telecodex 0.1.0 → 0.1.2

package/dist/store/sessions.js

@@ -1,22 +1,23 @@
-import { DEFAULT_SESSION_PROFILE, isSessionApprovalPolicy, isSessionReasoningEffort, isSessionSandboxMode, isSessionWebSearchMode, } from "../config.js";
+import { DEFAULT_SESSION_PROFILE, } from "../config.js";
+export const BINDING_CODE_TTL_MS = 15 * 60 * 1000;
+export const BINDING_CODE_MAX_ATTEMPTS = 5;
 export class SessionStore {
-    db;
-    constructor(db) {
-        this.db = db;
+    storage;
+    runtimeStateBySession = new Map();
+    outputMessageBySession = new Map();
+    queueBySession = new Map();
+    nextQueuedInputId = 1;
+    constructor(storage) {
+        this.storage = storage;
     }
     getAppState(key) {
-        const row = this.db.prepare("SELECT value FROM app_state WHERE key = ?").get(key);
-        return row?.value ?? null;
+        return this.storage.getAppState(key);
     }
     setAppState(key, value) {
-        this.db
-            .prepare(`INSERT INTO app_state (key, value, updated_at)
-         VALUES (?, ?, ?)
-         ON CONFLICT(key) DO UPDATE SET value = excluded.value, updated_at = excluded.updated_at`)
-            .run(key, value, new Date().toISOString());
+        this.storage.setAppState(key, value);
     }
     deleteAppState(key) {
-        this.db.prepare("DELETE FROM app_state WHERE key = ?").run(key);
+        this.storage.deleteAppState(key);
     }
     getAuthorizedUserId() {
         const value = this.getAppState("authorized_user_id");
@@ -26,296 +27,331 @@ export class SessionStore {
         return Number.isSafeInteger(userId) ? userId : null;
     }
     getBootstrapCode() {
-        return this.getAppState("bootstrap_code");
+        const binding = this.getBindingCodeState();
+        return binding?.mode === "bootstrap" ? binding.code : null;
     }
     setBootstrapCode(code) {
-        this.setAppState("bootstrap_code", code);
+        this.issueBindingCode({
+            code,
+            mode: "bootstrap",
+        });
     }
     clearBootstrapCode() {
+        this.clearBindingCode();
+    }
+    getBindingCodeState(now = new Date()) {
+        const code = this.getAppState("bootstrap_code");
+        const createdAt = this.getAppState("binding_code_created_at");
+        const expiresAt = this.getAppState("binding_code_expires_at");
+        if (!code || !createdAt || !expiresAt)
+            return null;
+        const expiresAtMs = Date.parse(expiresAt);
+        if (!Number.isFinite(expiresAtMs) || expiresAtMs <= now.getTime()) {
+            this.clearBindingCode();
+            return null;
+        }
+        const attempts = normalizeNonNegativeInteger(this.getAppState("binding_code_attempts"));
+        if (attempts >= BINDING_CODE_MAX_ATTEMPTS) {
+            this.clearBindingCode();
+            return null;
+        }
+        return {
+            code,
+            mode: normalizeBindingCodeMode(this.getAppState("binding_code_mode")),
+            createdAt,
+            expiresAt,
+            attempts,
+            maxAttempts: BINDING_CODE_MAX_ATTEMPTS,
+            issuedByUserId: normalizeOptionalUserId(this.getAppState("binding_code_issued_by_user_id")),
+        };
+    }
+    issueBindingCode(input) {
+        const now = input.now ?? new Date();
+        const createdAt = now.toISOString();
+        const expiresAt = new Date(now.getTime() + (input.ttlMs ?? BINDING_CODE_TTL_MS)).toISOString();
+        this.setAppState("bootstrap_code", input.code);
+        this.setAppState("binding_code_mode", input.mode);
+        this.setAppState("binding_code_created_at", createdAt);
+        this.setAppState("binding_code_expires_at", expiresAt);
+        this.setAppState("binding_code_attempts", "0");
+        if (input.issuedByUserId == null) {
+            this.deleteAppState("binding_code_issued_by_user_id");
+        }
+        else {
+            this.setAppState("binding_code_issued_by_user_id", String(input.issuedByUserId));
+        }
+        return {
+            code: input.code,
+            mode: input.mode,
+            createdAt,
+            expiresAt,
+            attempts: 0,
+            maxAttempts: BINDING_CODE_MAX_ATTEMPTS,
+            issuedByUserId: input.issuedByUserId ?? null,
+        };
+    }
+    recordBindingCodeFailure(now = new Date()) {
+        const state = this.getBindingCodeState(now);
+        if (!state)
+            return null;
+        const attempts = state.attempts + 1;
+        if (attempts >= state.maxAttempts) {
+            this.clearBindingCode();
+            return {
+                attempts,
+                remaining: 0,
+                exhausted: true,
+            };
+        }
+        this.setAppState("binding_code_attempts", String(attempts));
+        return {
+            attempts,
+            remaining: state.maxAttempts - attempts,
+            exhausted: false,
+        };
+    }
+    clearBindingCode() {
         this.deleteAppState("bootstrap_code");
+        this.deleteAppState("binding_code_mode");
+        this.deleteAppState("binding_code_created_at");
+        this.deleteAppState("binding_code_expires_at");
+        this.deleteAppState("binding_code_attempts");
+        this.deleteAppState("binding_code_issued_by_user_id");
     }
     claimAuthorizedUserId(userId) {
         const existing = this.getAuthorizedUserId();
         if (existing != null)
             return existing;
-        this.db.prepare("INSERT OR IGNORE INTO app_state (key, value, updated_at) VALUES ('authorized_user_id', ?, ?)").run(String(userId), new Date().toISOString());
+        this.setAppState("authorized_user_id", String(userId));
+        this.clearBindingCode();
         const current = this.getAuthorizedUserId();
         if (current == null)
             throw new Error("Failed to persist authorized Telegram user id");
-        this.clearBootstrapCode();
         return current;
     }
+    rebindAuthorizedUserId(userId) {
+        this.setAppState("authorized_user_id", String(userId));
+        this.clearBindingCode();
+    }
     clearAuthorizedUserId() {
         this.deleteAppState("authorized_user_id");
+        this.clearBindingCode();
     }
     getOrCreate(input) {
         const existing = this.get(input.sessionKey);
         if (existing)
             return existing;
         const now = new Date().toISOString();
-        this.db
-            .prepare(`INSERT INTO sessions (
-          session_key, chat_id, message_thread_id, telegram_topic_name, cwd, model, sandbox_mode, approval_policy, created_at, updated_at
-        ) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`)
-            .run(input.sessionKey, input.chatId, input.messageThreadId, input.telegramTopicName ?? null, input.defaultCwd, input.defaultModel, DEFAULT_SESSION_PROFILE.sandboxMode, DEFAULT_SESSION_PROFILE.approvalPolicy, now, now);
+        this.storage.putSession({
+            sessionKey: input.sessionKey,
+            chatId: input.chatId,
+            messageThreadId: input.messageThreadId,
+            telegramTopicName: input.telegramTopicName ?? null,
+            codexThreadId: null,
+            cwd: input.defaultCwd,
+            model: input.defaultModel,
+            sandboxMode: DEFAULT_SESSION_PROFILE.sandboxMode,
+            approvalPolicy: DEFAULT_SESSION_PROFILE.approvalPolicy,
+            reasoningEffort: null,
+            webSearchMode: null,
+            networkAccessEnabled: true,
+            skipGitRepoCheck: true,
+            additionalDirectories: [],
+            outputSchema: null,
+            createdAt: now,
+            updatedAt: now,
+        });
         const created = this.get(input.sessionKey);
         if (!created)
             throw new Error("Session insert failed");
         return created;
     }
     get(sessionKey) {
-        const row = this.db
-            .prepare("SELECT * FROM sessions WHERE session_key = ?")
-            .get(sessionKey);
-        return row ? mapSessionRow(row) : null;
+        const stored = this.storage.getSession(sessionKey);
+        return mapStoredSession(stored, this.runtimeStateBySession.get(sessionKey), this.outputMessageBySession.get(sessionKey));
     }
     getByThreadId(threadId) {
-        const row = this.db
-            .prepare("SELECT * FROM sessions WHERE codex_thread_id = ? LIMIT 1")
-            .get(threadId);
-        return row ? mapSessionRow(row) : null;
+        const stored = this.storage.getSessionByThreadId(threadId);
+        return stored ? mapStoredSession(stored, this.runtimeStateBySession.get(stored.sessionKey), this.outputMessageBySession.get(stored.sessionKey)) : null;
     }
     listTopicSessions() {
-        const rows = this.db
-            .prepare("SELECT * FROM sessions WHERE message_thread_id IS NOT NULL ORDER BY session_key ASC")
-            .all();
-        return rows.map(mapSessionRow);
+        return this.storage
+            .listSessions()
+            .filter((session) => session.messageThreadId != null)
+            .map((session) => mapStoredSession(session, this.runtimeStateBySession.get(session.sessionKey), this.outputMessageBySession.get(session.sessionKey)))
+            .filter((session) => session != null);
     }
     remove(sessionKey) {
-        this.db.prepare("DELETE FROM queued_inputs WHERE session_key = ?").run(sessionKey);
-        this.db.prepare("DELETE FROM sessions WHERE session_key = ?").run(sessionKey);
+        this.queueBySession.delete(sessionKey);
+        this.runtimeStateBySession.delete(sessionKey);
+        this.outputMessageBySession.delete(sessionKey);
+        this.storage.removeSession(sessionKey);
     }
     enqueueInput(sessionKey, input) {
         const now = new Date().toISOString();
-        const text = formatCodexInputPreview(input);
-        const result = this.db
-            .prepare(`INSERT INTO queued_inputs (session_key, text, input_json, created_at, updated_at)
-         VALUES (?, ?, ?, ?, ?)`)
-            .run(sessionKey, text, JSON.stringify(input), now, now);
-        const id = Number(result.lastInsertRowid);
-        const queued = this.getQueuedInput(id);
-        if (!queued)
-            throw new Error("Queued input insert failed");
-        return queued;
+        const queued = {
+            id: this.nextQueuedInputId,
+            sessionKey,
+            text: formatCodexInputPreview(input),
+            input: cloneStoredCodexInput(input),
+            createdAt: now,
+            updatedAt: now,
+        };
+        this.nextQueuedInputId += 1;
+        const queue = this.queueBySession.get(sessionKey) ?? [];
+        queue.push(queued);
+        this.queueBySession.set(sessionKey, queue);
+        return cloneQueuedInput(queued);
     }
     getQueuedInput(id) {
-        const row = this.db.prepare("SELECT * FROM queued_inputs WHERE id = ?").get(id);
-        return row ? mapQueuedInputRow(row) : null;
+        for (const queue of this.queueBySession.values()) {
+            const match = queue.find((item) => item.id === id);
+            if (match)
+                return cloneQueuedInput(match);
+        }
+        return null;
     }
     getQueuedInputCount(sessionKey) {
-        const row = this.db
-            .prepare("SELECT COUNT(*) AS count FROM queued_inputs WHERE session_key = ?")
-            .get(sessionKey);
-        return row?.count ?? 0;
+        return this.queueBySession.get(sessionKey)?.length ?? 0;
     }
     peekNextQueuedInput(sessionKey) {
-        const row = this.db
-            .prepare("SELECT * FROM queued_inputs WHERE session_key = ? ORDER BY id ASC LIMIT 1")
-            .get(sessionKey);
-        return row ? mapQueuedInputRow(row) : null;
+        const queue = this.queueBySession.get(sessionKey);
+        const [next] = queue ?? [];
+        return next ? cloneQueuedInput(next) : null;
     }
     listQueuedInputs(sessionKey, limit = 5) {
-        const rows = this.db
-            .prepare("SELECT * FROM queued_inputs WHERE session_key = ? ORDER BY id ASC LIMIT ?")
-            .all(sessionKey, limit);
-        return rows.map(mapQueuedInputRow);
+        const queue = this.queueBySession.get(sessionKey) ?? [];
+        return queue.slice(0, limit).map(cloneQueuedInput);
     }
     removeQueuedInput(id) {
-        this.db.prepare("DELETE FROM queued_inputs WHERE id = ?").run(id);
+        for (const [sessionKey, queue] of this.queueBySession.entries()) {
+            const index = queue.findIndex((item) => item.id === id);
+            if (index < 0)
+                continue;
+            queue.splice(index, 1);
+            if (queue.length === 0) {
+                this.queueBySession.delete(sessionKey);
+            }
+            return;
+        }
     }
     removeQueuedInputForSession(sessionKey, id) {
-        const result = this.db
-            .prepare("DELETE FROM queued_inputs WHERE session_key = ? AND id = ?")
-            .run(sessionKey, id);
-        return (result.changes ?? 0) > 0;
+        const queue = this.queueBySession.get(sessionKey);
+        if (!queue)
+            return false;
+        const index = queue.findIndex((item) => item.id === id);
+        if (index < 0)
+            return false;
+        queue.splice(index, 1);
+        if (queue.length === 0) {
+            this.queueBySession.delete(sessionKey);
+        }
+        return true;
     }
     clearQueuedInputs(sessionKey) {
-        const result = this.db.prepare("DELETE FROM queued_inputs WHERE session_key = ?").run(sessionKey);
-        return result.changes ?? 0;
+        const queue = this.queueBySession.get(sessionKey) ?? [];
+        this.queueBySession.delete(sessionKey);
+        return queue.length;
     }
     bindThread(sessionKey, threadId) {
-        this.patch(sessionKey, {
-            codex_thread_id: threadId,
+        this.patchDurableSession(sessionKey, {
+            codexThreadId: threadId,
         });
     }
     setTelegramTopicName(sessionKey, topicName) {
-        this.patch(sessionKey, { telegram_topic_name: topicName });
+        this.patchDurableSession(sessionKey, {
+            telegramTopicName: topicName,
+        });
     }
     setRuntimeState(sessionKey, state) {
-        this.patch(sessionKey, {
-            runtime_status: state.status,
-            runtime_status_detail: state.detail,
-            runtime_status_updated_at: state.updatedAt,
-            active_turn_id: state.activeTurnId,
-        });
+        this.runtimeStateBySession.set(sessionKey, state);
     }
     setOutputMessage(sessionKey, messageId) {
-        this.patch(sessionKey, { output_message_id: messageId });
+        if (messageId == null) {
+            this.outputMessageBySession.delete(sessionKey);
+            return;
+        }
+        this.outputMessageBySession.set(sessionKey, messageId);
     }
     setCwd(sessionKey, cwd) {
-        this.patch(sessionKey, { cwd });
+        this.patchDurableSession(sessionKey, { cwd });
     }
     setModel(sessionKey, model) {
-        this.patch(sessionKey, { model });
+        this.patchDurableSession(sessionKey, { model });
     }
     setSandboxMode(sessionKey, sandboxMode) {
-        this.patch(sessionKey, {
-            sandbox_mode: sandboxMode,
-        });
+        this.patchDurableSession(sessionKey, { sandboxMode });
     }
     setApprovalPolicy(sessionKey, approvalPolicy) {
-        this.patch(sessionKey, { approval_policy: approvalPolicy });
+        this.patchDurableSession(sessionKey, { approvalPolicy });
     }
     setReasoningEffort(sessionKey, reasoningEffort) {
-        this.patch(sessionKey, { reasoning_effort: reasoningEffort });
+        this.patchDurableSession(sessionKey, { reasoningEffort });
     }
     setWebSearchMode(sessionKey, webSearchMode) {
-        this.patch(sessionKey, { web_search_mode: webSearchMode });
+        this.patchDurableSession(sessionKey, { webSearchMode });
     }
     setNetworkAccessEnabled(sessionKey, enabled) {
-        this.patch(sessionKey, { network_access_enabled: enabled ? 1 : 0 });
+        this.patchDurableSession(sessionKey, { networkAccessEnabled: enabled });
     }
     setSkipGitRepoCheck(sessionKey, skip) {
-        this.patch(sessionKey, { skip_git_repo_check: skip ? 1 : 0 });
+        this.patchDurableSession(sessionKey, { skipGitRepoCheck: skip });
     }
     setAdditionalDirectories(sessionKey, directories) {
-        this.patch(sessionKey, { additional_directories: JSON.stringify(directories) });
+        this.patchDurableSession(sessionKey, { additionalDirectories: [...directories] });
     }
     setOutputSchema(sessionKey, outputSchema) {
-        this.patch(sessionKey, { output_schema: outputSchema });
+        this.patchDurableSession(sessionKey, { outputSchema });
     }
-    patch(sessionKey, fields) {
-        const entries = Object.entries(fields);
-        if (entries.length === 0)
-            return;
-        const setSql = entries.map(([key]) => `${key} = ?`).join(", ");
-        const values = entries.map(([, value]) => value);
-        values.push(new Date().toISOString(), sessionKey);
-        this.db.prepare(`UPDATE sessions SET ${setSql}, updated_at = ? WHERE session_key = ?`).run(...values);
+    patchDurableSession(sessionKey, patch) {
+        this.storage.patchSession(sessionKey, patch);
     }
 }
 export function makeSessionKey(chatId, messageThreadId) {
     return messageThreadId == null ? String(chatId) : `${chatId}:${messageThreadId}`;
 }
-function mapSessionRow(row) {
+function mapStoredSession(stored, runtimeState, outputMessageId) {
+    if (!stored)
+        return null;
+    const runtime = runtimeState ?? {
+        status: "idle",
+        detail: null,
+        updatedAt: stored.updatedAt,
+        activeTurnId: null,
+    };
     return {
-        sessionKey: row.session_key,
-        chatId: row.chat_id,
-        messageThreadId: row.message_thread_id,
-        telegramTopicName: row.telegram_topic_name ?? null,
-        codexThreadId: row.codex_thread_id,
-        cwd: row.cwd,
-        model: row.model,
-        sandboxMode: normalizeSandboxMode(row.sandbox_mode),
-        approvalPolicy: normalizeApprovalPolicy(row.approval_policy),
-        reasoningEffort: normalizeReasoningEffort(row.reasoning_effort),
-        webSearchMode: normalizeWebSearchMode(row.web_search_mode),
-        networkAccessEnabled: normalizeBoolean(row.network_access_enabled, true),
-        skipGitRepoCheck: normalizeBoolean(row.skip_git_repo_check, true),
-        additionalDirectories: normalizeStringArray(row.additional_directories),
-        outputSchema: normalizeOutputSchema(row.output_schema),
-        runtimeStatus: normalizeRuntimeStatus(row.runtime_status, row.active_turn_id),
-        runtimeStatusDetail: row.runtime_status_detail ?? null,
-        runtimeStatusUpdatedAt: row.runtime_status_updated_at ?? row.updated_at,
-        activeTurnId: row.active_turn_id,
-        outputMessageId: row.output_message_id,
-        createdAt: row.created_at,
-        updatedAt: row.updated_at,
+        ...stored,
+        additionalDirectories: [...stored.additionalDirectories],
+        runtimeStatus: runtime.status,
+        runtimeStatusDetail: runtime.detail,
+        runtimeStatusUpdatedAt: runtime.updatedAt,
+        activeTurnId: runtime.activeTurnId,
+        outputMessageId: outputMessageId ?? null,
     };
 }
-function mapQueuedInputRow(row) {
+function cloneQueuedInput(input) {
     return {
-        id: row.id,
-        sessionKey: row.session_key,
-        text: row.text,
-        input: parseStoredCodexInput(row.input_json, row.text),
-        createdAt: row.created_at,
-        updatedAt: row.updated_at,
+        ...input,
+        input: cloneStoredCodexInput(input.input),
     };
 }
-function normalizeSandboxMode(value) {
-    return value && isSessionSandboxMode(value) ? value : DEFAULT_SESSION_PROFILE.sandboxMode;
-}
-function normalizeApprovalPolicy(value) {
-    return value && isSessionApprovalPolicy(value) ? value : DEFAULT_SESSION_PROFILE.approvalPolicy;
+function cloneStoredCodexInput(input) {
+    return typeof input === "string" ? input : input.map((item) => ({ ...item }));
 }
-function normalizeReasoningEffort(value) {
-    return value && isSessionReasoningEffort(value) ? value : null;
+function normalizeBindingCodeMode(value) {
+    return value === "rebind" ? "rebind" : "bootstrap";
 }
-function normalizeWebSearchMode(value) {
-    return value && isSessionWebSearchMode(value) ? value : null;
-}
-function normalizeBoolean(value, fallback) {
-    if (value == null)
-        return fallback;
-    return Number(value) !== 0;
-}
-function normalizeStringArray(value) {
+function normalizeNonNegativeInteger(value) {
     if (!value)
-        return [];
-    try {
-        const parsed = JSON.parse(value);
-        if (!Array.isArray(parsed))
-            return [];
-        return parsed.filter((entry) => typeof entry === "string" && entry.trim().length > 0);
-    }
-    catch {
-        return [];
-    }
-}
-function normalizeOutputSchema(value) {
-    if (!value?.trim())
-        return null;
-    try {
-        const parsed = JSON.parse(value);
-        return isPlainObject(parsed) ? JSON.stringify(parsed) : null;
-    }
-    catch {
-        return null;
-    }
-}
-function normalizeRuntimeStatus(value, activeTurnId) {
-    switch (value) {
-        case "idle":
-        case "preparing":
-        case "running":
-        case "failed":
-            return value;
-        default:
-            return activeTurnId ? "running" : "idle";
-    }
-}
-function parseStoredCodexInput(inputJson, fallbackText) {
-    if (!inputJson)
-        return fallbackText;
-    try {
-        const parsed = JSON.parse(inputJson);
-        return normalizeStoredCodexInput(parsed) ?? fallbackText;
-    }
-    catch {
-        return fallbackText;
-    }
+        return 0;
+    const parsed = Number(value);
+    return Number.isSafeInteger(parsed) && parsed >= 0 ? parsed : 0;
 }
-function normalizeStoredCodexInput(value) {
-    if (typeof value === "string")
-        return value;
-    if (!Array.isArray(value))
+function normalizeOptionalUserId(value) {
+    if (value == null)
         return null;
-    const items = [];
-    for (const item of value) {
-        if (!isPlainObject(item))
-            return null;
-        if (item.type === "text" && typeof item.text === "string") {
-            items.push({ type: "text", text: item.text });
-        }
-        else if (item.type === "local_image" && typeof item.path === "string") {
-            items.push({ type: "local_image", path: item.path });
-        }
-        else {
-            return null;
-        }
-    }
-    return items;
+    const parsed = Number(value);
+    return Number.isSafeInteger(parsed) ? parsed : null;
 }
 export function formatCodexInputPreview(input) {
     if (typeof input === "string")
@@ -323,6 +359,3 @@ export function formatCodexInputPreview(input) {
     const parts = input.map((item) => (item.type === "text" ? item.text : `[image: ${item.path}]`));
     return parts.join(" ").trim() || "[image]";
 }
-function isPlainObject(value) {
-    return typeof value === "object" && value !== null && !Array.isArray(value);
-}

package/dist/telegram/renderer.js

@@ -11,6 +11,11 @@ export function escapeHtml(value) {
         .replaceAll("<", "&lt;")
         .replaceAll(">", "&gt;");
 }
+function escapeHtmlAttribute(value) {
+    return escapeHtml(value)
+        .replaceAll('"', "&quot;")
+        .replaceAll("'", "&#39;");
+}
 export function renderMarkdownForTelegram(markdown) {
     const tokens = md.parse(markdown, {});
     const html = renderTokens(tokens).replace(/\n{3,}/g, "\n\n").trim();
@@ -95,6 +100,7 @@ function renderTokens(tokens) {
 }
 function renderInline(tokens) {
     let out = "";
+    const linkStack = [];
     for (const token of tokens) {
         switch (token.type) {
             case "text":
@@ -122,12 +128,18 @@ function renderInline(tokens) {
                 out += "</s>";
                 break;
             case "link_open": {
-                const href = token.attrGet("href");
-                out += href ? `<a href="${escapeHtml(href)}">` : "";
+                const href = sanitizeTelegramHref(token.attrGet("href"));
+                const opened = Boolean(href);
+                linkStack.push(opened);
+                if (href) {
+                    out += `<a href="${escapeHtmlAttribute(href)}">`;
+                }
                 break;
             }
             case "link_close":
-                out += "</a>";
+                if (linkStack.pop()) {
+                    out += "</a>";
+                }
                 break;
             case "softbreak":
             case "hardbreak":
@@ -144,3 +156,28 @@ function renderInline(tokens) {
     }
     return out;
 }
+function sanitizeTelegramHref(value) {
+    if (!value)
+        return null;
+    const href = value.trim();
+    if (!href)
+        return null;
+    try {
+        const url = new URL(href);
+        return isAllowedTelegramProtocol(url.protocol) ? url.toString() : null;
+    }
+    catch {
+        return null;
+    }
+}
+function isAllowedTelegramProtocol(protocol) {
+    switch (protocol) {
+        case "http:":
+        case "https:":
+        case "mailto:":
+        case "tg:":
+            return true;
+        default:
+            return false;
+    }
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "telecodex",
-  "version": "0.1.0",
+  "version": "0.1.2",
   "description": "Telegram bridge for local Codex.",
   "license": "MIT",
   "type": "module",
@@ -41,7 +41,7 @@
   },
   "scripts": {
     "dev": "NODE_OPTIONS=--disable-warning=ExperimentalWarning tsx src/cli.ts",
-    "build": "tsc -p tsconfig.json",
+    "build": "node -e \"require('node:fs').rmSync('dist', { recursive: true, force: true })\" && tsc -p tsconfig.json",
     "prepack": "npm run build",
     "start": "node --disable-warning=ExperimentalWarning dist/cli.js",
     "check": "tsc -p tsconfig.json --noEmit",