova.');
           return;
         }
         this.log(`[Telegram] Voice transcribed for ${fromUser}: "${rawText.slice(0, 80)}"`);
       } catch (err) {
         this.log(`[Telegram] Voice transcription failed: ${err.message}`);
-        await this._telegramCall('sendMessage', {
-          chat_id: chatId,
-          text: `Non riesco a trascrivere il vocale (${err.message}).\n\nPer abilitare la trascrizione vocale gratuita, dal computer esegui:\nnha config set groqKey TUA_CHIAVE_GROQ\n\nLa chiave si ottiene gratis su https://console.groq.com/keys`,
-        });
+        await this._sendMessageSafe(chatId, `Non riesco a trascrivere il vocale (${err.message}).\n\nPer abilitare la trascrizione vocale gratuita, dal computer esegui:\nnha config set groqKey TUA_CHIAVE_GROQ\n\nLa chiave si ottiene gratis su https://console.groq.com/keys`);
         return;
       }
     }
@@ -1082,10 +1111,7 @@ class TelegramResponder {
     // If voice: show transcription so user knows what was understood
     if (isVoice) {
-      await this._telegramCall('sendMessage', {
-        chat_id: chatId,
-        text: `🎤 "${cleanText}"`,
-      }).catch(() => {});
+      await this._sendMessageSafe(chatId, `🎤 "${cleanText}"`).catch(() => {});
     }
     this.pendingRequests++;
@@ -1183,7 +1209,7 @@ class TelegramResponder {
             } else {
               reply = `[HERALD]\n\n${directResult.message}`;
             }
-            await this._telegramCall('sendMessage', { chat_id: chatId, text: reply });
+            await this._sendMessageSafe(chatId, reply);
             // Update rolling memory + reset pending action (so a follow-up
             // "Si" doesn't try to delete a second time).
@@ -1310,7 +1336,7 @@ class TelegramResponder {
           } else {
             reply = `[HERALD]\n\n${directFresh.message}`;
           }
-          await this._telegramCall('sendMessage', { chat_id: chatId, text: reply });
+          await this._sendMessageSafe(chatId, reply);
           const MAX = 20;
           const prevLog = (lastCtx && Array.isArray(lastCtx.conversationLog)) ? lastCtx.conversationLog : [];
           this._lastContextByChatId[chatId] = {
@@ -1437,19 +1463,13 @@ class TelegramResponder {
         prefixedText = `[${agentLabel}]\n\n${truncated}`;
       }
-      await this._telegramCall('sendMessage', {
-        chat_id: chatId,
-        text: prefixedText,
-      });
+      await this._sendMessageSafe(chatId, prefixedText);
       this.log(`[Telegram] Responded to ${fromUser} via ${agentLabel}${personaName ? ` (as "${personaName}")` : ''} (${responseText.length} chars)${isCompletedAction(responseText) ? ' [action completed — context reset]' : ''}`);
     } catch (err) {
       this.log(`[Telegram] Agent call failed: ${err.message}`);
       // Send error message to user
-      await this._telegramCall('sendMessage', {
-        chat_id: chatId,
-        text: `Error: ${err.message}`,
-      }).catch(() => {});
+      await this._sendMessageSafe(chatId, `Error: ${err.message}`).catch(() => {});
     } finally {
       this.pendingRequests--;
     }
@@ -2598,6 +2618,63 @@ class TelegramResponder {
     const chatId = this._lastDirectAuditChatId;
     const { executeTool: _executeToolPre } = await import('./tool-executor.mjs');
+    // ─── PAGINATION: "mostra i prossimi / vai avanti / i restanti" ─────────
+    // Deterministic next-page fetch from the cached lastCalendarEvents instead
+    // of letting the LLM hallucinate "the remaining events" (Giovanni
+    // Santaniello's bug: NHA inventing fake events when asked for page 2).
+    const isPaginationRequest = /\b(mostra(?:mi)?\s+(?:i\s+)?(?:prossimi|altri|restanti|seguenti)|vai\s+avanti|continua\s+(?:l[ai']\s+)?(?:lista|elenco)|i\s+(?:prossimi|altri|restanti|seguenti)\s+\d*|gli\s+altri|dammi\s+(?:i\s+)?(?:prossimi|restanti|altri)|next\s+page|next\s+\d+|show\s+more|continue\b)/i.test(userMessage);
+    if (isPaginationRequest) {
+      // Pull from list-cache (works across all kinds) — calendar first.
+      try {
+        const cacheFile = path.join(os.homedir(), '.nha', 'list-cache.json');
+        if (fs.existsSync(cacheFile)) {
+          const cache = JSON.parse(fs.readFileSync(cacheFile, 'utf-8'));
+          // Find the most recent calendar list across all chats
+          let allItems = []; let shown = 0; let foundChatKey = null;
+          for (const [k, v] of Object.entries(cache)) {
+            if (Array.isArray(v?.lastList_calendar) && v.lastList_calendar.length > 0) {
+              if (!foundChatKey || (v.lastList_calendar_at || 0) > (cache[foundChatKey]?.lastList_calendar_at || 0)) {
+                foundChatKey = k;
+                allItems = v.lastList_calendar;
+                shown = v.lastList_calendar_shownCount || 0;
+              }
+            }
+          }
+          if (allItems.length > 0 && shown < allItems.length) {
+            // Page size from regex capture or default 8
+            const numMatch = userMessage.match(/\b(\d+)\b/);
+            const pageSize = numMatch ? Math.min(parseInt(numMatch[1], 10), 20) : 8;
+            const nextSlice = allItems.slice(shown, shown + pageSize);
+            const lines = [`📅 Eventi ${shown + 1}-${shown + nextSlice.length} di ${allItems.length}:`];
+            const byDay = new Map();
+            for (const e of nextSlice) {
+              const day = e.date || (e.start || '').slice(0, 10) || 'misc';
+              if (!byDay.has(day)) byDay.set(day, []);
+              byDay.get(day).push(e);
+            }
+            for (const [day, evs] of [...byDay.entries()].sort()) {
+              const d = day !== 'misc' ? new Date(day + 'T12:00:00').toLocaleDateString('it-IT', { weekday: 'short', day: 'numeric', month: 'short' }) : '';
+              if (d) lines.push(`\n${d}:`);
+              for (const e of evs) lines.push(`  ${e.time || '—'} — ${e.summary}`);
+            }
+            const newShown = shown + nextSlice.length;
+            const remaining = allItems.length - newShown;
+            if (remaining > 0) lines.push(`\n... ${remaining} eventi rimanenti. Scrivi "mostra i prossimi" per continuare.`);
+            else lines.push(`\n✓ Fine elenco.`);
+            // Update shownCount in cache
+            cache[foundChatKey].lastList_calendar_shownCount = newShown;
+            fs.writeFileSync(cacheFile, JSON.stringify(cache, null, 2));
+            this.log(`[direct] PAGINATION calendar: shown ${shown}→${newShown} of ${allItems.length}`);
+            return { action: 'calendar_page', success: true, message: lines.join('\n') };
+          }
+          if (allItems.length > 0 && shown >= allItems.length) {
+            return { action: 'calendar_page', success: true, message: '✓ Hai già visto tutti gli eventi. Scrivi "appuntamenti di oggi/settimana/maggio" per una nuova ricerca.' };
+          }
+        }
+      } catch (e) { this.log(`[direct] pagination failed: ${e.message}`); }
+      // Fall through if no cached list
+    }
     // ─── ANAPHORIC delete + CONFIRMATION yes ────────────────────────────────
     // If the previous turn ran a LIST/LAST-SHOWN and the user now says
     // "cancellalo / eliminalo / quello / si / conferma / fallo", resolve the
@@ -2875,6 +2952,16 @@ class TelegramResponder {
       const runListAndRemember = async (toolName, args, actionKey) => {
         try {
           const out = await executeTool(toolName, args, config);
+          // Reset pagination state for this kind: a NEW list starts fresh.
+          try {
+            const cacheFile = path.join(os.homedir(), '.nha', 'list-cache.json');
+            if (fs.existsSync(cacheFile)) {
+              const cache = JSON.parse(fs.readFileSync(cacheFile, 'utf-8'));
+              const persistKey = chatId || '__last_list__';
+              if (cache[persistKey]) delete cache[persistKey].lastList_calendar_shownCount;
+              fs.writeFileSync(cacheFile, JSON.stringify(cache, null, 2));
+            }
+          } catch {}
           // Parse from text first (cheap, works when tools include event IDs).
           let events = this._parseEventsFromToolOutput(String(out));
           // Fallback: tools like calendar_month don't print event IDs in their
@@ -2909,6 +2996,37 @@ class TelegramResponder {
           };
           this.log(`[direct] LIST stored: chatId=${persistKey} eventsCount=${events.length} tool=${toolName}`);
           try { saveTelegramContext(this._lastContextByChatId); } catch (e) { this.log(`[direct] persist FAILED: ${e.message}`); }
+          // ── PAGINATION CAP (Giovanni's bug, v16.0.23) ──
+          // Telegram limits messages to 4096 chars. If the list has many events,
+          // show first 8 with footer "scrivi 'mostra i prossimi' per continuare"
+          // and persist shownCount in list-cache so pagination is deterministic.
+          const PAGE_SIZE = 8;
+          if (events.length > PAGE_SIZE) {
+            const firstPage = events.slice(0, PAGE_SIZE);
+            const lines = [`📅 ${firstPage.length} eventi (di ${events.length} totali):`];
+            const byDay = new Map();
+            for (const e of firstPage) {
+              const day = e.date || (e.start || '').slice(0, 10) || 'misc';
+              if (!byDay.has(day)) byDay.set(day, []);
+              byDay.get(day).push(e);
+            }
+            for (const [day, evs] of [...byDay.entries()].sort()) {
+              const d = day !== 'misc' ? new Date(day + 'T12:00:00').toLocaleDateString('it-IT', { weekday: 'short', day: 'numeric', month: 'short' }) : '';
+              if (d) lines.push(`\n${d}:`);
+              for (const e of evs) lines.push(`  ${e.time || '—'} — ${e.summary}`);
+            }
+            lines.push(`\n... ${events.length - PAGE_SIZE} eventi rimanenti. Scrivi "mostra i prossimi" per continuare.`);
+            // Mark shownCount in list-cache so the pagination handler picks up from here.
+            try {
+              const cacheFile = path.join(os.homedir(), '.nha', 'list-cache.json');
+              const cache = fs.existsSync(cacheFile) ? JSON.parse(fs.readFileSync(cacheFile, 'utf-8')) : {};
+              cache[persistKey] = cache[persistKey] || {};
+              cache[persistKey].lastList_calendar_shownCount = PAGE_SIZE;
+              fs.writeFileSync(cacheFile, JSON.stringify(cache, null, 2));
+            } catch {}
+            return { action: actionKey, success: true, message: lines.join('\n') };
+          }
           return { action: actionKey, success: true, message: String(out) };
         } catch (e) { return { action: actionKey, success: false, message: `Errore: ${e.message}` }; }
       };