npm - twinclaw - Versions diffs - 1.1.3 → 1.1.5 - Mend

twinclaw 1.1.3 → 1.1.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/dist/core/cli.js +6 -4
package/dist/core/gateway-cli.js +22 -1
package/dist/core/onboarding.js +74 -10
package/dist/core/simplified-onboarding.js +1 -1
package/dist/index.js +13 -4
package/dist/interfaces/dispatcher.js +43 -4
package/dist/interfaces/telegram_handler.js +8 -2
package/dist/interfaces/whatsapp_handler.js +3 -0
package/package.json +1 -1

package/dist/core/cli.js CHANGED Viewed

@@ -1,3 +1,5 @@
+import { execSync } from 'child_process';
+import { readFileSync } from 'fs';
 import { runDoctorChecks, formatDoctorReport } from './doctor.js';
 // ── Help text ────────────────────────────────────────────────────────────────
 const HELP_TEXT = `
@@ -121,11 +123,11 @@ export function handleUnknownCommand(argv) {
 export function handleUpdateCli(argv) {
     if (argv[0] !== 'update')
         return false;
-    const { execSync } = require('child_process');
     console.log('[TwinClaw] Checking for updates...');
     try {
         // Get current version
-        const currentVersion = require('../../package.json').version;
+        const packageJson = JSON.parse(readFileSync('./package.json', 'utf8'));
+        const currentVersion = packageJson.version;
         console.log(`[TwinClaw] Current version: ${currentVersion}`);
         // Fetch latest version from npm
         const latestVersion = execSync('npm view twinclaw version', { encoding: 'utf8' }).trim();
@@ -136,8 +138,8 @@ export function handleUpdateCli(argv) {
             return true;
         }
         console.log('[TwinClaw] Update available! Installing...');
-        // Install latest version globally
-        execSync('npm install -g twinclaw@latest', { stdio: 'inherit' });
+        // Install latest version globally (--yes to skip prompts)
+        execSync('npm install -g twinclaw@latest --yes', { stdio: 'inherit' });
         console.log(`[TwinClaw] Successfully updated to version ${latestVersion}`);
         console.log('[TwinClaw] Please restart TwinClaw to use the new version.');
         process.exitCode = 0;

package/dist/core/gateway-cli.js CHANGED Viewed

@@ -11,6 +11,7 @@ const GATEWAY_COMMANDS = new Set([
     'status',
     'uninstall',
     'tailscale',
+    'run',
 ]);
 const __filename = fileURLToPath(import.meta.url);
 const __dirname = path.dirname(__filename);
@@ -54,8 +55,10 @@ export function parseGatewayArgs(argv) {
     if (argv[0] !== 'gateway') {
         throw new Error('Gateway parser expects argv beginning with "gateway".');
     }
+    // If no subcommand provided, default to 'run' (interactive mode)
+    const command = argv[1] || 'run';
     const parsed = {
-        command: ensureCommand(argv[1]),
+        command: ensureCommand(command),
         asJson: false,
         deep: false,
     };
@@ -311,6 +314,24 @@ export async function handleGatewayCli(argv) {
             case 'tailscale':
                 console.log(buildTailscaleInstructions(context).trimStart());
                 break;
+            case 'run': {
+                // Run TwinClaw in foreground (interactive mode)
+                console.log('[TwinClaw] Starting TwinClaw in interactive mode...');
+                // Spawn the main application
+                const { spawn } = require('node:child_process');
+                const child = spawn(context.nodePath, [context.entryScript], {
+                    stdio: 'inherit',
+                    env: { ...process.env },
+                });
+                // Wait for the child to exit
+                await new Promise((resolve) => {
+                    child.on('exit', (code) => {
+                        process.exitCode = process.exitCode ?? code ?? 0;
+                        resolve();
+                    });
+                });
+                return true;
+            }
         }
     }
     catch (error) {

package/dist/core/onboarding.js CHANGED Viewed

@@ -8,7 +8,6 @@ import { createSession, saveMessage } from '../services/db.js';
 import { indexConversationTurn, retrieveMemoryContext } from '../services/semantic-memory.js';
 import { ModelRouter } from '../services/model-router.js';
 import { logThought } from '../utils/logger.js';
-import { runSimplifiedOnboarding } from './simplified-onboarding.js';
 const rl = readline.createInterface({
     input: process.stdin,
     output: process.stdout,
@@ -70,7 +69,7 @@ const WIZARD_SECTIONS = [
     {
         id: 'models',
         label: 'Intelligence & Models',
-        fields: ['OPENROUTER_API_KEY', 'MODAL_API_KEY', 'GEMINI_API_KEY', 'GROQ_API_KEY'],
+        fields: ['PRIMARY_MODEL', 'OPENROUTER_API_KEY', 'MODAL_API_KEY', 'GEMINI_API_KEY', 'GROQ_API_KEY'],
     },
     {
         id: 'messaging',
@@ -105,6 +104,18 @@ const ONBOARD_FIELDS = [
         required: true,
         secret: true,
     },
+    {
+        key: 'PRIMARY_MODEL',
+        label: 'Primary Model',
+        hint: 'Required. Model to use as primary (e.g., openai/gpt-4o, anthropic/claude-sonnet-4-20250514).',
+        required: true,
+        validator: (value) => {
+            if (!value.includes('/')) {
+                return 'PRIMARY_MODEL must be in format "provider/model" (e.g., openai/gpt-4o).';
+            }
+            return null;
+        },
+    },
     {
         key: 'OPENROUTER_API_KEY',
         label: 'OpenRouter API Key',
@@ -229,18 +240,52 @@ class ReadlinePrompter {
     }
     async prompt(question, options = {}) {
         const isSecret = options.secret === true;
+        // For secret prompts, use a simpler approach without MutedWriter complexity
         if (isSecret) {
-            process.stdout.write(question);
-            this.#writer.muted = true;
+            return new Promise((resolve, reject) => {
+                this.#pendingReject = reject;
+                // Write question to stdout directly
+                process.stdout.write(question);
+                // Use raw mode to prevent echo
+                const originalRaw = process.stdin.isRaw;
+                process.stdin.setRawMode?.(true);
+                let input = '';
+                const onData = (chunk) => {
+                    const char = chunk.toString();
+                    if (char === '\r' || char === '\n') {
+                        // Enter pressed - finish input
+                        process.stdin.removeListener('data', onData);
+                        process.stdin.setRawMode?.(originalRaw);
+                        process.stdout.write('\n');
+                        this.#pendingReject = null;
+                        resolve(input.trim());
+                    }
+                    else if (char === '\u0003') {
+                        // Ctrl+C
+                        process.stdin.removeListener('data', onData);
+                        process.stdin.setRawMode?.(originalRaw);
+                        reject(new OnboardingCancelledError());
+                    }
+                    else if (char === '\u007f') {
+                        // Backspace
+                        if (input.length > 0) {
+                            input = input.slice(0, -1);
+                            process.stdout.write('\b \b');
+                        }
+                    }
+                    else if (char.length === 1 && char.charCodeAt(0) >= 32) {
+                        // Printable character
+                        input += char;
+                        process.stdout.write('*');
+                    }
+                };
+                process.stdin.on('data', onData);
+            });
         }
         return new Promise((resolve, reject) => {
             this.#pendingReject = reject;
-            this.#rl.question(isSecret ? '' : question, (answer) => {
+            this.#rl.question(question, (answer) => {
                 this.#pendingReject = null;
-                this.#writer.muted = false;
-                if (isSecret) {
-                    process.stdout.write('\n');
-                }
                 resolve(answer.trim());
             });
         });
@@ -278,6 +323,8 @@ function readConfigValue(config, key) {
             return config.integration.embeddingProvider ?? '';
         case 'API_PORT':
             return String(config.runtime.apiPort ?? 3100);
+        case 'PRIMARY_MODEL':
+            return config.models.primaryModel ?? '';
     }
 }
 function applyConfigValue(config, key, value) {
@@ -303,9 +350,23 @@ function applyConfigValue(config, key, value) {
         case 'TELEGRAM_USER_ID':
             config.messaging.telegram.userId =
                 value.trim().length === 0 ? null : Number.parseInt(value.trim(), 10);
+            // Also add to allowlist so user can message themselves
+            if (config.messaging.telegram.userId !== null) {
+                const userIdStr = String(config.messaging.telegram.userId);
+                if (!config.messaging.telegram.allowFrom.includes(userIdStr)) {
+                    config.messaging.telegram.allowFrom.push(userIdStr);
+                }
+            }
             break;
         case 'WHATSAPP_PHONE_NUMBER':
             config.messaging.whatsapp.phoneNumber = value;
+            // Also add to allowlist so user can message themselves
+            if (value && value.trim().length > 0) {
+                const normalizedPhone = value.replace(/\D/g, ''); // Remove non-digits
+                if (!config.messaging.whatsapp.allowFrom.includes(normalizedPhone)) {
+                    config.messaging.whatsapp.allowFrom.push(normalizedPhone);
+                }
+            }
             break;
         case 'EMBEDDING_PROVIDER':
             config.integration.embeddingProvider =
@@ -314,6 +375,9 @@ function applyConfigValue(config, key, value) {
         case 'API_PORT':
             config.runtime.apiPort = Number.parseInt(value, 10);
             break;
+        case 'PRIMARY_MODEL':
+            config.models.primaryModel = value;
+            break;
     }
 }
 function applyUpdates(config, updates) {
@@ -665,7 +729,7 @@ export async function handleOnboardCli(argv) {
     if (argv[0] !== 'onboard') {
         return false;
     }
-    await runSimplifiedOnboarding();
+    await runOnboarding();
     return true;
 }
 export { runSimplifiedOnboarding } from './simplified-onboarding.js';

package/dist/core/simplified-onboarding.js CHANGED Viewed

@@ -283,7 +283,7 @@ Multi-Modal Hooks | Proactive Memory | Voice-First
                         : [];
                 }
                 config.messaging = config.messaging || {
-                    telegram: { enabled: false, botToken: '', userId: null, dmPolicy: 'pairing', groupPolicy: 'allowlist', allowFrom: [] },
+                    telegram: { enabled: false, botToken: '', userId: null, dmPolicy: 'allowlist', groupPolicy: 'allowlist', allowFrom: [] },
                     whatsapp: { enabled: false, phoneNumber: '', dmPolicy: 'allowlist', groupPolicy: 'allowlist', allowFrom: [] },
                     voice: { groqApiKey: '' },
                     inbound: { enabled: false, debounceMs: 0 },

package/dist/index.js CHANGED Viewed

@@ -1,7 +1,7 @@
 #!/usr/bin/env node
 import { createRequire } from 'node:module';
 const require = createRequire(import.meta.url);
-import { handleOnboardCli, runOnboarding, runSetupWizard, runSimplifiedOnboarding, startBasicREPL } from './core/onboarding.js';
+import { handleOnboardCli, runOnboarding, runSetupWizard, startBasicREPL } from './core/onboarding.js';
 import { Gateway } from './core/gateway.js';
 import { handleDoctorCli, handleHelpCli, handleUnknownCommand, handleUpdateCli } from './core/cli.js';
 import { handleSelfImproveCli } from './core/self-improve-cli.js';
@@ -111,7 +111,7 @@ async function tryAutoSetup() {
     catch (error) {
         console.log("\n[TwinClaw] Welcome! Critical configuration missing.");
         console.log("Starting the interactive setup wizard to configure your agent.\n");
-        await runSimplifiedOnboarding();
+        await runOnboarding();
         await runSetupWizard();
         console.log("\n[TwinClaw] Setup complete. Initializing Gateway...\n");
     }
@@ -264,15 +264,24 @@ if (telegramBotToken || whatsappPhoneNumber) {
             }
         }, heartbeat.scheduler);
         queueService.start();
+        // Read from environment variables or default to 'allowlist'
+        const telegramDmPolicy = (process.env.TELEGRAM_DM_POLICY || 'allowlist');
+        const whatsappDmPolicy = (process.env.WHATSAPP_DM_POLICY || 'allowlist');
+        const telegramGroupPolicy = (process.env.TELEGRAM_GROUP_POLICY || 'allowlist');
+        const whatsappGroupPolicy = (process.env.WHATSAPP_GROUP_POLICY || 'allowlist');
         dispatcher = new Dispatcher(telegramHandler, whatsappHandler, sttService, ttsService, gateway, queueService, {
             pairingService,
             telegram: {
-                dmPolicy: 'allowlist',
+                dmPolicy: telegramDmPolicy,
+                groupPolicy: telegramGroupPolicy,
                 allowFrom: telegramAllowFrom,
+                groupAllowFrom: telegramAllowFrom, // Use same allowlist for groups by default
             },
             whatsapp: {
-                dmPolicy: 'allowlist',
+                dmPolicy: whatsappDmPolicy,
+                groupPolicy: whatsappGroupPolicy,
                 allowFrom: whatsappAllowFrom,
+                groupAllowFrom: whatsappAllowFrom, // Use same allowlist for groups by default
             },
         });
         void logThought('[TwinClaw] Messaging dispatcher and persistent queue initialized.');

package/dist/interfaces/dispatcher.js CHANGED Viewed

@@ -6,8 +6,17 @@ import { EmbeddedBlockChunker } from '../services/block-chunker.js';
 import { getConfigValue } from '../config/config-loader.js';
 const DEFAULT_ACCESS_CONFIG = {
     dmPolicy: 'allowlist',
+    groupPolicy: 'allowlist',
     allowFrom: [],
 };
+function buildGroupRejectionMessage(channel) {
+    return (`[TwinClaw] Your message from a group was not processed because group messages are not allowed for ${channel}.\n` +
+        `Please contact the bot owner to request access.`);
+}
+function buildAllowlistRejectionMessage(channel) {
+    return (`[TwinClaw] Your message was not processed because you are not on the allowed list for ${channel}.\n` +
+        `Please contact the bot owner to request access.`);
+}
 function buildPairingChallenge(channel, code) {
     return (`[TwinClaw] Pairing required before I can process your messages on ${channel}.\n` +
         `Run: twinclaw pairing approve ${channel} ${code}`);
@@ -113,12 +122,18 @@ export class Dispatcher {
         }
     }
     #resolveAccessConfig(channel, config) {
-        const dmPolicy = config?.dmPolicy === 'allowlist' ? 'allowlist' : 'pairing';
+        // Default to 'allowlist' - never default to 'pairing' for security
+        const dmPolicy = config?.dmPolicy === 'pairing' ? 'pairing' : 'allowlist';
+        const groupPolicy = config?.groupPolicy ?? 'allowlist';
         const allowFrom = [...new Set((config?.allowFrom ?? DEFAULT_ACCESS_CONFIG.allowFrom)
                 .map((senderId) => normalizePairingSenderId(channel, senderId))
                 .filter((senderId) => senderId.length > 0))];
+        const groupAllowFrom = [...new Set((config?.groupAllowFrom ?? [])
+                .map((senderId) => normalizePairingSenderId(channel, senderId))
+                .filter((senderId) => senderId.length > 0))];
         this.#pairingService.seedAllowFrom(channel, allowFrom);
-        return { dmPolicy, allowFrom };
+        this.#pairingService.seedAllowFrom(channel, groupAllowFrom);
+        return { dmPolicy, groupPolicy, allowFrom, groupAllowFrom };
     }
     #authorizeSender(message) {
         const channel = message.platform;
@@ -127,12 +142,36 @@ export class Dispatcher {
             return { allowed: false };
         }
         const config = this.#accessConfig[message.platform];
-        const allowlist = new Set(config.allowFrom);
+        const isGroupChat = message.isGroupChat ?? false;
+        // Determine which allowlist to use based on group/dm
+        const allowlist = isGroupChat
+            ? new Set(config.groupAllowFrom ?? [])
+            : new Set(config.allowFrom);
+        // Check if sender is already allowed
         if (allowlist.has(normalizedSenderId) || this.#pairingService.isApproved(channel, normalizedSenderId)) {
             return { allowed: true };
         }
+        // Apply group policy if this is a group chat
+        if (isGroupChat) {
+            if (config.groupPolicy === 'open') {
+                return { allowed: true };
+            }
+            if (config.groupPolicy === 'denylist') {
+                // Check if sender is on denylist (for future implementation)
+                return { allowed: true }; // Allow by default for now, denylist check can be added later
+            }
+            // groupPolicy === 'allowlist' - sender not in groupAllowFrom, reject
+            return {
+                allowed: false,
+                challengeText: buildGroupRejectionMessage(channel),
+            };
+        }
+        // DM policy check for non-group chats
         if (config.dmPolicy !== 'pairing') {
-            return { allowed: false };
+            return {
+                allowed: false,
+                challengeText: buildAllowlistRejectionMessage(channel),
+            };
         }
         const request = this.#pairingService.requestPairing(channel, normalizedSenderId);
         if (request.status === 'created' && request.request) {

package/dist/interfaces/telegram_handler.js CHANGED Viewed

@@ -34,10 +34,13 @@ export class TelegramHandler {
             if (!msg.from)
                 return;
             await this.#applyRateLimit();
+            // Detect if this is a group chat (group or supergroup)
+            const isGroupChat = msg.chat.type === 'group' || msg.chat.type === 'supergroup';
             const base = {
                 platform: 'telegram',
                 senderId: String(msg.from.id),
                 chatId: msg.chat.id,
+                isGroupChat,
                 text: msg.text,
                 rawPayload: msg,
             };
@@ -54,10 +57,13 @@ export class TelegramHandler {
                 }
                 catch (err) {
                     console.error('[TelegramHandler] Failed to download voice note:', err);
+                    // Continue to process text below instead of returning
                 }
-                return;
             }
-            await this.onMessage?.(base);
+            // Process text - this runs whether voice succeeded or failed
+            if (msg.text || base.text) {
+                await this.onMessage?.({ ...base, text: msg.text || base.text });
+            }
         });
         this.#bot.on('polling_error', (err) => {
             console.error('[TelegramHandler] Polling error:', err.message);

package/dist/interfaces/whatsapp_handler.js CHANGED Viewed

@@ -116,10 +116,13 @@ export class WhatsAppHandler {
         // Incoming messages
         this.#client.on('message', async (msg) => {
             await this.#applyRateLimit();
+            // Detect if this is a group chat (group chats have @g.us in the ID)
+            const isGroupChat = msg.from.includes('@g.us');
             const base = {
                 platform: 'whatsapp',
                 senderId: msg.from,
                 chatId: msg.from,
+                isGroupChat,
                 text: msg.body,
                 rawPayload: msg,
             };

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "twinclaw",
-  "version": "1.1.3",
+  "version": "1.1.5",
   "description": "Eagle-eyed agentic AI gateway with multi-modal hooks and proactive memory.",
   "main": "dist/index.js",
   "bin": {