social-autoposter 1.6.37 → 1.6.39

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/package.json +1 -1
  2. package/scripts/setup_twitter_auth.py +9 -0
  3. package/skill/lib/twitter-backend.sh +10 -0
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "social-autoposter",
3
- "version": "1.6.37",
3
+ "version": "1.6.39",
4
4
  "description": "Automated social posting pipeline for Reddit, X/Twitter, LinkedIn, and Moltbook. Install as a Claude Code agent skill.",
5
5
  "bin": {
6
6
  "social-autoposter": "bin/cli.js"
package/scripts/setup_twitter_auth.py CHANGED
@@ -172,6 +172,15 @@ def _launch_chrome() -> bool:
172
172
  f"--user-data-dir={PROFILE_DIR}",
173
173
  "--no-first-run",
174
174
  "--no-default-browser-check",
175
+ # Encrypt the cookie store with Chrome's fixed obfuscation key instead of
176
+ # the macOS Keychain ("Chrome Safe Storage"). Without this, a keychain
177
+ # lock/re-lock leaves Chrome unable to decrypt its Cookies SQLite on the
178
+ # next launch and the imported session is discarded. Must match the cycle
179
+ # launcher (skill/lib/twitter-backend.sh) so the session connected here
180
+ # actually survives the pipeline's later relaunches. (Persistence fix,
181
+ # 2026-06-02.)
182
+ "--password-store=basic",
183
+ "--use-mock-keychain",
175
184
  "--disable-features=ChromeWhatsNewUI",
176
185
  ]
177
186
  is_linux = sys.platform.startswith("linux")
package/skill/lib/twitter-backend.sh CHANGED
@@ -196,10 +196,20 @@ ensure_twitter_browser_for_backend() {
196
196
  _extra+=(--window-size="${BH_WINDOW_SIZE:-1024,1013}")
197
197
  ;;
198
198
  esac
199
+ # --password-store=basic + --use-mock-keychain: encrypt the cookie store
200
+ # with Chrome's fixed obfuscation key instead of the macOS Keychain
201
+ # ("Chrome Safe Storage"). Without this, a keychain lock/re-lock leaves
202
+ # Chrome unable to decrypt its Cookies SQLite on the next launch, so it
203
+ # discards the session and the harness comes up logged out. With it, the
204
+ # x.com cookies persist + decrypt across restarts natively, no
205
+ # re-injection needed. Matches the flags the Playwright browser agents
206
+ # already use. (Root-cause persistence fix, 2026-06-02; the cookie
207
+ # mirror + restore_twitter_session.py remain as the safety net.)
199
208
  "$_chrome_bin" \
200
209
  --remote-debugging-port=9555 \
201
210
  --user-data-dir="$HOME/.claude/browser-profiles/browser-harness" \
202
211
  --no-first-run --no-default-browser-check \
212
+ --password-store=basic --use-mock-keychain \
203
213
  --disable-features=ChromeWhatsNewUI \
204
214
  "${_extra[@]}" \
205
215
  about:blank >/dev/null 2>&1 &