telegram-approval-buttons 5.0.1 → 5.1.0

package/CHANGELOG.md

@@ -5,6 +5,23 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [5.1.0] - 2026-03-31
+
+### Added
+- **OpenClaw 2026 approval format support** — parser now handles native `Approval required`, `Full id:`, tool-result `(id ..., full ...)`, and `/approve ...` guidance formats (#4)
+- **Async completion delivery** — captures post-approval exec output when the agent emits `NO_REPLY` and delivers results to Telegram users instead of silently dropping them
+- **Duplicate approval suppression** — detects and cancels assistant fallback `/approve` messages when a native approval prompt already exists, preventing double prompts
+
+### Fixed
+- Broadened duplicate fallback suppression to cover all actions (`allow-once|allow-always|deny`)
+- `NO_REPLY` delivery paths now reuse shared `escapeHtml` helper instead of manual `.replace()` chains
+- Added null-result handling + warning logs for failed Telegram `NO_REPLY` sends
+- Normalized `NO_REPLY` user-facing strings to English for consistency
+
+### Contributors
+
+Thanks to [@BlazzzPlay](https://github.com/BlazzzPlay) for contributing OpenClaw 2026 compatibility and async completion delivery in this release 🙏
+
 ## [5.0.1] - 2026-03-01
 
 ### Fixed

package/README.md

@@ -1,3 +1,9 @@
+
+--Closed #30695.
+
+
+
+
 # 🔐 Approval Buttons for OpenClaw
 
 > One-tap `exec` approvals in **Telegram** and **Slack** — no more typing `/approve <uuid> allow-once`.

package/index.ts

@@ -1,5 +1,5 @@
 // ─────────────────────────────────────────────────────────────────────────────
-// telegram-approval-buttons · index.ts (v5.0.1)
+// telegram-approval-buttons · index.ts (v5.1.0)
 // Plugin entry point — orchestration only, all logic lives in lib/
 //
 // Adds inline keyboard/button approval messages to Telegram and Slack.
@@ -16,6 +16,7 @@ import { SlackApi } from "./lib/slack-api.js";
 import { ApprovalStore } from "./lib/approval-store.js";
 import { parseApprovalText, detectApprovalResult } from "./lib/approval-parser.js";
 import {
+  escapeHtml,
   formatApprovalRequest,
   formatApprovalResolved,
   formatApprovalExpired,
@@ -37,9 +38,32 @@ import {
 
 // ── Constants ───────────────────────────────────────────────────────────────
 
-const PLUGIN_VERSION = "5.0.1";
+const PLUGIN_VERSION = "5.1.0";
 const TAG = "telegram-approval-buttons";
 
+const RE_RICH_APPROVAL_HEADER = /^\s*🔐\s+<b>Exec Approval<\/b>/i;
+const RE_ASSISTANT_APPROVE_FALLBACK = /\/approve\s+[a-f0-9-]{8,}\s+(allow-once|allow-always|deny)\b/i;
+
+function approvalIdVariants(id: string): string[] {
+  const clean = id.trim();
+  const short = clean.slice(0, 8);
+  if (!short || short === clean) return [clean];
+  return [clean, short];
+}
+
+type CompletionSnapshot = { output: string; capturedAt: number };
+type ResolvedSnapshot = { id: string; command: string; resolvedAt: number };
+
+const RE_ASYNC_COMPLETION = /An async command the user already approved has completed\./i;
+const RE_COMPLETION_OUTPUT = /Exact completion details:\r?\nExec finished[^\r\n]*\r?\n([\s\S]+?)\r?\n\r?\nReply to the user/i;
+
+function parseAsyncCompletionOutput(text: string): string | null {
+  if (!RE_ASYNC_COMPLETION.test(text)) return null;
+  const match = text.match(RE_COMPLETION_OUTPUT);
+  const output = match?.[1]?.trim();
+  return output || null;
+}
+
 // ── Plugin registration ─────────────────────────────────────────────────────
 
 function register(api: any): void {
@@ -115,6 +139,9 @@ function register(api: any): void {
     },
   );
 
+  let lastCompletionGlobal: CompletionSnapshot | null = null;
+  let lastResolvedGlobal: ResolvedSnapshot | null = null;
+
   // ─── 4. Register background service (cleanup timer) ──────────────────
 
   api.registerService({
@@ -141,6 +168,24 @@ function register(api: any): void {
 
   // ─── 6. Register message_sending hook ────────────────────────────────
 
+  api.on(
+    "message_received",
+    async (
+      event: { content: string },
+      _ctx: { channelId: string },
+    ) => {
+      const output = parseAsyncCompletionOutput(event.content);
+      if (!output) return;
+      lastCompletionGlobal = {
+        output,
+        capturedAt: Date.now(),
+      };
+      if (config.verbose) {
+        log.info(`[${TAG}] captured async completion output (${output.length} chars)`);
+      }
+    },
+  );
+
   api.on(
     "message_sending",
     async (
@@ -149,7 +194,17 @@ function register(api: any): void {
     ) => {
       // ── Telegram ──────────────────────────────────────────────────
       if (ctx.channelId === "telegram" && tg && config.telegram) {
-        return handleTelegram(event, config.telegram.chatId, tg, store, log);
+        return handleTelegram(
+          event,
+          config.telegram.chatId,
+          tg,
+          store,
+          log,
+          () => lastCompletionGlobal,
+          () => { lastCompletionGlobal = null; },
+          () => lastResolvedGlobal,
+          (next) => { lastResolvedGlobal = next; },
+        );
       }
 
       // ── Slack ─────────────────────────────────────────────────────
@@ -159,6 +214,44 @@ function register(api: any): void {
     },
   );
 
+  // Some OpenClaw builds deliver approval prompts before plugins can cancel.
+  // In that case, rewrite the already-sent native approval message in-place
+  // to avoid a second "button message".
+  api.on(
+    "message_sent",
+    async (
+      event: { content: string; messageId?: string; metadata?: Record<string, unknown> },
+      ctx: { channelId: string },
+    ) => {
+      if (ctx.channelId !== "telegram" || !tg || !config.telegram) return;
+      if (RE_RICH_APPROVAL_HEADER.test(event.content)) return;
+
+      const info = parseApprovalText(event.content);
+      if (!info) return;
+
+      const rawMsgId =
+        event.messageId
+        ?? (typeof event.metadata?.message_id === "string" ? event.metadata.message_id : undefined)
+        ?? (typeof event.metadata?.messageId === "string" ? event.metadata.messageId : undefined);
+
+      const messageId = rawMsgId ? Number(rawMsgId) : NaN;
+      if (!Number.isFinite(messageId)) return;
+
+      const edited = await tg.editMessageText(
+        config.telegram.chatId,
+        messageId,
+        formatApprovalRequest(info),
+        buildApprovalKeyboard(info.id),
+      );
+      if (!edited) return;
+
+      if (!store.has(info.id)) {
+        store.add(info.id, "telegram", { messageId }, info);
+      }
+      log.info(`[${TAG}] telegram upgraded native approval ${info.id.slice(0, 8)}… (msg=${messageId})`);
+    },
+  );
+
   // ─── Done ─────────────────────────────────────────────────────────────
 
   const channels = [config.telegram && "Telegram", config.slack && "Slack"]
@@ -175,13 +268,65 @@ async function handleTelegram(
   tg: TelegramApi,
   store: ApprovalStore,
   log: any,
+  getLastCompletion: () => CompletionSnapshot | null,
+  clearLastCompletion: () => void,
+  getLastResolved: () => ResolvedSnapshot | null,
+  setLastResolved: (next: ResolvedSnapshot | null) => void,
 ): Promise<{ cancel: true } | void> {
+  // If the agent emits NO_REPLY right after an async exec completion event,
+  // convert it into a short delivery so Telegram users still get the result.
+  if (event.content.trim() === "NO_REPLY") {
+    const completion = getLastCompletion();
+    if (completion && Date.now() - completion.capturedAt <= 120_000) {
+      const sentId = await tg.sendMessage(
+        chatId,
+        [
+          "✅ <b>Command completed</b>",
+          "",
+          `<pre>${escapeHtml(completion.output)}</pre>`,
+        ].join("\n"),
+      );
+      if (sentId === null) {
+        log.warn(`[${TAG}] telegram failed to deliver NO_REPLY completion output`);
+      }
+      clearLastCompletion();
+      setLastResolved(null);
+      return { cancel: true };
+    }
+
+    const resolved = getLastResolved();
+    if (resolved && Date.now() - resolved.resolvedAt <= 120_000) {
+      const sentId = await tg.sendMessage(
+        chatId,
+        [
+          "✅ <b>Command completed</b>",
+          "",
+          `<code>${escapeHtml(resolved.command)}</code>`,
+          "",
+          "Output was not forwarded by the agent (NO_REPLY).",
+        ].join("\n"),
+      );
+      if (sentId === null) {
+        log.warn(`[${TAG}] telegram failed to deliver NO_REPLY fallback notice`);
+      }
+      setLastResolved(null);
+      return { cancel: true };
+    }
+
+    if (log?.info) log.info(`[${TAG}] NO_REPLY without completion snapshot`);
+  }
+
   // Check for approval resolution
   const resolution = detectApprovalResult(event.content, store.entries());
   if (resolution) {
     const entry = store.resolve(resolution.id);
     if (entry && entry.channel === "telegram") {
       log.info(`[${TAG}] telegram resolved ${resolution.id.slice(0, 8)}… → ${resolution.action}`);
+      setLastResolved({
+        id: resolution.id,
+        command: entry.info.command,
+        resolvedAt: Date.now(),
+      });
       await tg.editMessageText(
         chatId,
         entry.messageId,
@@ -195,6 +340,27 @@ async function handleTelegram(
   const info = parseApprovalText(event.content);
   if (!info) return;
 
+  const looksLikeAssistantFallback =
+    RE_ASSISTANT_APPROVE_FALLBACK.test(event.content)
+    && !/Exec approval required/i.test(event.content)
+    && !/\bApproval required\b/i.test(event.content);
+
+  // Newer OpenClaw builds already send a native approval card/message.
+  // Suppress the assistant's plain `/approve ...` fallback so users don't
+  // receive a second approval prompt.
+  if (looksLikeAssistantFallback) return { cancel: true };
+
+  // If this is the model's fallback "/approve ..." guidance and we already
+  // converted the native approval prompt, suppress this duplicate text.
+  for (const variant of approvalIdVariants(info.id)) {
+    if (store.has(variant)) return { cancel: true };
+    for (const pendingId of store.entries().keys()) {
+      if (pendingId.startsWith(variant) || variant.startsWith(pendingId)) {
+        return { cancel: true };
+      }
+    }
+  }
+
   if (store.has(info.id)) return { cancel: true };
 
   log.info(`[${TAG}] telegram intercepting ${info.id.slice(0, 8)}…`);

package/lib/approval-parser.ts

@@ -8,11 +8,15 @@ import type { ApprovalAction, ApprovalInfo, ApprovalResolution, SentApproval } f
 // ─── Regex patterns (compiled once) ─────────────────────────────────────────
 
 const RE_APPROVAL_MARKER = /Exec approval required/i;
+const RE_NATIVE_APPROVAL_MARKER = /\bApproval required\b/i;
+const RE_TOOLRESULT_APPROVAL = /Approval required\s*\(id\s+([a-f0-9-]{8,})\s*,\s*full\s+([a-f0-9-]{8,})\)/i;
 const RE_ID = /ID:\s*([a-f0-9-]+)/i;
+const RE_FULL_ID = /Full id:\s*([a-f0-9-]{8,})/i;
+const RE_APPROVE_CMD = /\/approve\s+([a-f0-9-]{8,})\s+(allow-once|allow-always|deny)\b/i;
 const RE_UUID = /([a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12})/i;
 const RE_SHORT_HEX = /\b([a-f0-9]{8,})\b/i;
 const RE_GATEWAY_DENIAL = /Exec denied.*approval-timeout/i;
-const RE_COMMAND_BLOCK = /Command:\s*`{0,3}\n?(.+?)\n?`{0,3}(?:\n|$)/is;
+const RE_COMMAND_BLOCK = /Command:\s*```(?:[a-z0-9_+-]+)?\n([\s\S]+?)\n```/i;
 const RE_COMMAND_INLINE = /Command:\s*(.+)/i;
 const RE_CWD = /CWD:\s*(.+)/i;
 const RE_HOST = /Host:\s*(.+)/i;
@@ -20,6 +24,7 @@ const RE_AGENT = /Agent:\s*(.+)/i;
 const RE_SECURITY = /Security:\s*(.+)/i;
 const RE_ASK = /Ask:\s*(.+)/i;
 const RE_EXPIRES = /Expires in:\s*(.+)/i;
+const RE_PENDING_COMMAND = /Pending command:\s*`{0,3}\n?(.+?)\n?(?:`{0,3})(?:\n|$)/is;
 
 /**
  * Parse OpenClaw's plain-text approval message into an ApprovalInfo object.
@@ -29,14 +34,32 @@ const RE_EXPIRES = /Expires in:\s*(.+)/i;
  * falls back to sensible defaults for missing fields.
  */
 export function parseApprovalText(text: string): ApprovalInfo | null {
-  if (!RE_APPROVAL_MARKER.test(text)) return null;
+  const hasLegacyMarker = RE_APPROVAL_MARKER.test(text);
+  const hasNativeMarker = RE_NATIVE_APPROVAL_MARKER.test(text);
+  const toolResultMatch = text.match(RE_TOOLRESULT_APPROVAL);
+
+  let id = hasLegacyMarker ? text.match(RE_ID)?.[1]?.trim() : undefined;
+
+  if (!id && toolResultMatch) {
+    id = toolResultMatch[2]?.trim() || toolResultMatch[1]?.trim();
+  }
+
+  if (!id && hasNativeMarker) {
+    id = text.match(RE_FULL_ID)?.[1]?.trim();
+  }
+
+  // OpenClaw 2026 format often delivers plain guidance text like:
+  // `/approve <id> allow-once` (with or without markdown backticks).
+  if (!id) {
+    id = text.match(RE_APPROVE_CMD)?.[1]?.trim();
+  }
 
-  const id = text.match(RE_ID)?.[1]?.trim();
   if (!id) return null;
 
-  // Try block format first (```command```), then inline
-  let command = text.match(RE_COMMAND_BLOCK)?.[1]?.trim();
-  if (!command) command = text.match(RE_COMMAND_INLINE)?.[1]?.trim() ?? "unknown";
+  const command = text.match(RE_COMMAND_BLOCK)?.[1]?.trim()
+    ?? text.match(RE_PENDING_COMMAND)?.[1]?.trim()
+    ?? text.match(RE_COMMAND_INLINE)?.[1]?.trim()
+    ?? "approval-pending";
 
   return {
     id,

package/openclaw.plugin.json

@@ -2,7 +2,7 @@
   "id": "telegram-approval-buttons",
   "name": "Telegram Approval Buttons",
   "description": "Adds inline buttons to exec approval messages in Telegram and Slack. Tap to approve/deny without typing commands.",
-  "version": "5.0.1",
+  "version": "5.1.0",
   "configSchema": {
     "type": "object",
     "additionalProperties": false,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "telegram-approval-buttons",
-  "version": "5.0.1",
+  "version": "5.1.0",
   "description": "Inline buttons for exec approval messages in Telegram and Slack — tap to approve/deny without typing commands",
   "type": "module",
   "main": "index.ts",