Merge branch 'moltbot:main' into main
This commit is contained in:
commit
39a1fafcfa
@ -66,11 +66,14 @@ Status: beta.
|
||||
- Slack: clear ack reaction after streamed replies. (#2044) Thanks @fancyboi999.
|
||||
- macOS: keep custom SSH usernames in remote target. (#2046) Thanks @algal.
|
||||
- CLI: use Node's module compile cache for faster startup. (#2808) Thanks @pi0.
|
||||
- Routing: add per-account DM session scope and document multi-account isolation. (#3095) Thanks @jarvis-sam.
|
||||
|
||||
### Breaking
|
||||
- **BREAKING:** Gateway auth mode "none" is removed; gateway now requires token/password (Tailscale Serve identity still allowed).
|
||||
|
||||
### Fixes
|
||||
- Discord: restore username directory lookup in target resolution. (#3131) Thanks @bonald.
|
||||
- Agents: align MiniMax base URL test expectation with default provider config. (#3131) Thanks @bonald.
|
||||
- Agents: prevent retries on oversized image errors and surface size limits. (#2871) Thanks @Suksham-sharma.
|
||||
- Agents: inherit provider baseUrl/api for inline models. (#2740) Thanks @lploc94.
|
||||
- Memory Search: keep auto provider model defaults and only include remote when configured. (#2576) Thanks @papago2355.
|
||||
@ -78,6 +81,7 @@ Status: beta.
|
||||
- Web UI: auto-expand the chat compose textarea while typing (with sensible max height). (#2950) Thanks @shivamraut101.
|
||||
- Gateway: prevent crashes on transient network errors (fetch failures, timeouts, DNS). Added fatal error detection to only exit on truly critical errors. Fixes #2895, #2879, #2873. (#2980) Thanks @elliotsecops.
|
||||
- Agents: guard channel tool listActions to avoid plugin crashes. (#2859) Thanks @mbelinky.
|
||||
- Discord: stop resolveDiscordTarget from passing directory params into messaging target parsers. Fixes #3167. Thanks @thewilloftheshadow.
|
||||
- Discord: avoid resolving bare channel names to user DMs when a username matches. Thanks @thewilloftheshadow.
|
||||
- Discord: fix directory config type import for target resolution. Thanks @thewilloftheshadow.
|
||||
- Providers: update MiniMax API endpoint and compatibility mode. (#3064) Thanks @hlbbbbbbb.
|
||||
|
||||
@ -20,5 +20,5 @@ moltbot security audit --deep
|
||||
moltbot security audit --fix
|
||||
```
|
||||
|
||||
The audit warns when multiple DM senders share the main session and recommends `session.dmScope="per-channel-peer"` for shared inboxes.
|
||||
The audit warns when multiple DM senders share the main session and recommends `session.dmScope="per-channel-peer"` (or `per-account-channel-peer` for multi-account channels) for shared inboxes.
|
||||
It also warns when small models (`<=300B`) are used without sandboxing and with web/browser tools enabled.
|
||||
|
||||
@ -11,7 +11,8 @@ Use `session.dmScope` to control how **direct messages** are grouped:
|
||||
- `main` (default): all DMs share the main session for continuity.
|
||||
- `per-peer`: isolate by sender id across channels.
|
||||
- `per-channel-peer`: isolate by channel + sender (recommended for multi-user inboxes).
|
||||
Use `session.identityLinks` to map provider-prefixed peer ids to a canonical identity so the same person shares a DM session across channels when using `per-peer` or `per-channel-peer`.
|
||||
- `per-account-channel-peer`: isolate by account + channel + sender (recommended for multi-account inboxes).
|
||||
Use `session.identityLinks` to map provider-prefixed peer ids to a canonical identity so the same person shares a DM session across channels when using `per-peer`, `per-channel-peer`, or `per-account-channel-peer`.
|
||||
|
||||
## Gateway is the source of truth
|
||||
All session state is **owned by the gateway** (the “master” Moltbot). UI clients (macOS app, WebChat, etc.) must query the gateway for session lists and token counts instead of reading local files.
|
||||
@ -44,6 +45,7 @@ the workspace is writable. See [Memory](/concepts/memory) and
|
||||
- Multiple phone numbers and channels can map to the same agent main key; they act as transports into one conversation.
|
||||
- `per-peer`: `agent:<agentId>:dm:<peerId>`.
|
||||
- `per-channel-peer`: `agent:<agentId>:<channel>:dm:<peerId>`.
|
||||
- `per-account-channel-peer`: `agent:<agentId>:<channel>:<accountId>:dm:<peerId>` (accountId defaults to `default`).
|
||||
- If `session.identityLinks` matches a provider-prefixed peer id (for example `telegram:123`), the canonical key replaces `<peerId>` so the same person shares a session across channels.
|
||||
- Group chats isolate state: `agent:<agentId>:<channel>:group:<id>` (rooms/channels use `agent:<agentId>:<channel>:channel:<id>`).
|
||||
- Telegram forum topics append `:topic:<threadId>` to the group id for isolation.
|
||||
@ -94,7 +96,7 @@ Send these as standalone messages so they register.
|
||||
{
|
||||
session: {
|
||||
scope: "per-sender", // keep group keys separate
|
||||
dmScope: "main", // DM continuity (set per-channel-peer for shared inboxes)
|
||||
dmScope: "main", // DM continuity (set per-channel-peer/per-account-channel-peer for shared inboxes)
|
||||
identityLinks: {
|
||||
alice: ["telegram:123456789", "discord:987654321012345678"]
|
||||
},
|
||||
|
||||
@ -2657,7 +2657,8 @@ Fields:
|
||||
- `main`: all DMs share the main session for continuity.
|
||||
- `per-peer`: isolate DMs by sender id across channels.
|
||||
- `per-channel-peer`: isolate DMs per channel + sender (recommended for multi-user inboxes).
|
||||
- `identityLinks`: map canonical ids to provider-prefixed peers so the same person shares a DM session across channels when using `per-peer` or `per-channel-peer`.
|
||||
- `per-account-channel-peer`: isolate DMs per account + channel + sender (recommended for multi-account inboxes).
|
||||
- `identityLinks`: map canonical ids to provider-prefixed peers so the same person shares a DM session across channels when using `per-peer`, `per-channel-peer`, or `per-account-channel-peer`.
|
||||
- Example: `alice: ["telegram:123456789", "discord:987654321012345678"]`.
|
||||
- `reset`: primary reset policy. Defaults to daily resets at 4:00 AM local time on the gateway host.
|
||||
- `mode`: `daily` or `idle` (default: `daily` when `reset` is present).
|
||||
|
||||
@ -199,7 +199,7 @@ By default, Moltbot routes **all DMs into the main session** so your assistant h
|
||||
}
|
||||
```
|
||||
|
||||
This prevents cross-user context leakage while keeping group chats isolated. If the same person contacts you on multiple channels, use `session.identityLinks` to collapse those DM sessions into one canonical identity. See [Session Management](/concepts/session) and [Configuration](/gateway/configuration).
|
||||
This prevents cross-user context leakage while keeping group chats isolated. If you run multiple accounts on the same channel, use `per-account-channel-peer` instead. If the same person contacts you on multiple channels, use `session.identityLinks` to collapse those DM sessions into one canonical identity. See [Session Management](/concepts/session) and [Configuration](/gateway/configuration).
|
||||
|
||||
## Allowlists (DM + groups) — terminology
|
||||
|
||||
|
||||
@ -1,101 +0,0 @@
|
||||
---
|
||||
name: bitwarden
|
||||
description: Manage passwords and credentials via Bitwarden CLI (bw). Use for storing, retrieving, creating, or updating logins, credit cards, secure notes, and identities. Trigger when automating authentication, filling payment forms, or managing secrets programmatically.
|
||||
---
|
||||
|
||||
# Bitwarden CLI
|
||||
|
||||
Full read/write vault access via `bw` command.
|
||||
|
||||
## Prerequisites
|
||||
|
||||
```bash
|
||||
brew install bitwarden-cli
|
||||
bw login <email> # one-time, prompts for master password
|
||||
```
|
||||
|
||||
## Session Management
|
||||
|
||||
Bitwarden requires an unlocked session. Use the helper script:
|
||||
|
||||
```bash
|
||||
source scripts/bw-session.sh <master_password>
|
||||
# Sets BW_SESSION env var
|
||||
```
|
||||
|
||||
Or manually:
|
||||
```bash
|
||||
export BW_SESSION=$(echo '<password>' | bw unlock --raw)
|
||||
bw sync # always sync after unlock
|
||||
```
|
||||
|
||||
## Common Operations
|
||||
|
||||
### Retrieve credentials
|
||||
```bash
|
||||
bw get password "Site Name"
|
||||
bw get username "Site Name"
|
||||
bw get item "Site Name" --pretty | jq '.login'
|
||||
```
|
||||
|
||||
### Create login
|
||||
```bash
|
||||
bw get template item | jq '
|
||||
.type = 1 |
|
||||
.name = "Site Name" |
|
||||
.login.username = "user@email.com" |
|
||||
.login.password = "secret123" |
|
||||
.login.uris = [{uri: "https://example.com"}]
|
||||
' | bw encode | bw create item
|
||||
```
|
||||
|
||||
### Create credit card
|
||||
```bash
|
||||
bw get template item | jq '
|
||||
.type = 3 |
|
||||
.name = "Card Name" |
|
||||
.card.cardholderName = "John Doe" |
|
||||
.card.brand = "Visa" |
|
||||
.card.number = "4111111111111111" |
|
||||
.card.expMonth = "12" |
|
||||
.card.expYear = "2030" |
|
||||
.card.code = "123"
|
||||
' | bw encode | bw create item
|
||||
```
|
||||
|
||||
### Get card for payment automation
|
||||
```bash
|
||||
bw get item "Card Name" | jq -r '.card | "\(.number) \(.expMonth)/\(.expYear) \(.code)"'
|
||||
```
|
||||
|
||||
### List items
|
||||
```bash
|
||||
bw list items | jq -r '.[] | "\(.type)|\(.name)"'
|
||||
# Types: 1=login, 2=note, 3=card, 4=identity
|
||||
```
|
||||
|
||||
### Search
|
||||
```bash
|
||||
bw list items --search "vilaviniteca" | jq '.[0]'
|
||||
```
|
||||
|
||||
## Item Types
|
||||
|
||||
| Type | Value | Use |
|
||||
|------|-------|-----|
|
||||
| Login | 1 | Website credentials |
|
||||
| Secure Note | 2 | Freeform text |
|
||||
| Card | 3 | Credit/debit cards |
|
||||
| Identity | 4 | Personal info |
|
||||
|
||||
## References
|
||||
|
||||
- [templates.md](references/templates.md) — Full jq templates for all item types
|
||||
- [Bitwarden CLI docs](https://bitwarden.com/help/cli/)
|
||||
|
||||
## Tips
|
||||
|
||||
1. **Always sync** after creating/editing items: `bw sync`
|
||||
2. **Session expires** — re-unlock if you get auth errors
|
||||
3. **Delete sensitive messages** after receiving credentials
|
||||
4. **Card numbers** may not import from other managers (security restriction)
|
||||
@ -1,116 +0,0 @@
|
||||
# Bitwarden Item Templates
|
||||
|
||||
jq patterns for creating vault items via CLI.
|
||||
|
||||
## Login (type=1)
|
||||
|
||||
```bash
|
||||
bw get template item | jq '
|
||||
.type = 1 |
|
||||
.name = "Example Site" |
|
||||
.notes = "Optional notes" |
|
||||
.favorite = false |
|
||||
.login.username = "user@example.com" |
|
||||
.login.password = "secretPassword123" |
|
||||
.login.totp = "otpauth://totp/..." |
|
||||
.login.uris = [
|
||||
{uri: "https://example.com", match: null},
|
||||
{uri: "https://app.example.com", match: null}
|
||||
]
|
||||
' | bw encode | bw create item
|
||||
```
|
||||
|
||||
## Credit Card (type=3)
|
||||
|
||||
```bash
|
||||
bw get template item | jq '
|
||||
.type = 3 |
|
||||
.name = "Visa ending 1234" |
|
||||
.notes = "Primary card" |
|
||||
.card.cardholderName = "JOHN DOE" |
|
||||
.card.brand = "Visa" |
|
||||
.card.number = "4111111111111111" |
|
||||
.card.expMonth = "12" |
|
||||
.card.expYear = "2030" |
|
||||
.card.code = "123"
|
||||
' | bw encode | bw create item
|
||||
```
|
||||
|
||||
**Brands:** Visa, Mastercard, Amex, Discover, Diners Club, JCB, Maestro, UnionPay, Other
|
||||
|
||||
## Secure Note (type=2)
|
||||
|
||||
```bash
|
||||
bw get template item | jq '
|
||||
.type = 2 |
|
||||
.name = "API Keys" |
|
||||
.notes = "OPENAI_KEY=sk-xxx\nANTHROPIC_KEY=sk-ant-xxx" |
|
||||
.secureNote.type = 0
|
||||
' | bw encode | bw create item
|
||||
```
|
||||
|
||||
## Identity (type=4)
|
||||
|
||||
```bash
|
||||
bw get template item | jq '
|
||||
.type = 4 |
|
||||
.name = "Personal Info" |
|
||||
.identity.title = "Mr" |
|
||||
.identity.firstName = "John" |
|
||||
.identity.lastName = "Doe" |
|
||||
.identity.email = "john@example.com" |
|
||||
.identity.phone = "+34612345678" |
|
||||
.identity.address1 = "123 Main St" |
|
||||
.identity.city = "Barcelona" |
|
||||
.identity.state = "Catalunya" |
|
||||
.identity.postalCode = "08001" |
|
||||
.identity.country = "ES"
|
||||
' | bw encode | bw create item
|
||||
```
|
||||
|
||||
## Edit Existing Item
|
||||
|
||||
```bash
|
||||
# Get item, modify, update
|
||||
bw get item <id> | jq '.login.password = "newPassword"' | bw encode | bw edit item <id>
|
||||
```
|
||||
|
||||
## Custom Fields
|
||||
|
||||
```bash
|
||||
bw get template item | jq '
|
||||
.type = 1 |
|
||||
.name = "With Custom Fields" |
|
||||
.fields = [
|
||||
{name: "Security Question", value: "Pet name", type: 0},
|
||||
{name: "PIN", value: "1234", type: 1}
|
||||
]
|
||||
' | bw encode | bw create item
|
||||
```
|
||||
|
||||
**Field types:** 0=text, 1=hidden, 2=boolean
|
||||
|
||||
## Retrieve Patterns
|
||||
|
||||
```bash
|
||||
# Password only
|
||||
bw get password "Site Name"
|
||||
|
||||
# Username only
|
||||
bw get username "Site Name"
|
||||
|
||||
# Full login object
|
||||
bw get item "Site Name" | jq '.login'
|
||||
|
||||
# Card number
|
||||
bw get item "Card Name" | jq -r '.card.number'
|
||||
|
||||
# All card fields for form filling
|
||||
bw get item "Card Name" | jq -r '.card | [.number, .expMonth, .expYear, .code] | @tsv'
|
||||
|
||||
# Search by URL
|
||||
bw list items --url "example.com" | jq '.[0].login'
|
||||
|
||||
# List all cards
|
||||
bw list items | jq '.[] | select(.type == 3) | .name'
|
||||
```
|
||||
@ -1,33 +0,0 @@
|
||||
#!/bin/bash
|
||||
# Unlock Bitwarden vault and export session key
|
||||
# Usage: source bw-session.sh <master_password>
|
||||
# Or: source bw-session.sh (prompts for password)
|
||||
|
||||
set -e
|
||||
|
||||
if [ -n "$1" ]; then
|
||||
MASTER_PW="$1"
|
||||
else
|
||||
read -sp "Bitwarden master password: " MASTER_PW
|
||||
echo
|
||||
fi
|
||||
|
||||
# Check if already logged in
|
||||
if ! bw login --check &>/dev/null; then
|
||||
echo "Not logged in. Run: bw login <email>"
|
||||
return 1
|
||||
fi
|
||||
|
||||
# Unlock and get session
|
||||
export BW_SESSION=$(echo "$MASTER_PW" | bw unlock --raw 2>/dev/null)
|
||||
|
||||
if [ -z "$BW_SESSION" ]; then
|
||||
echo "Failed to unlock vault"
|
||||
return 1
|
||||
fi
|
||||
|
||||
# Sync to get latest
|
||||
bw sync &>/dev/null
|
||||
|
||||
echo "✓ Vault unlocked and synced"
|
||||
echo "Session valid for this shell"
|
||||
@ -136,7 +136,7 @@ describe("models-config", () => {
|
||||
}
|
||||
>;
|
||||
};
|
||||
expect(parsed.providers.minimax?.baseUrl).toBe("https://api.minimax.io/anthropic");
|
||||
expect(parsed.providers.minimax?.baseUrl).toBe("https://api.minimax.chat/v1");
|
||||
expect(parsed.providers.minimax?.apiKey).toBe("MINIMAX_API_KEY");
|
||||
const ids = parsed.providers.minimax?.models?.map((model) => model.id);
|
||||
expect(ids).toContain("MiniMax-M2.1");
|
||||
|
||||
@ -275,7 +275,7 @@ describe("image tool MiniMax VLM routing", () => {
|
||||
|
||||
expect(fetch).toHaveBeenCalledTimes(1);
|
||||
const [url, init] = fetch.mock.calls[0];
|
||||
expect(String(url)).toBe("https://api.minimax.io/v1/coding_plan/vlm");
|
||||
expect(String(url)).toBe("https://api.minimax.chat/v1/coding_plan/vlm");
|
||||
expect(init?.method).toBe("POST");
|
||||
expect(String((init?.headers as Record<string, string>)?.Authorization)).toBe(
|
||||
"Bearer minimax-test",
|
||||
|
||||
@ -1,3 +1,6 @@
|
||||
export type { DirectoryConfigParams } from "./plugins/directory-config.js";
|
||||
export type { ChannelDirectoryEntry } from "./plugins/types.js";
|
||||
|
||||
export type MessagingTargetKind = "user" | "channel";
|
||||
|
||||
export type MessagingTarget = {
|
||||
|
||||
@ -124,7 +124,7 @@ export async function noteSecurityWarnings(cfg: MoltbotConfig) {
|
||||
|
||||
if (dmScope === "main" && isMultiUserDm) {
|
||||
warnings.push(
|
||||
`- ${params.label} DMs: multiple senders share the main session; set session.dmScope="per-channel-peer" to isolate sessions.`,
|
||||
`- ${params.label} DMs: multiple senders share the main session; set session.dmScope="per-channel-peer" (or "per-account-channel-peer" for multi-account channels) to isolate sessions.`,
|
||||
);
|
||||
}
|
||||
};
|
||||
|
||||
@ -190,7 +190,7 @@ async function noteChannelPrimer(
|
||||
"DM security: default is pairing; unknown DMs get a pairing code.",
|
||||
`Approve with: ${formatCliCommand("moltbot pairing approve <channel> <code>")}`,
|
||||
'Public DMs require dmPolicy="open" + allowFrom=["*"].',
|
||||
'Multi-user DMs: set session.dmScope="per-channel-peer" to isolate sessions.',
|
||||
'Multi-user DMs: set session.dmScope="per-channel-peer" (or "per-account-channel-peer" for multi-account channels) to isolate sessions.',
|
||||
`Docs: ${formatDocsLink("/start/pairing", "start/pairing")}`,
|
||||
"",
|
||||
...channelLines,
|
||||
@ -238,7 +238,7 @@ async function maybeConfigureDmPolicies(params: {
|
||||
`Approve: ${formatCliCommand(`moltbot pairing approve ${policy.channel} <code>`)}`,
|
||||
`Allowlist DMs: ${policy.policyKey}="allowlist" + ${policy.allowFromKey} entries.`,
|
||||
`Public DMs: ${policy.policyKey}="open" + ${policy.allowFromKey} includes "*".`,
|
||||
'Multi-user DMs: set session.dmScope="per-channel-peer" to isolate sessions.',
|
||||
'Multi-user DMs: set session.dmScope="per-channel-peer" (or "per-account-channel-peer" for multi-account channels) to isolate sessions.',
|
||||
`Docs: ${formatDocsLink("/start/pairing", "start/pairing")}`,
|
||||
].join("\n"),
|
||||
`${policy.label} DM access`,
|
||||
|
||||
@ -591,7 +591,7 @@ const FIELD_HELP: Record<string, string> = {
|
||||
"commands.restart": "Allow /restart and gateway restart tool actions (default: false).",
|
||||
"commands.useAccessGroups": "Enforce access-group allowlists/policies for commands.",
|
||||
"session.dmScope":
|
||||
'DM session scoping: "main" keeps continuity; "per-peer" or "per-channel-peer" isolates DM history (recommended for shared inboxes).',
|
||||
'DM session scoping: "main" keeps continuity; "per-peer", "per-channel-peer", or "per-account-channel-peer" isolates DM history (recommended for shared inboxes/multi-account).',
|
||||
"session.identityLinks":
|
||||
"Map canonical identities to provider-prefixed peer IDs for DM session linking (example: telegram:123456).",
|
||||
"channels.telegram.configWrites":
|
||||
|
||||
@ -3,7 +3,7 @@ import type { NormalizedChatType } from "../channels/chat-type.js";
|
||||
export type ReplyMode = "text" | "command";
|
||||
export type TypingMode = "never" | "instant" | "thinking" | "message";
|
||||
export type SessionScope = "per-sender" | "global";
|
||||
export type DmScope = "main" | "per-peer" | "per-channel-peer";
|
||||
export type DmScope = "main" | "per-peer" | "per-channel-peer" | "per-account-channel-peer";
|
||||
export type ReplyToMode = "off" | "first" | "all";
|
||||
export type GroupPolicy = "open" | "disabled" | "allowlist";
|
||||
export type DmPolicy = "pairing" | "allowlist" | "open" | "disabled";
|
||||
|
||||
@ -20,7 +20,12 @@ export const SessionSchema = z
|
||||
.object({
|
||||
scope: z.union([z.literal("per-sender"), z.literal("global")]).optional(),
|
||||
dmScope: z
|
||||
.union([z.literal("main"), z.literal("per-peer"), z.literal("per-channel-peer")])
|
||||
.union([
|
||||
z.literal("main"),
|
||||
z.literal("per-peer"),
|
||||
z.literal("per-channel-peer"),
|
||||
z.literal("per-account-channel-peer"),
|
||||
])
|
||||
.optional(),
|
||||
identityLinks: z.record(z.string(), z.array(z.string())).optional(),
|
||||
resetTriggers: z.array(z.string()).optional(),
|
||||
|
||||
@ -118,19 +118,26 @@ export async function parseAndResolveRecipient(
|
||||
const accountInfo = resolveDiscordAccount({ cfg, accountId });
|
||||
|
||||
// First try to resolve using directory lookup (handles usernames)
|
||||
const resolved = await resolveDiscordTarget(raw, {
|
||||
cfg,
|
||||
accountId: accountInfo.accountId,
|
||||
});
|
||||
const trimmed = raw.trim();
|
||||
const parseOptions = {
|
||||
ambiguousMessage: `Ambiguous Discord recipient "${trimmed}". Use "user:${trimmed}" for DMs or "channel:${trimmed}" for channel messages.`,
|
||||
};
|
||||
|
||||
const resolved = await resolveDiscordTarget(
|
||||
raw,
|
||||
{
|
||||
cfg,
|
||||
accountId: accountInfo.accountId,
|
||||
},
|
||||
parseOptions,
|
||||
);
|
||||
|
||||
if (resolved) {
|
||||
return { kind: resolved.kind, id: resolved.id };
|
||||
}
|
||||
|
||||
// Fallback to standard parsing (for channels, etc.)
|
||||
const parsed = parseDiscordTarget(raw, {
|
||||
ambiguousMessage: `Ambiguous Discord recipient "${raw.trim()}". Use "user:${raw.trim()}" for DMs or "channel:${raw.trim()}" for channel messages.`,
|
||||
});
|
||||
const parsed = parseDiscordTarget(raw, parseOptions);
|
||||
|
||||
if (!parsed) {
|
||||
throw new Error("Recipient is required for Discord sends");
|
||||
|
||||
@ -10,7 +10,6 @@ import {
|
||||
import type { DirectoryConfigParams } from "../channels/plugins/directory-config.js";
|
||||
|
||||
import { listDiscordDirectoryPeersLive } from "./directory-live.js";
|
||||
import { resolveDiscordAccount } from "./accounts.js";
|
||||
|
||||
export type DiscordTargetKind = MessagingTargetKind;
|
||||
|
||||
@ -72,22 +71,25 @@ export function resolveDiscordChannelId(raw: string): string {
|
||||
*
|
||||
* @param raw - The username or raw target string (e.g., "john.doe")
|
||||
* @param options - Directory configuration params (cfg, accountId, limit)
|
||||
* @param parseOptions - Messaging target parsing options (defaults, ambiguity message)
|
||||
* @returns Parsed MessagingTarget with user ID, or undefined if not found
|
||||
*/
|
||||
export async function resolveDiscordTarget(
|
||||
raw: string,
|
||||
options: DirectoryConfigParams,
|
||||
parseOptions: DiscordTargetParseOptions = {},
|
||||
): Promise<MessagingTarget | undefined> {
|
||||
const trimmed = raw.trim();
|
||||
if (!trimmed) return undefined;
|
||||
|
||||
const shouldLookup = isExplicitUserLookup(trimmed, options);
|
||||
const directParse = safeParseDiscordTarget(trimmed, options);
|
||||
if (directParse && directParse.kind !== "channel") {
|
||||
const likelyUsername = isLikelyUsername(trimmed);
|
||||
const shouldLookup = isExplicitUserLookup(trimmed, parseOptions) || likelyUsername;
|
||||
const directParse = safeParseDiscordTarget(trimmed, parseOptions);
|
||||
if (directParse && directParse.kind !== "channel" && !likelyUsername) {
|
||||
return directParse;
|
||||
}
|
||||
if (!shouldLookup) {
|
||||
return directParse ?? parseDiscordTarget(trimmed, options);
|
||||
return directParse ?? parseDiscordTarget(trimmed, parseOptions);
|
||||
}
|
||||
|
||||
// Try to resolve as a username via directory lookup
|
||||
@ -104,13 +106,13 @@ export async function resolveDiscordTarget(
|
||||
const userId = match.id.replace(/^user:/, "");
|
||||
return buildMessagingTarget("user", userId, trimmed);
|
||||
}
|
||||
} catch (error) {
|
||||
} catch {
|
||||
// Directory lookup failed - fall through to parse as-is
|
||||
// This preserves existing behavior for channel names
|
||||
}
|
||||
|
||||
// Fallback to original parsing (for channels, etc.)
|
||||
return parseDiscordTarget(trimmed, options);
|
||||
return parseDiscordTarget(trimmed, parseOptions);
|
||||
}
|
||||
|
||||
function safeParseDiscordTarget(
|
||||
@ -139,3 +141,16 @@ function isExplicitUserLookup(input: string, options: DiscordTargetParseOptions)
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if a string looks like a Discord username (not a mention, prefix, or ID).
|
||||
* Usernames typically don't start with special characters except underscore.
|
||||
*/
|
||||
function isLikelyUsername(input: string): boolean {
|
||||
// Skip if it's already a known format
|
||||
if (/^(user:|channel:|discord:|@|<@!?)|[\d]+$/.test(input)) {
|
||||
return false;
|
||||
}
|
||||
// Likely a username if it doesn't match known patterns
|
||||
return true;
|
||||
}
|
||||
|
||||
@ -23,7 +23,7 @@ Automatically saves session context to your workspace memory when you issue the
|
||||
When you run `/new` to start a fresh session:
|
||||
|
||||
1. **Finds the previous session** - Uses the pre-reset session entry to locate the correct transcript
|
||||
2. **Extracts conversation** - Reads the last 15 lines of conversation from the session
|
||||
2. **Extracts conversation** - Reads the last N user/assistant messages from the session (default: 15, configurable)
|
||||
3. **Generates descriptive slug** - Uses LLM to create a meaningful filename slug based on conversation content
|
||||
4. **Saves to memory** - Creates a new file at `<workspace>/memory/YYYY-MM-DD-slug.md`
|
||||
5. **Sends confirmation** - Notifies you with the file path
|
||||
@ -57,7 +57,30 @@ The hook uses your configured LLM provider to generate slugs, so it works with a
|
||||
|
||||
## Configuration
|
||||
|
||||
No additional configuration required. The hook automatically:
|
||||
The hook supports optional configuration:
|
||||
|
||||
| Option | Type | Default | Description |
|
||||
| ---------- | ------ | ------- | --------------------------------------------------------------- |
|
||||
| `messages` | number | 15 | Number of user/assistant messages to include in the memory file |
|
||||
|
||||
Example configuration:
|
||||
|
||||
```json
|
||||
{
|
||||
"hooks": {
|
||||
"internal": {
|
||||
"entries": {
|
||||
"session-memory": {
|
||||
"enabled": true,
|
||||
"messages": 25
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
The hook automatically:
|
||||
|
||||
- Uses your workspace directory (`~/clawd` by default)
|
||||
- Uses your configured LLM for slug generation
|
||||
|
||||
379
src/hooks/bundled/session-memory/handler.test.ts
Normal file
379
src/hooks/bundled/session-memory/handler.test.ts
Normal file
@ -0,0 +1,379 @@
|
||||
import fs from "node:fs/promises";
|
||||
import path from "node:path";
|
||||
|
||||
import { describe, expect, it } from "vitest";
|
||||
|
||||
import handler from "./handler.js";
|
||||
import { createHookEvent } from "../../hooks.js";
|
||||
import type { ClawdbotConfig } from "../../../config/config.js";
|
||||
import { makeTempWorkspace, writeWorkspaceFile } from "../../../test-helpers/workspace.js";
|
||||
|
||||
/**
|
||||
* Create a mock session JSONL file with various entry types
|
||||
*/
|
||||
function createMockSessionContent(
|
||||
entries: Array<{ role: string; content: string } | { type: string }>,
|
||||
): string {
|
||||
return entries
|
||||
.map((entry) => {
|
||||
if ("role" in entry) {
|
||||
return JSON.stringify({
|
||||
type: "message",
|
||||
message: {
|
||||
role: entry.role,
|
||||
content: entry.content,
|
||||
},
|
||||
});
|
||||
}
|
||||
// Non-message entry (tool call, system, etc.)
|
||||
return JSON.stringify(entry);
|
||||
})
|
||||
.join("\n");
|
||||
}
|
||||
|
||||
describe("session-memory hook", () => {
|
||||
it("skips non-command events", async () => {
|
||||
const tempDir = await makeTempWorkspace("clawdbot-session-memory-");
|
||||
|
||||
const event = createHookEvent("agent", "bootstrap", "agent:main:main", {
|
||||
workspaceDir: tempDir,
|
||||
});
|
||||
|
||||
await handler(event);
|
||||
|
||||
// Memory directory should not be created for non-command events
|
||||
const memoryDir = path.join(tempDir, "memory");
|
||||
await expect(fs.access(memoryDir)).rejects.toThrow();
|
||||
});
|
||||
|
||||
it("skips commands other than new", async () => {
|
||||
const tempDir = await makeTempWorkspace("clawdbot-session-memory-");
|
||||
|
||||
const event = createHookEvent("command", "help", "agent:main:main", {
|
||||
workspaceDir: tempDir,
|
||||
});
|
||||
|
||||
await handler(event);
|
||||
|
||||
// Memory directory should not be created for other commands
|
||||
const memoryDir = path.join(tempDir, "memory");
|
||||
await expect(fs.access(memoryDir)).rejects.toThrow();
|
||||
});
|
||||
|
||||
it("creates memory file with session content on /new command", async () => {
|
||||
const tempDir = await makeTempWorkspace("clawdbot-session-memory-");
|
||||
const sessionsDir = path.join(tempDir, "sessions");
|
||||
await fs.mkdir(sessionsDir, { recursive: true });
|
||||
|
||||
// Create a mock session file with user/assistant messages
|
||||
const sessionContent = createMockSessionContent([
|
||||
{ role: "user", content: "Hello there" },
|
||||
{ role: "assistant", content: "Hi! How can I help?" },
|
||||
{ role: "user", content: "What is 2+2?" },
|
||||
{ role: "assistant", content: "2+2 equals 4" },
|
||||
]);
|
||||
const sessionFile = await writeWorkspaceFile({
|
||||
dir: sessionsDir,
|
||||
name: "test-session.jsonl",
|
||||
content: sessionContent,
|
||||
});
|
||||
|
||||
const cfg: ClawdbotConfig = {
|
||||
agents: { defaults: { workspace: tempDir } },
|
||||
};
|
||||
|
||||
const event = createHookEvent("command", "new", "agent:main:main", {
|
||||
cfg,
|
||||
previousSessionEntry: {
|
||||
sessionId: "test-123",
|
||||
sessionFile,
|
||||
},
|
||||
});
|
||||
|
||||
await handler(event);
|
||||
|
||||
// Memory file should be created
|
||||
const memoryDir = path.join(tempDir, "memory");
|
||||
const files = await fs.readdir(memoryDir);
|
||||
expect(files.length).toBe(1);
|
||||
|
||||
// Read the memory file and verify content
|
||||
const memoryContent = await fs.readFile(path.join(memoryDir, files[0]!), "utf-8");
|
||||
expect(memoryContent).toContain("user: Hello there");
|
||||
expect(memoryContent).toContain("assistant: Hi! How can I help?");
|
||||
expect(memoryContent).toContain("user: What is 2+2?");
|
||||
expect(memoryContent).toContain("assistant: 2+2 equals 4");
|
||||
});
|
||||
|
||||
it("filters out non-message entries (tool calls, system)", async () => {
|
||||
const tempDir = await makeTempWorkspace("clawdbot-session-memory-");
|
||||
const sessionsDir = path.join(tempDir, "sessions");
|
||||
await fs.mkdir(sessionsDir, { recursive: true });
|
||||
|
||||
// Create session with mixed entry types
|
||||
const sessionContent = createMockSessionContent([
|
||||
{ role: "user", content: "Hello" },
|
||||
{ type: "tool_use", tool: "search", input: "test" },
|
||||
{ role: "assistant", content: "World" },
|
||||
{ type: "tool_result", result: "found it" },
|
||||
{ role: "user", content: "Thanks" },
|
||||
]);
|
||||
const sessionFile = await writeWorkspaceFile({
|
||||
dir: sessionsDir,
|
||||
name: "test-session.jsonl",
|
||||
content: sessionContent,
|
||||
});
|
||||
|
||||
const cfg: ClawdbotConfig = {
|
||||
agents: { defaults: { workspace: tempDir } },
|
||||
};
|
||||
|
||||
const event = createHookEvent("command", "new", "agent:main:main", {
|
||||
cfg,
|
||||
previousSessionEntry: {
|
||||
sessionId: "test-123",
|
||||
sessionFile,
|
||||
},
|
||||
});
|
||||
|
||||
await handler(event);
|
||||
|
||||
const memoryDir = path.join(tempDir, "memory");
|
||||
const files = await fs.readdir(memoryDir);
|
||||
const memoryContent = await fs.readFile(path.join(memoryDir, files[0]!), "utf-8");
|
||||
|
||||
// Only user/assistant messages should be present
|
||||
expect(memoryContent).toContain("user: Hello");
|
||||
expect(memoryContent).toContain("assistant: World");
|
||||
expect(memoryContent).toContain("user: Thanks");
|
||||
// Tool entries should not appear
|
||||
expect(memoryContent).not.toContain("tool_use");
|
||||
expect(memoryContent).not.toContain("tool_result");
|
||||
expect(memoryContent).not.toContain("search");
|
||||
});
|
||||
|
||||
it("filters out command messages starting with /", async () => {
|
||||
const tempDir = await makeTempWorkspace("clawdbot-session-memory-");
|
||||
const sessionsDir = path.join(tempDir, "sessions");
|
||||
await fs.mkdir(sessionsDir, { recursive: true });
|
||||
|
||||
const sessionContent = createMockSessionContent([
|
||||
{ role: "user", content: "/help" },
|
||||
{ role: "assistant", content: "Here is help info" },
|
||||
{ role: "user", content: "Normal message" },
|
||||
{ role: "user", content: "/new" },
|
||||
]);
|
||||
const sessionFile = await writeWorkspaceFile({
|
||||
dir: sessionsDir,
|
||||
name: "test-session.jsonl",
|
||||
content: sessionContent,
|
||||
});
|
||||
|
||||
const cfg: ClawdbotConfig = {
|
||||
agents: { defaults: { workspace: tempDir } },
|
||||
};
|
||||
|
||||
const event = createHookEvent("command", "new", "agent:main:main", {
|
||||
cfg,
|
||||
previousSessionEntry: {
|
||||
sessionId: "test-123",
|
||||
sessionFile,
|
||||
},
|
||||
});
|
||||
|
||||
await handler(event);
|
||||
|
||||
const memoryDir = path.join(tempDir, "memory");
|
||||
const files = await fs.readdir(memoryDir);
|
||||
const memoryContent = await fs.readFile(path.join(memoryDir, files[0]!), "utf-8");
|
||||
|
||||
// Command messages should be filtered out
|
||||
expect(memoryContent).not.toContain("/help");
|
||||
expect(memoryContent).not.toContain("/new");
|
||||
// Normal messages should be present
|
||||
expect(memoryContent).toContain("assistant: Here is help info");
|
||||
expect(memoryContent).toContain("user: Normal message");
|
||||
});
|
||||
|
||||
it("respects custom messages config (limits to N messages)", async () => {
|
||||
const tempDir = await makeTempWorkspace("clawdbot-session-memory-");
|
||||
const sessionsDir = path.join(tempDir, "sessions");
|
||||
await fs.mkdir(sessionsDir, { recursive: true });
|
||||
|
||||
// Create 10 messages
|
||||
const entries = [];
|
||||
for (let i = 1; i <= 10; i++) {
|
||||
entries.push({ role: "user", content: `Message ${i}` });
|
||||
}
|
||||
const sessionContent = createMockSessionContent(entries);
|
||||
const sessionFile = await writeWorkspaceFile({
|
||||
dir: sessionsDir,
|
||||
name: "test-session.jsonl",
|
||||
content: sessionContent,
|
||||
});
|
||||
|
||||
// Configure to only include last 3 messages
|
||||
const cfg: ClawdbotConfig = {
|
||||
agents: { defaults: { workspace: tempDir } },
|
||||
hooks: {
|
||||
internal: {
|
||||
entries: {
|
||||
"session-memory": { enabled: true, messages: 3 },
|
||||
},
|
||||
},
|
||||
},
|
||||
};
|
||||
|
||||
const event = createHookEvent("command", "new", "agent:main:main", {
|
||||
cfg,
|
||||
previousSessionEntry: {
|
||||
sessionId: "test-123",
|
||||
sessionFile,
|
||||
},
|
||||
});
|
||||
|
||||
await handler(event);
|
||||
|
||||
const memoryDir = path.join(tempDir, "memory");
|
||||
const files = await fs.readdir(memoryDir);
|
||||
const memoryContent = await fs.readFile(path.join(memoryDir, files[0]!), "utf-8");
|
||||
|
||||
// Only last 3 messages should be present
|
||||
expect(memoryContent).not.toContain("user: Message 1\n");
|
||||
expect(memoryContent).not.toContain("user: Message 7\n");
|
||||
expect(memoryContent).toContain("user: Message 8");
|
||||
expect(memoryContent).toContain("user: Message 9");
|
||||
expect(memoryContent).toContain("user: Message 10");
|
||||
});
|
||||
|
||||
it("filters messages before slicing (fix for #2681)", async () => {
|
||||
const tempDir = await makeTempWorkspace("clawdbot-session-memory-");
|
||||
const sessionsDir = path.join(tempDir, "sessions");
|
||||
await fs.mkdir(sessionsDir, { recursive: true });
|
||||
|
||||
// Create session with many tool entries interspersed with messages
|
||||
// This tests that we filter FIRST, then slice - not the other way around
|
||||
const entries = [
|
||||
{ role: "user", content: "First message" },
|
||||
{ type: "tool_use", tool: "test1" },
|
||||
{ type: "tool_result", result: "result1" },
|
||||
{ role: "assistant", content: "Second message" },
|
||||
{ type: "tool_use", tool: "test2" },
|
||||
{ type: "tool_result", result: "result2" },
|
||||
{ role: "user", content: "Third message" },
|
||||
{ type: "tool_use", tool: "test3" },
|
||||
{ type: "tool_result", result: "result3" },
|
||||
{ role: "assistant", content: "Fourth message" },
|
||||
];
|
||||
const sessionContent = createMockSessionContent(entries);
|
||||
const sessionFile = await writeWorkspaceFile({
|
||||
dir: sessionsDir,
|
||||
name: "test-session.jsonl",
|
||||
content: sessionContent,
|
||||
});
|
||||
|
||||
// Request 3 messages - if we sliced first, we'd only get 1-2 messages
|
||||
// because the last 3 lines include tool entries
|
||||
const cfg: ClawdbotConfig = {
|
||||
agents: { defaults: { workspace: tempDir } },
|
||||
hooks: {
|
||||
internal: {
|
||||
entries: {
|
||||
"session-memory": { enabled: true, messages: 3 },
|
||||
},
|
||||
},
|
||||
},
|
||||
};
|
||||
|
||||
const event = createHookEvent("command", "new", "agent:main:main", {
|
||||
cfg,
|
||||
previousSessionEntry: {
|
||||
sessionId: "test-123",
|
||||
sessionFile,
|
||||
},
|
||||
});
|
||||
|
||||
await handler(event);
|
||||
|
||||
const memoryDir = path.join(tempDir, "memory");
|
||||
const files = await fs.readdir(memoryDir);
|
||||
const memoryContent = await fs.readFile(path.join(memoryDir, files[0]!), "utf-8");
|
||||
|
||||
// Should have exactly 3 user/assistant messages (the last 3)
|
||||
expect(memoryContent).not.toContain("First message");
|
||||
expect(memoryContent).toContain("user: Third message");
|
||||
expect(memoryContent).toContain("assistant: Second message");
|
||||
expect(memoryContent).toContain("assistant: Fourth message");
|
||||
});
|
||||
|
||||
it("handles empty session files gracefully", async () => {
|
||||
const tempDir = await makeTempWorkspace("clawdbot-session-memory-");
|
||||
const sessionsDir = path.join(tempDir, "sessions");
|
||||
await fs.mkdir(sessionsDir, { recursive: true });
|
||||
|
||||
const sessionFile = await writeWorkspaceFile({
|
||||
dir: sessionsDir,
|
||||
name: "test-session.jsonl",
|
||||
content: "",
|
||||
});
|
||||
|
||||
const cfg: ClawdbotConfig = {
|
||||
agents: { defaults: { workspace: tempDir } },
|
||||
};
|
||||
|
||||
const event = createHookEvent("command", "new", "agent:main:main", {
|
||||
cfg,
|
||||
previousSessionEntry: {
|
||||
sessionId: "test-123",
|
||||
sessionFile,
|
||||
},
|
||||
});
|
||||
|
||||
// Should not throw
|
||||
await handler(event);
|
||||
|
||||
// Memory file should still be created with metadata
|
||||
const memoryDir = path.join(tempDir, "memory");
|
||||
const files = await fs.readdir(memoryDir);
|
||||
expect(files.length).toBe(1);
|
||||
});
|
||||
|
||||
it("handles session files with fewer messages than requested", async () => {
|
||||
const tempDir = await makeTempWorkspace("clawdbot-session-memory-");
|
||||
const sessionsDir = path.join(tempDir, "sessions");
|
||||
await fs.mkdir(sessionsDir, { recursive: true });
|
||||
|
||||
// Only 2 messages but requesting 15 (default)
|
||||
const sessionContent = createMockSessionContent([
|
||||
{ role: "user", content: "Only message 1" },
|
||||
{ role: "assistant", content: "Only message 2" },
|
||||
]);
|
||||
const sessionFile = await writeWorkspaceFile({
|
||||
dir: sessionsDir,
|
||||
name: "test-session.jsonl",
|
||||
content: sessionContent,
|
||||
});
|
||||
|
||||
const cfg: ClawdbotConfig = {
|
||||
agents: { defaults: { workspace: tempDir } },
|
||||
};
|
||||
|
||||
const event = createHookEvent("command", "new", "agent:main:main", {
|
||||
cfg,
|
||||
previousSessionEntry: {
|
||||
sessionId: "test-123",
|
||||
sessionFile,
|
||||
},
|
||||
});
|
||||
|
||||
await handler(event);
|
||||
|
||||
const memoryDir = path.join(tempDir, "memory");
|
||||
const files = await fs.readdir(memoryDir);
|
||||
const memoryContent = await fs.readFile(path.join(memoryDir, files[0]!), "utf-8");
|
||||
|
||||
// Both messages should be included
|
||||
expect(memoryContent).toContain("user: Only message 1");
|
||||
expect(memoryContent).toContain("assistant: Only message 2");
|
||||
});
|
||||
});
|
||||
@ -8,25 +8,27 @@
|
||||
import fs from "node:fs/promises";
|
||||
import path from "node:path";
|
||||
import os from "node:os";
|
||||
import { fileURLToPath } from "node:url";
|
||||
import type { MoltbotConfig } from "../../../config/config.js";
|
||||
import { resolveAgentWorkspaceDir } from "../../../agents/agent-scope.js";
|
||||
import { resolveAgentIdFromSessionKey } from "../../../routing/session-key.js";
|
||||
import { resolveHookConfig } from "../../config.js";
|
||||
import type { HookHandler } from "../../hooks.js";
|
||||
|
||||
/**
|
||||
* Read recent messages from session file for slug generation
|
||||
*/
|
||||
async function getRecentSessionContent(sessionFilePath: string): Promise<string | null> {
|
||||
async function getRecentSessionContent(
|
||||
sessionFilePath: string,
|
||||
messageCount: number = 15,
|
||||
): Promise<string | null> {
|
||||
try {
|
||||
const content = await fs.readFile(sessionFilePath, "utf-8");
|
||||
const lines = content.trim().split("\n");
|
||||
|
||||
// Get last 15 lines (recent conversation)
|
||||
const recentLines = lines.slice(-15);
|
||||
|
||||
// Parse JSONL and extract messages
|
||||
const messages: string[] = [];
|
||||
for (const line of recentLines) {
|
||||
// Parse JSONL and extract user/assistant messages first
|
||||
const allMessages: string[] = [];
|
||||
for (const line of lines) {
|
||||
try {
|
||||
const entry = JSON.parse(line);
|
||||
// Session files have entries with type="message" containing a nested message object
|
||||
@ -39,7 +41,7 @@ async function getRecentSessionContent(sessionFilePath: string): Promise<string
|
||||
? msg.content.find((c: any) => c.type === "text")?.text
|
||||
: msg.content;
|
||||
if (text && !text.startsWith("/")) {
|
||||
messages.push(`${role}: ${text}`);
|
||||
allMessages.push(`${role}: ${text}`);
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -48,7 +50,9 @@ async function getRecentSessionContent(sessionFilePath: string): Promise<string
|
||||
}
|
||||
}
|
||||
|
||||
return messages.join("\n");
|
||||
// Then slice to get exactly messageCount messages
|
||||
const recentMessages = allMessages.slice(-messageCount);
|
||||
return recentMessages.join("\n");
|
||||
} catch {
|
||||
return null;
|
||||
}
|
||||
@ -93,12 +97,19 @@ const saveSessionToMemory: HookHandler = async (event) => {
|
||||
|
||||
const sessionFile = currentSessionFile || undefined;
|
||||
|
||||
// Read message count from hook config (default: 15)
|
||||
const hookConfig = resolveHookConfig(cfg, "session-memory");
|
||||
const messageCount =
|
||||
typeof hookConfig?.messages === "number" && hookConfig.messages > 0
|
||||
? hookConfig.messages
|
||||
: 15;
|
||||
|
||||
let slug: string | null = null;
|
||||
let sessionContent: string | null = null;
|
||||
|
||||
if (sessionFile) {
|
||||
// Get recent conversation content
|
||||
sessionContent = await getRecentSessionContent(sessionFile);
|
||||
sessionContent = await getRecentSessionContent(sessionFile, messageCount);
|
||||
console.log("[session-memory] sessionContent length:", sessionContent?.length || 0);
|
||||
|
||||
if (sessionContent && cfg) {
|
||||
@ -106,10 +117,7 @@ const saveSessionToMemory: HookHandler = async (event) => {
|
||||
// Dynamically import the LLM slug generator (avoids module caching issues)
|
||||
// When compiled, handler is at dist/hooks/bundled/session-memory/handler.js
|
||||
// Going up ../.. puts us at dist/hooks/, so just add llm-slug-generator.js
|
||||
const moltbotRoot = path.resolve(
|
||||
path.dirname(import.meta.url.replace("file://", "")),
|
||||
"../..",
|
||||
);
|
||||
const moltbotRoot = path.resolve(path.dirname(fileURLToPath(import.meta.url)), "../..");
|
||||
const slugGenPath = path.join(moltbotRoot, "llm-slug-generator.js");
|
||||
const { generateSlugViaLLM } = await import(slugGenPath);
|
||||
|
||||
|
||||
@ -103,11 +103,13 @@ function buildBaseSessionKey(params: {
|
||||
cfg: MoltbotConfig;
|
||||
agentId: string;
|
||||
channel: ChannelId;
|
||||
accountId?: string | null;
|
||||
peer: RoutePeer;
|
||||
}): string {
|
||||
return buildAgentSessionKey({
|
||||
agentId: params.agentId,
|
||||
channel: params.channel,
|
||||
accountId: params.accountId,
|
||||
peer: params.peer,
|
||||
dmScope: params.cfg.session?.dmScope ?? "main",
|
||||
identityLinks: params.cfg.session?.identityLinks,
|
||||
@ -200,6 +202,7 @@ async function resolveSlackSession(
|
||||
cfg: params.cfg,
|
||||
agentId: params.agentId,
|
||||
channel: "slack",
|
||||
accountId: params.accountId,
|
||||
peer,
|
||||
});
|
||||
const threadId = normalizeThreadId(params.threadId ?? params.replyToId);
|
||||
@ -237,6 +240,7 @@ function resolveDiscordSession(
|
||||
cfg: params.cfg,
|
||||
agentId: params.agentId,
|
||||
channel: "discord",
|
||||
accountId: params.accountId,
|
||||
peer,
|
||||
});
|
||||
const explicitThreadId = normalizeThreadId(params.threadId);
|
||||
@ -285,6 +289,7 @@ function resolveTelegramSession(
|
||||
cfg: params.cfg,
|
||||
agentId: params.agentId,
|
||||
channel: "telegram",
|
||||
accountId: params.accountId,
|
||||
peer,
|
||||
});
|
||||
return {
|
||||
@ -312,6 +317,7 @@ function resolveWhatsAppSession(
|
||||
cfg: params.cfg,
|
||||
agentId: params.agentId,
|
||||
channel: "whatsapp",
|
||||
accountId: params.accountId,
|
||||
peer,
|
||||
});
|
||||
return {
|
||||
@ -337,6 +343,7 @@ function resolveSignalSession(
|
||||
cfg: params.cfg,
|
||||
agentId: params.agentId,
|
||||
channel: "signal",
|
||||
accountId: params.accountId,
|
||||
peer,
|
||||
});
|
||||
return {
|
||||
@ -371,6 +378,7 @@ function resolveSignalSession(
|
||||
cfg: params.cfg,
|
||||
agentId: params.agentId,
|
||||
channel: "signal",
|
||||
accountId: params.accountId,
|
||||
peer,
|
||||
});
|
||||
return {
|
||||
@ -395,6 +403,7 @@ function resolveIMessageSession(
|
||||
cfg: params.cfg,
|
||||
agentId: params.agentId,
|
||||
channel: "imessage",
|
||||
accountId: params.accountId,
|
||||
peer,
|
||||
});
|
||||
return {
|
||||
@ -419,6 +428,7 @@ function resolveIMessageSession(
|
||||
cfg: params.cfg,
|
||||
agentId: params.agentId,
|
||||
channel: "imessage",
|
||||
accountId: params.accountId,
|
||||
peer,
|
||||
});
|
||||
const toPrefix =
|
||||
@ -450,6 +460,7 @@ function resolveMatrixSession(
|
||||
cfg: params.cfg,
|
||||
agentId: params.agentId,
|
||||
channel: "matrix",
|
||||
accountId: params.accountId,
|
||||
peer,
|
||||
});
|
||||
return {
|
||||
@ -483,6 +494,7 @@ function resolveMSTeamsSession(
|
||||
cfg: params.cfg,
|
||||
agentId: params.agentId,
|
||||
channel: "msteams",
|
||||
accountId: params.accountId,
|
||||
peer,
|
||||
});
|
||||
return {
|
||||
@ -517,6 +529,7 @@ function resolveMattermostSession(
|
||||
cfg: params.cfg,
|
||||
agentId: params.agentId,
|
||||
channel: "mattermost",
|
||||
accountId: params.accountId,
|
||||
peer,
|
||||
});
|
||||
const threadId = normalizeThreadId(params.replyToId ?? params.threadId);
|
||||
@ -561,6 +574,7 @@ function resolveBlueBubblesSession(
|
||||
cfg: params.cfg,
|
||||
agentId: params.agentId,
|
||||
channel: "bluebubbles",
|
||||
accountId: params.accountId,
|
||||
peer,
|
||||
});
|
||||
return {
|
||||
@ -586,6 +600,7 @@ function resolveNextcloudTalkSession(
|
||||
cfg: params.cfg,
|
||||
agentId: params.agentId,
|
||||
channel: "nextcloud-talk",
|
||||
accountId: params.accountId,
|
||||
peer,
|
||||
});
|
||||
return {
|
||||
@ -612,6 +627,7 @@ function resolveZaloSession(
|
||||
cfg: params.cfg,
|
||||
agentId: params.agentId,
|
||||
channel: "zalo",
|
||||
accountId: params.accountId,
|
||||
peer,
|
||||
});
|
||||
return {
|
||||
@ -639,6 +655,7 @@ function resolveZalouserSession(
|
||||
cfg: params.cfg,
|
||||
agentId: params.agentId,
|
||||
channel: "zalouser",
|
||||
accountId: params.accountId,
|
||||
peer,
|
||||
});
|
||||
return {
|
||||
@ -661,6 +678,7 @@ function resolveNostrSession(
|
||||
cfg: params.cfg,
|
||||
agentId: params.agentId,
|
||||
channel: "nostr",
|
||||
accountId: params.accountId,
|
||||
peer,
|
||||
});
|
||||
return {
|
||||
@ -719,6 +737,7 @@ function resolveTlonSession(
|
||||
cfg: params.cfg,
|
||||
agentId: params.agentId,
|
||||
channel: "tlon",
|
||||
accountId: params.accountId,
|
||||
peer,
|
||||
});
|
||||
return {
|
||||
|
||||
@ -227,3 +227,29 @@ describe("resolveAgentRoute", () => {
|
||||
expect(route.sessionKey).toBe("agent:home:main");
|
||||
});
|
||||
});
|
||||
|
||||
test("dmScope=per-account-channel-peer isolates DM sessions per account, channel and sender", () => {
|
||||
const cfg: MoltbotConfig = {
|
||||
session: { dmScope: "per-account-channel-peer" },
|
||||
};
|
||||
const route = resolveAgentRoute({
|
||||
cfg,
|
||||
channel: "telegram",
|
||||
accountId: "tasks",
|
||||
peer: { kind: "dm", id: "7550356539" },
|
||||
});
|
||||
expect(route.sessionKey).toBe("agent:main:telegram:tasks:dm:7550356539");
|
||||
});
|
||||
|
||||
test("dmScope=per-account-channel-peer uses default accountId when not provided", () => {
|
||||
const cfg: MoltbotConfig = {
|
||||
session: { dmScope: "per-account-channel-peer" },
|
||||
};
|
||||
const route = resolveAgentRoute({
|
||||
cfg,
|
||||
channel: "telegram",
|
||||
accountId: null,
|
||||
peer: { kind: "dm", id: "7550356539" },
|
||||
});
|
||||
expect(route.sessionKey).toBe("agent:main:telegram:default:dm:7550356539");
|
||||
});
|
||||
|
||||
@ -69,9 +69,10 @@ function matchesAccountId(match: string | undefined, actual: string): boolean {
|
||||
export function buildAgentSessionKey(params: {
|
||||
agentId: string;
|
||||
channel: string;
|
||||
accountId?: string | null;
|
||||
peer?: RoutePeer | null;
|
||||
/** DM session scope. */
|
||||
dmScope?: "main" | "per-peer" | "per-channel-peer";
|
||||
dmScope?: "main" | "per-peer" | "per-channel-peer" | "per-account-channel-peer";
|
||||
identityLinks?: Record<string, string[]>;
|
||||
}): string {
|
||||
const channel = normalizeToken(params.channel) || "unknown";
|
||||
@ -80,6 +81,7 @@ export function buildAgentSessionKey(params: {
|
||||
agentId: params.agentId,
|
||||
mainKey: DEFAULT_MAIN_KEY,
|
||||
channel,
|
||||
accountId: params.accountId,
|
||||
peerKind: peer?.kind ?? "dm",
|
||||
peerId: peer ? normalizeId(peer.id) || "unknown" : null,
|
||||
dmScope: params.dmScope,
|
||||
@ -160,6 +162,7 @@ export function resolveAgentRoute(input: ResolveAgentRouteInput): ResolvedAgentR
|
||||
const sessionKey = buildAgentSessionKey({
|
||||
agentId: resolvedAgentId,
|
||||
channel,
|
||||
accountId,
|
||||
peer,
|
||||
dmScope,
|
||||
identityLinks,
|
||||
|
||||
@ -111,11 +111,12 @@ export function buildAgentPeerSessionKey(params: {
|
||||
agentId: string;
|
||||
mainKey?: string | undefined;
|
||||
channel: string;
|
||||
accountId?: string | null;
|
||||
peerKind?: "dm" | "group" | "channel" | null;
|
||||
peerId?: string | null;
|
||||
identityLinks?: Record<string, string[]>;
|
||||
/** DM session scope. */
|
||||
dmScope?: "main" | "per-peer" | "per-channel-peer";
|
||||
dmScope?: "main" | "per-peer" | "per-channel-peer" | "per-account-channel-peer";
|
||||
}): string {
|
||||
const peerKind = params.peerKind ?? "dm";
|
||||
if (peerKind === "dm") {
|
||||
@ -131,6 +132,11 @@ export function buildAgentPeerSessionKey(params: {
|
||||
});
|
||||
if (linkedPeerId) peerId = linkedPeerId;
|
||||
peerId = peerId.toLowerCase();
|
||||
if (dmScope === "per-account-channel-peer" && peerId) {
|
||||
const channel = (params.channel ?? "").trim().toLowerCase() || "unknown";
|
||||
const accountId = normalizeAccountId(params.accountId);
|
||||
return `agent:${normalizeAgentId(params.agentId)}:${channel}:${accountId}:dm:${peerId}`;
|
||||
}
|
||||
if (dmScope === "per-channel-peer" && peerId) {
|
||||
const channel = (params.channel ?? "").trim().toLowerCase() || "unknown";
|
||||
return `agent:${normalizeAgentId(params.agentId)}:${channel}:dm:${peerId}`;
|
||||
|
||||
@ -519,7 +519,8 @@ async function collectChannelSecurityFindings(params: {
|
||||
title: `${input.label} DMs share the main session`,
|
||||
detail:
|
||||
"Multiple DM senders currently share the main session, which can leak context across users.",
|
||||
remediation: 'Set session.dmScope="per-channel-peer" to isolate DM sessions per sender.',
|
||||
remediation:
|
||||
'Set session.dmScope="per-channel-peer" (or "per-account-channel-peer" for multi-account channels) to isolate DM sessions per sender.',
|
||||
});
|
||||
}
|
||||
};
|
||||
|
||||
@ -13,8 +13,12 @@ describe("resolveTelegramForumThreadId", () => {
|
||||
});
|
||||
|
||||
it("returns undefined for non-forum groups without messageThreadId", () => {
|
||||
expect(resolveTelegramForumThreadId({ isForum: false, messageThreadId: undefined })).toBeUndefined();
|
||||
expect(resolveTelegramForumThreadId({ isForum: undefined, messageThreadId: 99 })).toBeUndefined();
|
||||
expect(
|
||||
resolveTelegramForumThreadId({ isForum: false, messageThreadId: undefined }),
|
||||
).toBeUndefined();
|
||||
expect(
|
||||
resolveTelegramForumThreadId({ isForum: undefined, messageThreadId: 99 }),
|
||||
).toBeUndefined();
|
||||
});
|
||||
|
||||
it("returns General topic (1) for forum groups without messageThreadId", () => {
|
||||
|
||||
@ -54,11 +54,13 @@ export async function maybeBroadcastMessage(params: {
|
||||
sessionKey: buildAgentSessionKey({
|
||||
agentId: normalizedAgentId,
|
||||
channel: "whatsapp",
|
||||
accountId: params.route.accountId,
|
||||
peer: {
|
||||
kind: params.msg.chatType === "group" ? "group" : "dm",
|
||||
id: params.peerId,
|
||||
},
|
||||
dmScope: params.cfg.session?.dmScope,
|
||||
identityLinks: params.cfg.session?.identityLinks,
|
||||
}),
|
||||
mainSessionKey: buildAgentMainSessionKey({
|
||||
agentId: normalizedAgentId,
|
||||
|
||||
Loading…
Reference in New Issue
Block a user