polygram 0.12.9 → 0.13.0

package/lib/attachments.js

@@ -22,6 +22,8 @@
  *     extension — the fallback only kicks in when MIME is unhelpful.
  */
 
+const { getTopicConfig } = require('./session-key');
+
 // Inbound (user → bot) per-file cap. Telegram's cloud Bot API hard-caps
 // bot file DOWNLOADS (getFile) at 20 MB, so 20 MB is the real ceiling on
 // cloud — raised from 10 MB so users can send larger tracks/docs. With a
@@ -52,6 +54,43 @@ const LOCAL_MAX_BYTES     = 2000 * 1024 * 1024;        // --local server, both w
  *   backend ceiling.
  * @returns {{ inBytes:number, outBytes:number, ceiling:number, localApi:boolean }}
  */
+/**
+ * Resolve the per-file maxFileBytes override for a (chat, topic) from config,
+ * with precedence: topic → chat → bot → default → null. The returned value is
+ * fed to resolveFileCaps(), which clamps it to the backend ceiling. Returns
+ * null when no tier sets it (→ backend default).
+ *
+ * Single source of truth for every enforcement site (inbound filter, inbound
+ * download, outbound send() choke point, CLI pre-check) so precedence can't
+ * drift between them.
+ *
+ * `config.bot` is the active bot after filterConfigToBot (config.bots[name]);
+ * `config.defaults.maxFileBytes` is the global default. A non-positive or
+ * non-numeric value at any tier is treated as "no override" by resolveFileCaps,
+ * so it transparently falls through to the next tier.
+ *
+ * @param {object} config  bot-filtered config (has .chats, .bot, .defaults)
+ * @param {string|number} chatId
+ * @param {string|number|null} threadId
+ * @returns {number|null} bytes, or null for "use backend default"
+ */
+function resolveMaxFileOverride(config, chatId, threadId = null) {
+  if (!config) return null;
+  const chat = config.chats?.[String(chatId)] || null;
+  const topicCfg = (chat && threadId != null)
+    ? getTopicConfig(chat, String(threadId))
+    : null;
+  // A non-positive / non-numeric value at a tier means "unset" → fall through
+  // to the next tier (NOT 0-bytes "block all", and NOT short-circuiting to the
+  // backend default the way `??` on a literal 0 would).
+  const pick = (v) => (typeof v === 'number' && v > 0) ? v : undefined;
+  return pick(topicCfg?.maxFileBytes)
+    ?? pick(chat?.maxFileBytes)
+    ?? pick(config.bot?.maxFileBytes)
+    ?? pick(config.defaults?.maxFileBytes)
+    ?? null;
+}
+
 function resolveFileCaps({ localApi = false, override = null } = {}) {
   const ceiling = localApi ? LOCAL_MAX_BYTES : null;
   const defIn  = localApi ? LOCAL_MAX_BYTES : CLOUD_MAX_IN_BYTES;
@@ -150,6 +189,7 @@ function filterAttachments(attachments, opts = {}) {
 module.exports = {
   filterAttachments,
   resolveFileCaps,
+  resolveMaxFileOverride,
   MAX_FILE_BYTES,
   MAX_TOTAL_BYTES,
   CLOUD_MAX_IN_BYTES,

package/lib/handlers/download.js

@@ -24,7 +24,7 @@
 const fs = require('fs');
 const path = require('path');
 const { redactBotToken } = require('../error/net');
-const { MAX_FILE_BYTES, resolveFileCaps } = require('../attachments');
+const { MAX_FILE_BYTES, resolveFileCaps, resolveMaxFileOverride } = require('../attachments');
 
 const ATTACHMENT_DOWNLOAD_CONCURRENCY_DEFAULT = 6;
 
@@ -60,11 +60,16 @@ function createDownloadAttachments({
       } catch { /* fall through to refetch */ }
     }
     try {
-      // Inbound per-file cap is BACKEND-derived: 20 MB on cloud Telegram
-      // (Telegram's own getFile ceiling), 2 GB with the local Bot API server.
-      // rc.15: previously hardcoded to MAX_FILE_BYTES (20 MB), which rejected
-      // large lossless tracks even when the local server could handle them.
-      const cap = resolveFileCaps({ localApi: !!config.bot?.apiRoot }).inBytes;
+      // Inbound per-file cap: BACKEND-derived (20 MB cloud getFile ceiling,
+      // 2 GB local Bot API server) and lowered by the override (topic → chat →
+      // bot → default) via the SAME resolver as the inbound filter. Without the
+      // override here, a file whose Telegram-reported file_size is 0/absent
+      // slips past filterAttachments' per-file reject and would stream up to
+      // the full 2 GB ceiling before rejection (disk-DoS gap).
+      const cap = resolveFileCaps({
+        localApi: !!config.bot?.apiRoot,
+        override: resolveMaxFileOverride(config, chatId, msg?.message_thread_id?.toString() || null),
+      }).inBytes;
 
       const fileInfo = await bot.api.getFile(att.file_id);
       if (!fileInfo?.file_path) throw new Error('no file_path from getFile');

package/lib/process/cli-process.js

@@ -608,12 +608,14 @@ class CliProcess extends Process {
     this.effort = effort;
 
     // File-send outbound cap (bot → user). Backend-derived (cloud 50MB vs
-    // local Bot API server 2GB via opts.localApi) with per-topic/chat
-    // maxFileBytes override, clamped to the backend ceiling. Stored for the
-    // dispatcher (live size-check) and the system prompt (so claude states
-    // the right limit). Resolved here so it follows the same topic→chat
-    // precedence as cwd/agent above.
-    const _capOverride = topicConfig?.maxFileBytes ?? opts.chatConfig?.maxFileBytes ?? null;
+    // local Bot API server 2GB via opts.localApi) with the per-file override
+    // (topic → chat → bot → default), clamped to the backend ceiling. Stored
+    // for the dispatcher (live size-check) and the system prompt (so claude
+    // states the right limit). opts.outboundCapOverride is pre-resolved by
+    // buildSpawnContext via the shared resolver so this matches actual send()
+    // enforcement; the inline fallback keeps legacy/test callers working.
+    const _capOverride = opts.outboundCapOverride
+      ?? topicConfig?.maxFileBytes ?? opts.chatConfig?.maxFileBytes ?? null;
     this.maxOutboundFileBytes = resolveFileCaps({
       localApi: !!opts.localApi,
       override: _capOverride,
@@ -807,8 +809,12 @@ class CliProcess extends Process {
       '### Sending FILES (tracks, images, docs) to the user',
       '',
       'The `mcp__polygram-bridge__reply` tool takes an optional `files` array of',
-      'absolute paths. This is the ONLY way to send a file. Do NOT use Bash,',
-      'curl, the Telegram Bot API, or polygram-ipc to send files — those fail.',
+      'absolute paths. This is the ONLY correct way to send a file: reply delivers',
+      "it to the user's CURRENT topic/thread automatically. Do NOT use Bash, curl,",
+      'the Telegram Bot API, or polygram-ipc to send files: they do NOT know your',
+      'current thread, so they deliver to the WRONG topic (and skip size/safety',
+      'checks). A raw Bot API call may LOOK like it worked — the upload returns 200 —',
+      "but it lands in the wrong topic the user isn't looking at. Always use reply(files).",
       '',
       ...(this.attachmentStagingDir ? [
         `To send a file: COPY it into the staging dir \`${this.attachmentStagingDir}\`,`,

package/lib/telegram/api.js

@@ -28,7 +28,8 @@ const {
   getRetryAfterMs,
 } = require('./format');
 const { isSafeToRetry, redactBotToken } = require('../error/net');
-const { coerceFileParams } = require('./input-file');
+const { coerceFileParams, localFileBytes, FILE_FIELD_BY_METHOD } = require('./input-file');
+const { resolveFileCaps, resolveMaxFileOverride } = require('../attachments');
 
 // Topic deletion race: a user can delete a forum topic while a turn is in
 // flight, turning a valid `message_thread_id` into a 404. Telegram's error
@@ -109,10 +110,35 @@ function deriveOutboundText(method, params, meta) {
   return '';
 }
 
-async function send({ bot, method, params, db = null, meta = {}, logger = console }) {
+async function send({ bot, method, params, db = null, meta = {}, logger = console, config = null }) {
   const chatId = params.chat_id != null ? String(params.chat_id) : null;
   const threadId = params.message_thread_id != null ? String(params.message_thread_id) : null;
 
+  // Outbound per-file size cap (topic → chat → bot → default → backend ceiling).
+  // Enforced HERE, the single send choke point, so every path is capped
+  // uniformly: CLI reply(files), IPC/cron job sends, and any media polygram
+  // itself emits. Runs BEFORE coerceFileParams while the param is still a raw
+  // statable path/Buffer (coerceFileParams turns {source} into an opaque
+  // InputFile). Only locally-statable files are checked — file_id / URL sends
+  // can't be sized and pass through (Telegram's own limit applies). Throwing
+  // here is before insertOutboundPending, so no orphan DB row is left.
+  if (config) {
+    const fileField = FILE_FIELD_BY_METHOD[method];
+    if (fileField && params[fileField] != null) {
+      const bytes = localFileBytes(params[fileField]);
+      if (bytes != null) {
+        const cap = resolveFileCaps({
+          localApi: !!config.bot?.apiRoot,
+          override: resolveMaxFileOverride(config, chatId, threadId),
+        }).outBytes;
+        if (bytes > cap) {
+          const mb = (n) => (n / (1024 * 1024)).toFixed(1);
+          throw new Error(`telegram ${method}: file ${mb(bytes)}MB exceeds the ${mb(cap)}MB send limit`);
+        }
+      }
+    }
+  }
+
   // File-upload bug fix (2026-05-31): coerce a `{ source: '/abs/path' }`
   // file param into a grammy InputFile so local-file uploads actually work.
   // grammy doesn't recognize the bare envelope → it failed every send with
@@ -365,8 +391,8 @@ async function send({ bot, method, params, db = null, meta = {}, logger = consol
   return res;
 }
 
-function createSender(db, logger = console) {
-  return (bot, method, params, meta) => send({ bot, method, params, db, meta, logger });
+function createSender(db, logger = console, config = null) {
+  return (bot, method, params, meta) => send({ bot, method, params, db, meta, logger, config });
 }
 
 module.exports = { send, createSender, nextPendingId };

package/lib/telegram/input-file.js

@@ -25,6 +25,7 @@
 
 'use strict';
 
+const fs = require('fs');
 const { InputFile } = require('grammy');
 
 // method → the params field that carries the file.
@@ -69,8 +70,36 @@ function coerceFileParams(method, params) {
   return params;
 }
 
+/**
+ * Bytes for a LOCALLY statable file param, else null (= "not sizable here,
+ * skip the cap"). Used by the outbound size cap at the send() choke point.
+ *
+ * Only two shapes are local files we can measure:
+ *   - { source: '<path>' }  → fs.statSync (abs OR relative — resolved against
+ *                             cwd exactly as grammy's InputFile does, so the
+ *                             size and the upload read the same file). Excludes
+ *                             https/http URLs (remote, not sizable here).
+ *   - Buffer                → .length
+ * Everything else returns null: a bare string is a Telegram file_id (never
+ * stat it — coerceFileValue's deliberate rule), an existing InputFile/stream
+ * can't be sized, and a missing/unreadable path must not crash the send
+ * (statSync wrapped → null, let grammy/Telegram error naturally).
+ *
+ * @param {*} val  the raw file param BEFORE coerceFileParams runs
+ * @returns {number|null}
+ */
+function localFileBytes(val) {
+  if (Buffer.isBuffer(val)) return val.length;
+  if (val && typeof val === 'object' && typeof val.source === 'string'
+      && !/^https?:\/\//i.test(val.source)) {
+    try { return fs.statSync(val.source).size; } catch { return null; }
+  }
+  return null;
+}
+
 module.exports = {
   coerceFileParams,
   coerceFileValue,
+  localFileBytes,
   FILE_FIELD_BY_METHOD,
 };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "polygram",
-  "version": "0.12.9",
+  "version": "0.13.0",
   "description": "Telegram daemon for Claude Code that preserves the OpenClaw per-chat session model. Migration path for OpenClaw users moving to Claude Code.",
   "main": "lib/ipc/client.js",
   "bin": {

package/polygram.js

@@ -28,7 +28,7 @@ const {
   migrateJsonToDb, getClaudeSessionId, resolveSessionForSpawn,
 } = require('./lib/db/sessions');
 const { buildPrompt } = require('./lib/prompt');
-const { filterAttachments, resolveFileCaps, MAX_TOTAL_BYTES } = require('./lib/attachments');
+const { filterAttachments, resolveFileCaps, resolveMaxFileOverride, MAX_TOTAL_BYTES } = require('./lib/attachments');
 // 0.9.0: SDK ProcessManager is the only pm. CLI pm
 // (lib/process-manager.js) deleted in commit 6.
 // Both implementations expose the same public API (constructor +
@@ -475,10 +475,12 @@ function buildSpawnContext(sessionKey) {
     threadId: threadId || null,
     label: getSessionLabel(chatConfig, threadId),
     existingSessionId,
-    // File-send outbound cap inputs: localApi (bot-level) so CliProcess can
-    // resolve the per-chat/topic outbound cap (resolveFileCaps) the same way
-    // it resolves cwd/agent. Override itself lives in chatConfig/topic.
+    // File-send outbound cap inputs: localApi (backend ceiling) + the resolved
+    // per-file override (topic → chat → bot → default) from the SAME resolver
+    // the inbound filter and the send() choke point use, so CliProcess's
+    // pre-check + system-prompt line can't drift from actual enforcement.
     localApi: !!config.bot?.apiRoot,
+    outboundCapOverride: resolveMaxFileOverride(config, chatId, threadId || null),
   };
 }
 
@@ -788,14 +790,13 @@ async function handleMessage(sessionKey, chatId, msg, bot) {
   const sessionCtx = !pm.has(sessionKey) ? await readSessionContext(sessionKey, chatConfig.cwd) : '';
 
   const rawAtts = extractAttachments(msg);
-  // Backend-derived inbound cap with per-topic/chat override. Cloud → 20MB;
-  // a local Bot API server (config.bot.apiRoot) → 2GB; override via
-  // chats[id].maxFileBytes or topics[t].maxFileBytes, clamped to the
-  // backend ceiling. Bytes-valued config; resolveFileCaps does the clamp.
-  const _inTopicCfg = getTopicConfig(chatConfig, threadIdStr || null);
+  // Backend-derived inbound cap with override (topic → chat → bot → default),
+  // clamped to the backend ceiling (cloud 20MB / local Bot API server 2GB).
+  // resolveMaxFileOverride is the single precedence source shared with the
+  // outbound send() cap and the download path; resolveFileCaps does the clamp.
   const _fileCaps = resolveFileCaps({
     localApi: !!config.bot?.apiRoot,
-    override: _inTopicCfg.maxFileBytes ?? chatConfig.maxFileBytes ?? null,
+    override: resolveMaxFileOverride(config, chatId, threadIdStr || null),
   });
   const { accepted, rejected } = filterAttachments(rawAtts, {
     maxFileBytes: _fileCaps.inBytes,
@@ -2174,7 +2175,7 @@ async function main() {
   try {
     db = dbClient.open(DB_PATH);
     console.log(`[db] opened ${DB_PATH}`);
-    tg = createSender(db, console);
+    tg = createSender(db, console, config);
     pairings = createPairingsStore(db.raw);
     approvals = createApprovalsStore(db.raw);
     const migration = migrateJsonToDb(db, SESSIONS_JSON_PATH, config.chats);