nothumanallowed 9.5.2 → 9.7.0

package/src/config.mjs

@@ -283,8 +283,6 @@ export function setConfigValue(key, value) {
     'my-role': 'profile.role',
     'role': 'profile.role',
     'profile-notes': 'profile.notes',
-    'language': 'language',
-    'lang': 'language',
   };
 
   const resolved = aliases[key] || key;

package/src/constants.mjs

@@ -5,7 +5,7 @@ import { fileURLToPath } from 'url';
 const __filename = fileURLToPath(import.meta.url);
 const __dirname = path.dirname(__filename);
 
-export const VERSION = '9.5.2';
+export const VERSION = '9.7.0';
 export const BASE_URL = 'https://nothumanallowed.com/cli';
 export const API_BASE = 'https://nothumanallowed.com/api/v1';
 

package/src/services/google-oauth.mjs

@@ -11,9 +11,8 @@ import os from 'os';
 import { saveTokens, loadTokens, deleteTokens } from './token-store.mjs';
 import { info, ok, fail, warn } from '../ui.mjs';
 
-// NHA published OAuth client — same credentials as the mobile app
-const DEFAULT_CLIENT_ID = '740354841334-o0l6rhkn900jtjtfcls3bkr2n9f1l3tt.apps.googleusercontent.com';
-const DEFAULT_CLIENT_SECRET = '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';
+// NHA published OAuth client (Desktop app type — client_id is not a secret)
+const DEFAULT_CLIENT_ID = ''; // Will be set when Google Cloud project is verified
 const SCOPES = [
   'https://www.googleapis.com/auth/gmail.modify',
   'https://www.googleapis.com/auth/gmail.send',
@@ -80,7 +79,7 @@ function waitForCallback(state, port) {
         return;
       }
 
-      if (!code || !returnedState?.startsWith(state.split('|')[0])) {
+      if (!code || returnedState !== state) {
         res.writeHead(400, { 'Content-Type': 'text/html' });
         res.end('<html><body><h2>Invalid callback</h2><p>Missing code or state mismatch.</p></body></html>');
         server.close();
@@ -160,7 +159,20 @@ async function getUserEmail(accessToken) {
  */
 export async function runAuthFlow(config) {
   const clientId = config.google?.clientId || DEFAULT_CLIENT_ID;
-  const clientSecret = config.google?.clientSecret || DEFAULT_CLIENT_SECRET;
+  const clientSecret = config.google?.clientSecret || '';
+
+  if (!clientId) {
+    fail('Google OAuth client ID not configured.');
+    info('Get credentials from Google Cloud Console:');
+    info('  1. Go to https://console.cloud.google.com/apis/credentials');
+    info('  2. Create an OAuth 2.0 Client ID (Desktop app type)');
+    info('  3. Enable Gmail API and Calendar API');
+    info('  4. Run:');
+    info('     nha config set google-client-id YOUR_CLIENT_ID');
+    info('     nha config set google-client-secret YOUR_CLIENT_SECRET');
+    info('  5. Run: nha google auth');
+    return false;
+  }
 
   // Find available port
   let port = 0;
@@ -180,16 +192,13 @@ export async function runAuthFlow(config) {
     return false;
   }
 
-  // Use our server as OAuth redirect (same as mobile app)
-  // The callback page extracts the code and redirects to localhost
-  const serverRedirectUri = 'https://nothumanallowed.com/auth/callback';
-  const localCallbackUrl = `http://127.0.0.1:${port}/callback`;
+  const redirectUri = `http://127.0.0.1:${port}/callback`;
   const { verifier, challenge } = generatePKCE();
-  const state = crypto.randomBytes(32).toString('hex') + `|localhost:${port}`;
+  const state = crypto.randomBytes(32).toString('hex');
 
   const authUrl = new URL('https://accounts.google.com/o/oauth2/v2/auth');
   authUrl.searchParams.set('client_id', clientId);
-  authUrl.searchParams.set('redirect_uri', serverRedirectUri);
+  authUrl.searchParams.set('redirect_uri', redirectUri);
   authUrl.searchParams.set('response_type', 'code');
   authUrl.searchParams.set('scope', SCOPES);
   authUrl.searchParams.set('state', state);
@@ -206,7 +215,7 @@ export async function runAuthFlow(config) {
     const { code } = await waitForCallback(state, port);
     info('Authorization code received. Exchanging for tokens...');
 
-    const tokenData = await exchangeCode(code, verifier, clientId, clientSecret, serverRedirectUri);
+    const tokenData = await exchangeCode(code, verifier, clientId, clientSecret, redirectUri);
     const email = await getUserEmail(tokenData.access_token);
 
     const tokens = {

package/src/services/llm.mjs

@@ -276,141 +276,110 @@ export async function callLLM(config, systemPrompt, userMessage, opts = {}) {
 }
 
 /**
- * Call an LLM provider with streaming enabled.
- * Calls onToken(chunk) for each token, returns full text at the end.
- * @returns {Promise<string>} The full LLM response text.
+ * Call LLM with multimodal (vision) messages — supports image content.
+ * Uses the provider's native vision format.
+ * @param {object} config
+ * @param {Array} messages - Array of { role, content } where content can be string or array of content blocks
+ * @returns {Promise<string>}
  */
-export async function callLLMStream(config, systemPrompt, userMessage, onToken, opts = {}) {
-  const provider = opts.provider || config.llm.provider || 'anthropic';
-  const model = opts.model || config.llm.model || null;
+export async function callLLMVision(config, messages) {
+  const provider = config.llm.provider || 'anthropic';
+  const model = config.llm.model || null;
   const apiKey = getApiKey(config, provider);
-  if (!apiKey) throw new Error(`No API key for ${provider}`);
-
-  const callFn = getProviderCall(provider);
-  if (!callFn) throw new Error(`Unknown provider: ${provider}`);
-
-  // Gemini and Cohere don't support streaming — fall back to non-streaming
-  if (provider === 'gemini' || provider === 'cohere') {
-    const text = await callFn(apiKey, model, systemPrompt, userMessage, false);
-    if (onToken) onToken(text);
-    return text;
-  }
-
-  const format = provider === 'anthropic' ? 'anthropic' : 'openai';
-  const body = buildRequestBody(provider, model, systemPrompt, userMessage, true);
-  const url = getProviderUrl(provider, model, apiKey);
-  const headers = getProviderHeaders(provider, apiKey);
-
-  const res = await fetch(url, {
-    method: 'POST',
-    headers,
-    body: JSON.stringify(body),
-  });
-  if (!res.ok) {
-    const err = await res.text();
-    throw new Error(`${provider} ${res.status}: ${err}`);
-  }
-
-  return streamSSEWithCallback(res, format, onToken);
-}
+  if (!apiKey) throw new Error(`No API key for ${provider}. Vision requires Claude, GPT-4, or Gemini.`);
 
-/** Build request body for a provider */
-function buildRequestBody(provider, model, systemPrompt, userMessage, stream) {
   if (provider === 'anthropic') {
-    return {
+    // Anthropic format: system separate, messages with content blocks
+    const systemMsg = messages.find(m => m.role === 'system');
+    const userMsgs = messages.filter(m => m.role !== 'system');
+
+    // Convert OpenAI-style image_url to Anthropic format
+    const anthropicMessages = userMsgs.map(m => {
+      if (typeof m.content === 'string') return m;
+      const blocks = m.content.map(block => {
+        if (block.type === 'text') return block;
+        if (block.type === 'image_url') {
+          const url = block.image_url.url;
+          const match = url.match(/^data:image\/(png|jpeg|gif|webp);base64,(.+)$/);
+          if (match) {
+            return { type: 'image', source: { type: 'base64', media_type: `image/${match[1]}`, data: match[2] } };
+          }
+        }
+        return block;
+      });
+      return { role: m.role, content: blocks };
+    });
+
+    const body = {
       model: model || 'claude-sonnet-4-20250514',
-      max_tokens: 8192,
-      system: systemPrompt,
-      messages: [{ role: 'user', content: userMessage }],
-      stream,
+      max_tokens: 4096,
+      system: systemMsg?.content || '',
+      messages: anthropicMessages,
     };
+    const res = await fetch('https://api.anthropic.com/v1/messages', {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json', 'x-api-key': apiKey, 'anthropic-version': '2023-06-01' },
+      body: JSON.stringify(body),
+    });
+    if (!res.ok) throw new Error(`Anthropic vision ${res.status}: ${await res.text()}`);
+    const data = await res.json();
+    return data.content?.[0]?.text || '';
   }
-  // OpenAI-compatible format (OpenAI, DeepSeek, Grok, Mistral)
-  const modelDefaults = {
-    openai: 'gpt-4o',
-    deepseek: 'deepseek-chat',
-    grok: 'grok-3-latest',
-    mistral: 'mistral-large-latest',
-  };
-  return {
-    model: model || modelDefaults[provider] || 'gpt-4o',
-    max_tokens: 8192,
-    messages: [
-      { role: 'system', content: systemPrompt },
-      { role: 'user', content: userMessage },
-    ],
-    stream,
-  };
-}
-
-/** Get provider API URL */
-function getProviderUrl(provider, model, apiKey) {
-  const urls = {
-    anthropic: 'https://api.anthropic.com/v1/messages',
-    openai: 'https://api.openai.com/v1/chat/completions',
-    deepseek: 'https://api.deepseek.com/v1/chat/completions',
-    grok: 'https://api.x.ai/v1/chat/completions',
-    mistral: 'https://api.mistral.ai/v1/chat/completions',
-  };
-  return urls[provider] || urls.openai;
-}
 
-/** Get provider request headers */
-function getProviderHeaders(provider, apiKey) {
-  if (provider === 'anthropic') {
-    return {
-      'Content-Type': 'application/json',
-      'x-api-key': apiKey,
-      'anthropic-version': '2023-06-01',
-    };
+  if (provider === 'openai' || provider === 'deepseek' || provider === 'grok' || provider === 'mistral') {
+    // OpenAI-compatible format — works with GPT-4V, DeepSeek VL, etc.
+    const url = provider === 'openai' ? 'https://api.openai.com/v1/chat/completions'
+              : provider === 'deepseek' ? 'https://api.deepseek.com/chat/completions'
+              : provider === 'grok' ? 'https://api.x.ai/v1/chat/completions'
+              : 'https://api.mistral.ai/v1/chat/completions';
+
+    const visionModel = model || (provider === 'openai' ? 'gpt-4o' : model);
+    const body = { model: visionModel, max_tokens: 4096, messages };
+    const res = await fetch(url, {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json', 'Authorization': `Bearer ${apiKey}` },
+      body: JSON.stringify(body),
+    });
+    if (!res.ok) throw new Error(`${provider} vision ${res.status}: ${await res.text()}`);
+    const data = await res.json();
+    return data.choices?.[0]?.message?.content || '';
   }
-  return {
-    'Content-Type': 'application/json',
-    'Authorization': `Bearer ${apiKey}`,
-  };
-}
-
-/** SSE stream parser with onToken callback (does NOT write to stdout directly) */
-async function streamSSEWithCallback(res, format, onToken) {
-  const reader = res.body.getReader();
-  const decoder = new TextDecoder();
-  let buffer = '';
-  let fullText = '';
-
-  while (true) {
-    const { done, value } = await reader.read();
-    if (done) break;
-
-    buffer += decoder.decode(value, { stream: true });
-    const lines = buffer.split('\n');
-    buffer = lines.pop() || '';
-
-    for (const line of lines) {
-      if (!line.startsWith('data: ')) continue;
-      const data = line.slice(6).trim();
-      if (data === '[DONE]') continue;
-
-      try {
-        const json = JSON.parse(data);
-        let chunk = '';
 
-        if (format === 'anthropic') {
-          if (json.type === 'content_block_delta') {
-            chunk = json.delta?.text || '';
+  if (provider === 'gemini') {
+    // Gemini format — inline_data with base64
+    const systemMsg = messages.find(m => m.role === 'system');
+    const userMsgs = messages.filter(m => m.role !== 'system');
+    const parts = [];
+    for (const msg of userMsgs) {
+      if (typeof msg.content === 'string') {
+        parts.push({ text: msg.content });
+      } else {
+        for (const block of msg.content) {
+          if (block.type === 'text') parts.push({ text: block.text });
+          if (block.type === 'image_url') {
+            const match = block.image_url.url.match(/^data:image\/(.*?);base64,(.+)$/);
+            if (match) parts.push({ inline_data: { mime_type: `image/${match[1]}`, data: match[2] } });
           }
-        } else {
-          chunk = json.choices?.[0]?.delta?.content || '';
-        }
-
-        if (chunk) {
-          fullText += chunk;
-          if (onToken) onToken(chunk);
         }
-      } catch {}
+      }
     }
+
+    const geminiModel = model || 'gemini-2.0-flash';
+    const body = {
+      contents: [{ parts }],
+      systemInstruction: systemMsg ? { parts: [{ text: systemMsg.content }] } : undefined,
+    };
+    const res = await fetch(`https://generativelanguage.googleapis.com/v1beta/models/${geminiModel}:generateContent?key=${apiKey}`, {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify(body),
+    });
+    if (!res.ok) throw new Error(`Gemini vision ${res.status}: ${await res.text()}`);
+    const data = await res.json();
+    return data.candidates?.[0]?.content?.parts?.[0]?.text || '';
   }
 
-  return fullText;
+  throw new Error(`Vision not supported for provider: ${provider}. Use Claude, GPT-4, or Gemini.`);
 }
 
 /**

package/src/services/ops-daemon.mjs

@@ -36,8 +36,237 @@ const STATE_FILE = path.join(DAEMON_DIR, 'state.json');
 const LOG_FILE = path.join(DAEMON_DIR, 'daemon.log');
 const BRIEFS_DIR = path.join(NHA_DIR, 'ops', 'briefs');
 const INSIGHTS_DIR = path.join(NHA_DIR, 'ops', 'insights');
+const CRON_FILE = path.join(DAEMON_DIR, 'cron.json');
+const HEARTBEAT_FILE = path.join(DAEMON_DIR, 'heartbeat.json');
 const WS_PORT = 3848;
 
+// ── Cron / Heartbeat Persistence ────────────────────────────────────────────
+
+function loadCronJobs() {
+  if (!fs.existsSync(CRON_FILE)) return [];
+  try { return JSON.parse(fs.readFileSync(CRON_FILE, 'utf-8')); } catch { return []; }
+}
+
+function saveCronJobs(jobs) {
+  fs.mkdirSync(DAEMON_DIR, { recursive: true });
+  fs.writeFileSync(CRON_FILE, JSON.stringify(jobs, null, 2), { mode: 0o600 });
+}
+
+function loadHeartbeats() {
+  if (!fs.existsSync(HEARTBEAT_FILE)) return [];
+  try { return JSON.parse(fs.readFileSync(HEARTBEAT_FILE, 'utf-8')); } catch { return []; }
+}
+
+function saveHeartbeats(beats) {
+  fs.mkdirSync(DAEMON_DIR, { recursive: true });
+  fs.writeFileSync(HEARTBEAT_FILE, JSON.stringify(beats, null, 2), { mode: 0o600 });
+}
+
+/**
+ * Parse a human-readable schedule into a cron-like spec.
+ * Supports:
+ *   "every 5m" / "every 2h" / "every 30min"
+ *   "every monday 9am" / "every friday 17:00"
+ *   "every day 8:30" / "daily 9am"
+ *   "every hour"
+ *   "at 14:00" (once daily)
+ *
+ * Returns { type: 'interval'|'daily'|'weekly', intervalMs?, hour?, minute?, dayOfWeek? }
+ */
+function parseSchedule(schedule) {
+  const s = schedule.toLowerCase().trim();
+
+  // Interval: "every 5m", "every 2h", "every 30min", "every 1 hour"
+  const intervalMatch = s.match(/every\s+(\d+)\s*(m(?:in(?:utes?)?)?|h(?:ours?)?|s(?:ec(?:onds?)?)?)/);
+  if (intervalMatch) {
+    const num = parseInt(intervalMatch[1]);
+    const unit = intervalMatch[2][0]; // m, h, or s
+    const ms = unit === 'h' ? num * 3_600_000 : unit === 'm' ? num * 60_000 : num * 1_000;
+    return { type: 'interval', intervalMs: Math.max(ms, 60_000) }; // min 1 minute
+  }
+
+  // "every hour"
+  if (s === 'every hour' || s === 'hourly') {
+    return { type: 'interval', intervalMs: 3_600_000 };
+  }
+
+  // Weekly: "every monday 9am", "every friday 17:00"
+  const weeklyMatch = s.match(/every\s+(monday|tuesday|wednesday|thursday|friday|saturday|sunday)\s+(?:at\s+)?(\d{1,2})(?::(\d{2}))?\s*(am|pm)?/);
+  if (weeklyMatch) {
+    const days = { sunday: 0, monday: 1, tuesday: 2, wednesday: 3, thursday: 4, friday: 5, saturday: 6 };
+    let hour = parseInt(weeklyMatch[2]);
+    const minute = parseInt(weeklyMatch[3] || '0');
+    const ampm = weeklyMatch[4];
+    if (ampm === 'pm' && hour < 12) hour += 12;
+    if (ampm === 'am' && hour === 12) hour = 0;
+    return { type: 'weekly', dayOfWeek: days[weeklyMatch[1]], hour, minute };
+  }
+
+  // Daily: "every day 8:30", "daily 9am", "at 14:00"
+  const dailyMatch = s.match(/(?:every\s*day|daily|at)\s+(\d{1,2})(?::(\d{2}))?\s*(am|pm)?/);
+  if (dailyMatch) {
+    let hour = parseInt(dailyMatch[1]);
+    const minute = parseInt(dailyMatch[2] || '0');
+    const ampm = dailyMatch[3];
+    if (ampm === 'pm' && hour < 12) hour += 12;
+    if (ampm === 'am' && hour === 12) hour = 0;
+    return { type: 'daily', hour, minute };
+  }
+
+  return null;
+}
+
+/**
+ * Check if a cron job should run now (within the current minute).
+ */
+function shouldRunNow(spec, lastRun) {
+  const now = new Date();
+
+  if (spec.type === 'interval') {
+    if (!lastRun) return true;
+    return (now.getTime() - lastRun) >= spec.intervalMs;
+  }
+
+  if (spec.type === 'daily') {
+    const nowMinutes = now.getHours() * 60 + now.getMinutes();
+    const targetMinutes = spec.hour * 60 + spec.minute;
+    // Run if we're in the right minute and haven't run today
+    if (Math.abs(nowMinutes - targetMinutes) > 1) return false;
+    if (lastRun) {
+      const lastRunDate = new Date(lastRun);
+      if (lastRunDate.toDateString() === now.toDateString()) return false;
+    }
+    return true;
+  }
+
+  if (spec.type === 'weekly') {
+    if (now.getDay() !== spec.dayOfWeek) return false;
+    const nowMinutes = now.getHours() * 60 + now.getMinutes();
+    const targetMinutes = spec.hour * 60 + spec.minute;
+    if (Math.abs(nowMinutes - targetMinutes) > 1) return false;
+    if (lastRun) {
+      const lastRunDate = new Date(lastRun);
+      const daysDiff = (now.getTime() - lastRunDate.getTime()) / 86_400_000;
+      if (daysDiff < 1) return false;
+    }
+    return true;
+  }
+
+  return false;
+}
+
+/**
+ * Add a cron job. Returns the job object.
+ */
+export function addCronJob(schedule, prompt, options = {}) {
+  const spec = parseSchedule(schedule);
+  if (!spec) return { ok: false, error: `Cannot parse schedule: "${schedule}"` };
+
+  const jobs = loadCronJobs();
+  const job = {
+    id: crypto.randomUUID(),
+    schedule,
+    spec,
+    prompt,
+    agent: options.agent || null,    // null = auto-route
+    notify: options.notify !== false, // default: send notification
+    enabled: true,
+    createdAt: new Date().toISOString(),
+    lastRun: null,
+    lastResult: null,
+    runCount: 0,
+  };
+  jobs.push(job);
+  saveCronJobs(jobs);
+
+  // Notify daemon if running (it will pick up changes on next tick)
+  if (isRunning()) {
+    wsBroadcast({ type: 'cron_added', data: { id: job.id, schedule, prompt } });
+  }
+
+  return { ok: true, job };
+}
+
+/**
+ * Remove a cron job by ID or index.
+ */
+export function removeCronJob(idOrIndex) {
+  const jobs = loadCronJobs();
+  let removed;
+  if (typeof idOrIndex === 'number' || /^\d+$/.test(idOrIndex)) {
+    const idx = parseInt(idOrIndex) - 1; // 1-based
+    if (idx < 0 || idx >= jobs.length) return { ok: false, error: 'Invalid job index' };
+    removed = jobs.splice(idx, 1)[0];
+  } else {
+    const idx = jobs.findIndex(j => j.id === idOrIndex);
+    if (idx === -1) return { ok: false, error: 'Job not found' };
+    removed = jobs.splice(idx, 1)[0];
+  }
+  saveCronJobs(jobs);
+  return { ok: true, removed };
+}
+
+/**
+ * List all cron jobs.
+ */
+export function listCronJobs() {
+  return loadCronJobs();
+}
+
+/**
+ * Add a heartbeat (recurring prompt at fixed interval).
+ * Convenience wrapper over cron with interval spec.
+ */
+export function addHeartbeat(intervalStr, prompt, options = {}) {
+  return addCronJob(`every ${intervalStr}`, prompt, options);
+}
+
+/**
+ * Execute cron jobs that are due. Called from daemon loop.
+ */
+async function executeDueCronJobs(config) {
+  const jobs = loadCronJobs();
+  let changed = false;
+
+  for (const job of jobs) {
+    if (!job.enabled) continue;
+    if (!shouldRunNow(job.spec, job.lastRun)) continue;
+
+    log(`[Cron] Executing: "${job.prompt}" (schedule: ${job.schedule})`);
+
+    try {
+      const agent = job.agent || 'conductor';
+      const result = await callAgent(config, agent, job.prompt);
+      job.lastRun = Date.now();
+      job.lastResult = result.slice(0, 500); // cap stored result
+      job.runCount++;
+      changed = true;
+
+      log(`[Cron] Completed: "${job.prompt}" → ${result.slice(0, 100)}...`);
+
+      // Broadcast result to connected clients
+      wsBroadcast({
+        type: 'cron_result',
+        timestamp: new Date().toISOString(),
+        data: { id: job.id, schedule: job.schedule, prompt: job.prompt, result: result.slice(0, 500) },
+      });
+
+      // Send notification if enabled
+      if (job.notify) {
+        await notify('Scheduled Task', `${job.prompt}\n\n${result.slice(0, 200)}`, config);
+      }
+    } catch (err) {
+      log(`[Cron] Error executing "${job.prompt}": ${err.message}`);
+      job.lastRun = Date.now();
+      job.lastResult = `ERROR: ${err.message}`;
+      job.runCount++;
+      changed = true;
+    }
+  }
+
+  if (changed) saveCronJobs(jobs);
+}
+
 // ── Daemon Control ─────────────────────────────────────────────────────────
 
 /**
@@ -837,6 +1066,13 @@ async function daemonLoop() {
       }
     }
 
+    // ── User-defined Cron Jobs ────────────────────────────
+    try {
+      await executeDueCronJobs(config);
+    } catch (err) {
+      log(`[Cron] Execution error: ${err.message}`);
+    }
+
     // Reset daily flags at midnight
     if (currentTime === '00:00') {
       todayPlanDone = false;