From d499b148423e896114ccd718d7d56687ca56fc8e Mon Sep 17 00:00:00 2001 From: Jarvis Deploy Date: Tue, 27 Jan 2026 21:51:23 -0500 Subject: [PATCH 01/36] feat(routing): add per-account-channel-peer session scope Adds a new dmScope option that includes accountId in session keys, enabling isolated sessions per channel account for multi-bot setups. - Add 'per-account-channel-peer' to DmScope type - Update session key generation to include accountId - Pass accountId through routing chain - Add tests for new routing behavior (13/13 passing) Closes #3094 Co-authored-by: Sebastian Almeida <89653954+SebastianAlmeida@users.noreply.github.com> --- src/config/types.base.ts | 2 +- src/config/zod-schema.session.ts | 7 ++++++- src/infra/outbound/outbound-session.ts | 19 +++++++++++++++++++ src/routing/resolve-route.test.ts | 26 ++++++++++++++++++++++++++ src/routing/resolve-route.ts | 5 ++++- src/routing/session-key.ts | 8 +++++++- 6 files changed, 63 insertions(+), 4 deletions(-) diff --git a/src/config/types.base.ts b/src/config/types.base.ts index cc805e8ec..e7da1ecd8 100644 --- a/src/config/types.base.ts +++ b/src/config/types.base.ts @@ -3,7 +3,7 @@ import type { NormalizedChatType } from "../channels/chat-type.js"; export type ReplyMode = "text" | "command"; export type TypingMode = "never" | "instant" | "thinking" | "message"; export type SessionScope = "per-sender" | "global"; -export type DmScope = "main" | "per-peer" | "per-channel-peer"; +export type DmScope = "main" | "per-peer" | "per-channel-peer" | "per-account-channel-peer"; export type ReplyToMode = "off" | "first" | "all"; export type GroupPolicy = "open" | "disabled" | "allowlist"; export type DmPolicy = "pairing" | "allowlist" | "open" | "disabled"; diff --git a/src/config/zod-schema.session.ts b/src/config/zod-schema.session.ts index b9e7b42cc..4412f5515 100644 --- a/src/config/zod-schema.session.ts +++ b/src/config/zod-schema.session.ts @@ -20,7 +20,12 @@ export const SessionSchema = z .object({ scope: z.union([z.literal("per-sender"), z.literal("global")]).optional(), dmScope: z - .union([z.literal("main"), z.literal("per-peer"), z.literal("per-channel-peer")]) + .union([ + z.literal("main"), + z.literal("per-peer"), + z.literal("per-channel-peer"), + z.literal("per-account-channel-peer"), + ]) .optional(), identityLinks: z.record(z.string(), z.array(z.string())).optional(), resetTriggers: z.array(z.string()).optional(), diff --git a/src/infra/outbound/outbound-session.ts b/src/infra/outbound/outbound-session.ts index c74abc509..9c12fab96 100644 --- a/src/infra/outbound/outbound-session.ts +++ b/src/infra/outbound/outbound-session.ts @@ -103,11 +103,13 @@ function buildBaseSessionKey(params: { cfg: MoltbotConfig; agentId: string; channel: ChannelId; + accountId?: string | null; peer: RoutePeer; }): string { return buildAgentSessionKey({ agentId: params.agentId, channel: params.channel, + accountId: params.accountId, peer: params.peer, dmScope: params.cfg.session?.dmScope ?? "main", identityLinks: params.cfg.session?.identityLinks, @@ -200,6 +202,7 @@ async function resolveSlackSession( cfg: params.cfg, agentId: params.agentId, channel: "slack", + accountId: params.accountId, peer, }); const threadId = normalizeThreadId(params.threadId ?? params.replyToId); @@ -237,6 +240,7 @@ function resolveDiscordSession( cfg: params.cfg, agentId: params.agentId, channel: "discord", + accountId: params.accountId, peer, }); const explicitThreadId = normalizeThreadId(params.threadId); @@ -285,6 +289,7 @@ function resolveTelegramSession( cfg: params.cfg, agentId: params.agentId, channel: "telegram", + accountId: params.accountId, peer, }); return { @@ -312,6 +317,7 @@ function resolveWhatsAppSession( cfg: params.cfg, agentId: params.agentId, channel: "whatsapp", + accountId: params.accountId, peer, }); return { @@ -337,6 +343,7 @@ function resolveSignalSession( cfg: params.cfg, agentId: params.agentId, channel: "signal", + accountId: params.accountId, peer, }); return { @@ -371,6 +378,7 @@ function resolveSignalSession( cfg: params.cfg, agentId: params.agentId, channel: "signal", + accountId: params.accountId, peer, }); return { @@ -395,6 +403,7 @@ function resolveIMessageSession( cfg: params.cfg, agentId: params.agentId, channel: "imessage", + accountId: params.accountId, peer, }); return { @@ -419,6 +428,7 @@ function resolveIMessageSession( cfg: params.cfg, agentId: params.agentId, channel: "imessage", + accountId: params.accountId, peer, }); const toPrefix = @@ -450,6 +460,7 @@ function resolveMatrixSession( cfg: params.cfg, agentId: params.agentId, channel: "matrix", + accountId: params.accountId, peer, }); return { @@ -483,6 +494,7 @@ function resolveMSTeamsSession( cfg: params.cfg, agentId: params.agentId, channel: "msteams", + accountId: params.accountId, peer, }); return { @@ -517,6 +529,7 @@ function resolveMattermostSession( cfg: params.cfg, agentId: params.agentId, channel: "mattermost", + accountId: params.accountId, peer, }); const threadId = normalizeThreadId(params.replyToId ?? params.threadId); @@ -561,6 +574,7 @@ function resolveBlueBubblesSession( cfg: params.cfg, agentId: params.agentId, channel: "bluebubbles", + accountId: params.accountId, peer, }); return { @@ -586,6 +600,7 @@ function resolveNextcloudTalkSession( cfg: params.cfg, agentId: params.agentId, channel: "nextcloud-talk", + accountId: params.accountId, peer, }); return { @@ -612,6 +627,7 @@ function resolveZaloSession( cfg: params.cfg, agentId: params.agentId, channel: "zalo", + accountId: params.accountId, peer, }); return { @@ -639,6 +655,7 @@ function resolveZalouserSession( cfg: params.cfg, agentId: params.agentId, channel: "zalouser", + accountId: params.accountId, peer, }); return { @@ -661,6 +678,7 @@ function resolveNostrSession( cfg: params.cfg, agentId: params.agentId, channel: "nostr", + accountId: params.accountId, peer, }); return { @@ -719,6 +737,7 @@ function resolveTlonSession( cfg: params.cfg, agentId: params.agentId, channel: "tlon", + accountId: params.accountId, peer, }); return { diff --git a/src/routing/resolve-route.test.ts b/src/routing/resolve-route.test.ts index 6a3366e97..aed0fa755 100644 --- a/src/routing/resolve-route.test.ts +++ b/src/routing/resolve-route.test.ts @@ -227,3 +227,29 @@ describe("resolveAgentRoute", () => { expect(route.sessionKey).toBe("agent:home:main"); }); }); + +test("dmScope=per-account-channel-peer isolates DM sessions per account, channel and sender", () => { + const cfg: MoltbotConfig = { + session: { dmScope: "per-account-channel-peer" }, + }; + const route = resolveAgentRoute({ + cfg, + channel: "telegram", + accountId: "tasks", + peer: { kind: "dm", id: "7550356539" }, + }); + expect(route.sessionKey).toBe("agent:main:telegram:tasks:dm:7550356539"); +}); + +test("dmScope=per-account-channel-peer uses default accountId when not provided", () => { + const cfg: MoltbotConfig = { + session: { dmScope: "per-account-channel-peer" }, + }; + const route = resolveAgentRoute({ + cfg, + channel: "telegram", + accountId: null, + peer: { kind: "dm", id: "7550356539" }, + }); + expect(route.sessionKey).toBe("agent:main:telegram:default:dm:7550356539"); +}); diff --git a/src/routing/resolve-route.ts b/src/routing/resolve-route.ts index 473dc61f2..0c63f77c8 100644 --- a/src/routing/resolve-route.ts +++ b/src/routing/resolve-route.ts @@ -69,9 +69,10 @@ function matchesAccountId(match: string | undefined, actual: string): boolean { export function buildAgentSessionKey(params: { agentId: string; channel: string; + accountId?: string | null; peer?: RoutePeer | null; /** DM session scope. */ - dmScope?: "main" | "per-peer" | "per-channel-peer"; + dmScope?: "main" | "per-peer" | "per-channel-peer" | "per-account-channel-peer"; identityLinks?: Record; }): string { const channel = normalizeToken(params.channel) || "unknown"; @@ -80,6 +81,7 @@ export function buildAgentSessionKey(params: { agentId: params.agentId, mainKey: DEFAULT_MAIN_KEY, channel, + accountId: params.accountId, peerKind: peer?.kind ?? "dm", peerId: peer ? normalizeId(peer.id) || "unknown" : null, dmScope: params.dmScope, @@ -160,6 +162,7 @@ export function resolveAgentRoute(input: ResolveAgentRouteInput): ResolvedAgentR const sessionKey = buildAgentSessionKey({ agentId: resolvedAgentId, channel, + accountId, peer, dmScope, identityLinks, diff --git a/src/routing/session-key.ts b/src/routing/session-key.ts index 7f9f209ed..320ffeb83 100644 --- a/src/routing/session-key.ts +++ b/src/routing/session-key.ts @@ -111,11 +111,12 @@ export function buildAgentPeerSessionKey(params: { agentId: string; mainKey?: string | undefined; channel: string; + accountId?: string | null; peerKind?: "dm" | "group" | "channel" | null; peerId?: string | null; identityLinks?: Record; /** DM session scope. */ - dmScope?: "main" | "per-peer" | "per-channel-peer"; + dmScope?: "main" | "per-peer" | "per-channel-peer" | "per-account-channel-peer"; }): string { const peerKind = params.peerKind ?? "dm"; if (peerKind === "dm") { @@ -131,6 +132,11 @@ export function buildAgentPeerSessionKey(params: { }); if (linkedPeerId) peerId = linkedPeerId; peerId = peerId.toLowerCase(); + if (dmScope === "per-account-channel-peer" && peerId) { + const channel = (params.channel ?? "").trim().toLowerCase() || "unknown"; + const accountId = normalizeAccountId(params.accountId); + return `agent:${normalizeAgentId(params.agentId)}:${channel}:${accountId}:dm:${peerId}`; + } if (dmScope === "per-channel-peer" && peerId) { const channel = (params.channel ?? "").trim().toLowerCase() || "unknown"; return `agent:${normalizeAgentId(params.agentId)}:${channel}:dm:${peerId}`; From b6a3a91edf528d8fcb750dd5387e247abcaf63d6 Mon Sep 17 00:00:00 2001 From: Ayaan Zaidi Date: Wed, 28 Jan 2026 11:41:28 +0530 Subject: [PATCH 02/36] fix: wire per-account dm scope guidance (#3095) (thanks @jarvis-sam) --- CHANGELOG.md | 1 + docs/cli/security.md | 2 +- docs/concepts/session.md | 6 ++++-- docs/gateway/configuration.md | 3 ++- docs/gateway/security/index.md | 2 +- src/commands/doctor-security.ts | 2 +- src/commands/onboard-channels.ts | 4 ++-- src/config/schema.ts | 2 +- src/security/audit.ts | 3 ++- src/web/auto-reply/monitor/broadcast.ts | 2 ++ 10 files changed, 17 insertions(+), 10 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index e16c962a4..17f957f07 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -66,6 +66,7 @@ Status: beta. - Slack: clear ack reaction after streamed replies. (#2044) Thanks @fancyboi999. - macOS: keep custom SSH usernames in remote target. (#2046) Thanks @algal. - CLI: use Node's module compile cache for faster startup. (#2808) Thanks @pi0. +- Routing: add per-account DM session scope and document multi-account isolation. (#3095) Thanks @jarvis-sam. ### Breaking - **BREAKING:** Gateway auth mode "none" is removed; gateway now requires token/password (Tailscale Serve identity still allowed). diff --git a/docs/cli/security.md b/docs/cli/security.md index 662181616..551debc99 100644 --- a/docs/cli/security.md +++ b/docs/cli/security.md @@ -20,5 +20,5 @@ moltbot security audit --deep moltbot security audit --fix ``` -The audit warns when multiple DM senders share the main session and recommends `session.dmScope="per-channel-peer"` for shared inboxes. +The audit warns when multiple DM senders share the main session and recommends `session.dmScope="per-channel-peer"` (or `per-account-channel-peer` for multi-account channels) for shared inboxes. It also warns when small models (`<=300B`) are used without sandboxing and with web/browser tools enabled. diff --git a/docs/concepts/session.md b/docs/concepts/session.md index 58ac57145..b15b1a1ea 100644 --- a/docs/concepts/session.md +++ b/docs/concepts/session.md @@ -11,7 +11,8 @@ Use `session.dmScope` to control how **direct messages** are grouped: - `main` (default): all DMs share the main session for continuity. - `per-peer`: isolate by sender id across channels. - `per-channel-peer`: isolate by channel + sender (recommended for multi-user inboxes). -Use `session.identityLinks` to map provider-prefixed peer ids to a canonical identity so the same person shares a DM session across channels when using `per-peer` or `per-channel-peer`. +- `per-account-channel-peer`: isolate by account + channel + sender (recommended for multi-account inboxes). +Use `session.identityLinks` to map provider-prefixed peer ids to a canonical identity so the same person shares a DM session across channels when using `per-peer`, `per-channel-peer`, or `per-account-channel-peer`. ## Gateway is the source of truth All session state is **owned by the gateway** (the “master” Moltbot). UI clients (macOS app, WebChat, etc.) must query the gateway for session lists and token counts instead of reading local files. @@ -44,6 +45,7 @@ the workspace is writable. See [Memory](/concepts/memory) and - Multiple phone numbers and channels can map to the same agent main key; they act as transports into one conversation. - `per-peer`: `agent::dm:`. - `per-channel-peer`: `agent:::dm:`. + - `per-account-channel-peer`: `agent::::dm:` (accountId defaults to `default`). - If `session.identityLinks` matches a provider-prefixed peer id (for example `telegram:123`), the canonical key replaces `` so the same person shares a session across channels. - Group chats isolate state: `agent:::group:` (rooms/channels use `agent:::channel:`). - Telegram forum topics append `:topic:` to the group id for isolation. @@ -94,7 +96,7 @@ Send these as standalone messages so they register. { session: { scope: "per-sender", // keep group keys separate - dmScope: "main", // DM continuity (set per-channel-peer for shared inboxes) + dmScope: "main", // DM continuity (set per-channel-peer/per-account-channel-peer for shared inboxes) identityLinks: { alice: ["telegram:123456789", "discord:987654321012345678"] }, diff --git a/docs/gateway/configuration.md b/docs/gateway/configuration.md index 15261c809..1d270974d 100644 --- a/docs/gateway/configuration.md +++ b/docs/gateway/configuration.md @@ -2657,7 +2657,8 @@ Fields: - `main`: all DMs share the main session for continuity. - `per-peer`: isolate DMs by sender id across channels. - `per-channel-peer`: isolate DMs per channel + sender (recommended for multi-user inboxes). -- `identityLinks`: map canonical ids to provider-prefixed peers so the same person shares a DM session across channels when using `per-peer` or `per-channel-peer`. + - `per-account-channel-peer`: isolate DMs per account + channel + sender (recommended for multi-account inboxes). +- `identityLinks`: map canonical ids to provider-prefixed peers so the same person shares a DM session across channels when using `per-peer`, `per-channel-peer`, or `per-account-channel-peer`. - Example: `alice: ["telegram:123456789", "discord:987654321012345678"]`. - `reset`: primary reset policy. Defaults to daily resets at 4:00 AM local time on the gateway host. - `mode`: `daily` or `idle` (default: `daily` when `reset` is present). diff --git a/docs/gateway/security/index.md b/docs/gateway/security/index.md index d29c3df48..a5d841c18 100644 --- a/docs/gateway/security/index.md +++ b/docs/gateway/security/index.md @@ -199,7 +199,7 @@ By default, Moltbot routes **all DMs into the main session** so your assistant h } ``` -This prevents cross-user context leakage while keeping group chats isolated. If the same person contacts you on multiple channels, use `session.identityLinks` to collapse those DM sessions into one canonical identity. See [Session Management](/concepts/session) and [Configuration](/gateway/configuration). +This prevents cross-user context leakage while keeping group chats isolated. If you run multiple accounts on the same channel, use `per-account-channel-peer` instead. If the same person contacts you on multiple channels, use `session.identityLinks` to collapse those DM sessions into one canonical identity. See [Session Management](/concepts/session) and [Configuration](/gateway/configuration). ## Allowlists (DM + groups) — terminology diff --git a/src/commands/doctor-security.ts b/src/commands/doctor-security.ts index bf2c94da7..856b18bfb 100644 --- a/src/commands/doctor-security.ts +++ b/src/commands/doctor-security.ts @@ -124,7 +124,7 @@ export async function noteSecurityWarnings(cfg: MoltbotConfig) { if (dmScope === "main" && isMultiUserDm) { warnings.push( - `- ${params.label} DMs: multiple senders share the main session; set session.dmScope="per-channel-peer" to isolate sessions.`, + `- ${params.label} DMs: multiple senders share the main session; set session.dmScope="per-channel-peer" (or "per-account-channel-peer" for multi-account channels) to isolate sessions.`, ); } }; diff --git a/src/commands/onboard-channels.ts b/src/commands/onboard-channels.ts index e1f8dbe8e..27ec07de4 100644 --- a/src/commands/onboard-channels.ts +++ b/src/commands/onboard-channels.ts @@ -190,7 +190,7 @@ async function noteChannelPrimer( "DM security: default is pairing; unknown DMs get a pairing code.", `Approve with: ${formatCliCommand("moltbot pairing approve ")}`, 'Public DMs require dmPolicy="open" + allowFrom=["*"].', - 'Multi-user DMs: set session.dmScope="per-channel-peer" to isolate sessions.', + 'Multi-user DMs: set session.dmScope="per-channel-peer" (or "per-account-channel-peer" for multi-account channels) to isolate sessions.', `Docs: ${formatDocsLink("/start/pairing", "start/pairing")}`, "", ...channelLines, @@ -238,7 +238,7 @@ async function maybeConfigureDmPolicies(params: { `Approve: ${formatCliCommand(`moltbot pairing approve ${policy.channel} `)}`, `Allowlist DMs: ${policy.policyKey}="allowlist" + ${policy.allowFromKey} entries.`, `Public DMs: ${policy.policyKey}="open" + ${policy.allowFromKey} includes "*".`, - 'Multi-user DMs: set session.dmScope="per-channel-peer" to isolate sessions.', + 'Multi-user DMs: set session.dmScope="per-channel-peer" (or "per-account-channel-peer" for multi-account channels) to isolate sessions.', `Docs: ${formatDocsLink("/start/pairing", "start/pairing")}`, ].join("\n"), `${policy.label} DM access`, diff --git a/src/config/schema.ts b/src/config/schema.ts index 9b5ad8be6..b4ec8723b 100644 --- a/src/config/schema.ts +++ b/src/config/schema.ts @@ -591,7 +591,7 @@ const FIELD_HELP: Record = { "commands.restart": "Allow /restart and gateway restart tool actions (default: false).", "commands.useAccessGroups": "Enforce access-group allowlists/policies for commands.", "session.dmScope": - 'DM session scoping: "main" keeps continuity; "per-peer" or "per-channel-peer" isolates DM history (recommended for shared inboxes).', + 'DM session scoping: "main" keeps continuity; "per-peer", "per-channel-peer", or "per-account-channel-peer" isolates DM history (recommended for shared inboxes/multi-account).', "session.identityLinks": "Map canonical identities to provider-prefixed peer IDs for DM session linking (example: telegram:123456).", "channels.telegram.configWrites": diff --git a/src/security/audit.ts b/src/security/audit.ts index 7aebd6928..681d14c1d 100644 --- a/src/security/audit.ts +++ b/src/security/audit.ts @@ -519,7 +519,8 @@ async function collectChannelSecurityFindings(params: { title: `${input.label} DMs share the main session`, detail: "Multiple DM senders currently share the main session, which can leak context across users.", - remediation: 'Set session.dmScope="per-channel-peer" to isolate DM sessions per sender.', + remediation: + 'Set session.dmScope="per-channel-peer" (or "per-account-channel-peer" for multi-account channels) to isolate DM sessions per sender.', }); } }; diff --git a/src/web/auto-reply/monitor/broadcast.ts b/src/web/auto-reply/monitor/broadcast.ts index ef76ce3b0..c8f84a048 100644 --- a/src/web/auto-reply/monitor/broadcast.ts +++ b/src/web/auto-reply/monitor/broadcast.ts @@ -54,11 +54,13 @@ export async function maybeBroadcastMessage(params: { sessionKey: buildAgentSessionKey({ agentId: normalizedAgentId, channel: "whatsapp", + accountId: params.route.accountId, peer: { kind: params.msg.chatType === "group" ? "group" : "dm", id: params.peerId, }, dmScope: params.cfg.session?.dmScope, + identityLinks: params.cfg.session?.identityLinks, }), mainSessionKey: buildAgentMainSessionKey({ agentId: normalizedAgentId, From 6044bf36374be8ee52374e2cbb71ec188ee9b9a3 Mon Sep 17 00:00:00 2001 From: Shadow Date: Wed, 28 Jan 2026 00:36:12 -0600 Subject: [PATCH 03/36] Discord: fix resolveDiscordTarget parse options --- CHANGELOG.md | 1 + src/discord/send.shared.ts | 21 ++++++++++++++------- src/discord/targets.ts | 3 ++- 3 files changed, 17 insertions(+), 8 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 17f957f07..5909c9899 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -81,6 +81,7 @@ Status: beta. - Web UI: auto-expand the chat compose textarea while typing (with sensible max height). (#2950) Thanks @shivamraut101. - Gateway: prevent crashes on transient network errors (fetch failures, timeouts, DNS). Added fatal error detection to only exit on truly critical errors. Fixes #2895, #2879, #2873. (#2980) Thanks @elliotsecops. - Agents: guard channel tool listActions to avoid plugin crashes. (#2859) Thanks @mbelinky. +- Discord: stop resolveDiscordTarget from passing directory params into messaging target parsers. Fixes #3167. Thanks @thewilloftheshadow. - Discord: avoid resolving bare channel names to user DMs when a username matches. Thanks @thewilloftheshadow. - Discord: fix directory config type import for target resolution. Thanks @thewilloftheshadow. - Providers: update MiniMax API endpoint and compatibility mode. (#3064) Thanks @hlbbbbbbb. diff --git a/src/discord/send.shared.ts b/src/discord/send.shared.ts index 1cf2a93a9..e247300ee 100644 --- a/src/discord/send.shared.ts +++ b/src/discord/send.shared.ts @@ -118,19 +118,26 @@ export async function parseAndResolveRecipient( const accountInfo = resolveDiscordAccount({ cfg, accountId }); // First try to resolve using directory lookup (handles usernames) - const resolved = await resolveDiscordTarget(raw, { - cfg, - accountId: accountInfo.accountId, - }); + const trimmed = raw.trim(); + const parseOptions = { + ambiguousMessage: `Ambiguous Discord recipient "${trimmed}". Use "user:${trimmed}" for DMs or "channel:${trimmed}" for channel messages.`, + }; + + const resolved = await resolveDiscordTarget( + raw, + { + cfg, + accountId: accountInfo.accountId, + }, + parseOptions, + ); if (resolved) { return { kind: resolved.kind, id: resolved.id }; } // Fallback to standard parsing (for channels, etc.) - const parsed = parseDiscordTarget(raw, { - ambiguousMessage: `Ambiguous Discord recipient "${raw.trim()}". Use "user:${raw.trim()}" for DMs or "channel:${raw.trim()}" for channel messages.`, - }); + const parsed = parseDiscordTarget(raw, parseOptions); if (!parsed) { throw new Error("Recipient is required for Discord sends"); diff --git a/src/discord/targets.ts b/src/discord/targets.ts index c6f56cf53..5ea6f5b1b 100644 --- a/src/discord/targets.ts +++ b/src/discord/targets.ts @@ -71,16 +71,17 @@ export function resolveDiscordChannelId(raw: string): string { * * @param raw - The username or raw target string (e.g., "john.doe") * @param options - Directory configuration params (cfg, accountId, limit) + * @param parseOptions - Messaging target parsing options (defaults, ambiguity message) * @returns Parsed MessagingTarget with user ID, or undefined if not found */ export async function resolveDiscordTarget( raw: string, options: DirectoryConfigParams, + parseOptions: DiscordTargetParseOptions = {}, ): Promise { const trimmed = raw.trim(); if (!trimmed) return undefined; - const parseOptions: DiscordTargetParseOptions = {}; const likelyUsername = isLikelyUsername(trimmed); const shouldLookup = isExplicitUserLookup(trimmed, parseOptions) || likelyUsername; const directParse = safeParseDiscordTarget(trimmed, parseOptions); From 9688454a30e618e878ca795fbe46da58b2e2e9d3 Mon Sep 17 00:00:00 2001 From: Shadow Date: Wed, 28 Jan 2026 01:12:04 -0600 Subject: [PATCH 04/36] Accidental inclusion --- skills/bitwarden/SKILL.md | 101 -------------------- skills/bitwarden/references/templates.md | 116 ----------------------- skills/bitwarden/scripts/bw-session.sh | 33 ------- 3 files changed, 250 deletions(-) delete mode 100644 skills/bitwarden/SKILL.md delete mode 100644 skills/bitwarden/references/templates.md delete mode 100755 skills/bitwarden/scripts/bw-session.sh diff --git a/skills/bitwarden/SKILL.md b/skills/bitwarden/SKILL.md deleted file mode 100644 index 3e384597a..000000000 --- a/skills/bitwarden/SKILL.md +++ /dev/null @@ -1,101 +0,0 @@ ---- -name: bitwarden -description: Manage passwords and credentials via Bitwarden CLI (bw). Use for storing, retrieving, creating, or updating logins, credit cards, secure notes, and identities. Trigger when automating authentication, filling payment forms, or managing secrets programmatically. ---- - -# Bitwarden CLI - -Full read/write vault access via `bw` command. - -## Prerequisites - -```bash -brew install bitwarden-cli -bw login # one-time, prompts for master password -``` - -## Session Management - -Bitwarden requires an unlocked session. Use the helper script: - -```bash -source scripts/bw-session.sh -# Sets BW_SESSION env var -``` - -Or manually: -```bash -export BW_SESSION=$(echo '' | bw unlock --raw) -bw sync # always sync after unlock -``` - -## Common Operations - -### Retrieve credentials -```bash -bw get password "Site Name" -bw get username "Site Name" -bw get item "Site Name" --pretty | jq '.login' -``` - -### Create login -```bash -bw get template item | jq ' - .type = 1 | - .name = "Site Name" | - .login.username = "user@email.com" | - .login.password = "secret123" | - .login.uris = [{uri: "https://example.com"}] -' | bw encode | bw create item -``` - -### Create credit card -```bash -bw get template item | jq ' - .type = 3 | - .name = "Card Name" | - .card.cardholderName = "John Doe" | - .card.brand = "Visa" | - .card.number = "4111111111111111" | - .card.expMonth = "12" | - .card.expYear = "2030" | - .card.code = "123" -' | bw encode | bw create item -``` - -### Get card for payment automation -```bash -bw get item "Card Name" | jq -r '.card | "\(.number) \(.expMonth)/\(.expYear) \(.code)"' -``` - -### List items -```bash -bw list items | jq -r '.[] | "\(.type)|\(.name)"' -# Types: 1=login, 2=note, 3=card, 4=identity -``` - -### Search -```bash -bw list items --search "vilaviniteca" | jq '.[0]' -``` - -## Item Types - -| Type | Value | Use | -|------|-------|-----| -| Login | 1 | Website credentials | -| Secure Note | 2 | Freeform text | -| Card | 3 | Credit/debit cards | -| Identity | 4 | Personal info | - -## References - -- [templates.md](references/templates.md) — Full jq templates for all item types -- [Bitwarden CLI docs](https://bitwarden.com/help/cli/) - -## Tips - -1. **Always sync** after creating/editing items: `bw sync` -2. **Session expires** — re-unlock if you get auth errors -3. **Delete sensitive messages** after receiving credentials -4. **Card numbers** may not import from other managers (security restriction) diff --git a/skills/bitwarden/references/templates.md b/skills/bitwarden/references/templates.md deleted file mode 100644 index a14e011e4..000000000 --- a/skills/bitwarden/references/templates.md +++ /dev/null @@ -1,116 +0,0 @@ -# Bitwarden Item Templates - -jq patterns for creating vault items via CLI. - -## Login (type=1) - -```bash -bw get template item | jq ' - .type = 1 | - .name = "Example Site" | - .notes = "Optional notes" | - .favorite = false | - .login.username = "user@example.com" | - .login.password = "secretPassword123" | - .login.totp = "otpauth://totp/..." | - .login.uris = [ - {uri: "https://example.com", match: null}, - {uri: "https://app.example.com", match: null} - ] -' | bw encode | bw create item -``` - -## Credit Card (type=3) - -```bash -bw get template item | jq ' - .type = 3 | - .name = "Visa ending 1234" | - .notes = "Primary card" | - .card.cardholderName = "JOHN DOE" | - .card.brand = "Visa" | - .card.number = "4111111111111111" | - .card.expMonth = "12" | - .card.expYear = "2030" | - .card.code = "123" -' | bw encode | bw create item -``` - -**Brands:** Visa, Mastercard, Amex, Discover, Diners Club, JCB, Maestro, UnionPay, Other - -## Secure Note (type=2) - -```bash -bw get template item | jq ' - .type = 2 | - .name = "API Keys" | - .notes = "OPENAI_KEY=sk-xxx\nANTHROPIC_KEY=sk-ant-xxx" | - .secureNote.type = 0 -' | bw encode | bw create item -``` - -## Identity (type=4) - -```bash -bw get template item | jq ' - .type = 4 | - .name = "Personal Info" | - .identity.title = "Mr" | - .identity.firstName = "John" | - .identity.lastName = "Doe" | - .identity.email = "john@example.com" | - .identity.phone = "+34612345678" | - .identity.address1 = "123 Main St" | - .identity.city = "Barcelona" | - .identity.state = "Catalunya" | - .identity.postalCode = "08001" | - .identity.country = "ES" -' | bw encode | bw create item -``` - -## Edit Existing Item - -```bash -# Get item, modify, update -bw get item | jq '.login.password = "newPassword"' | bw encode | bw edit item -``` - -## Custom Fields - -```bash -bw get template item | jq ' - .type = 1 | - .name = "With Custom Fields" | - .fields = [ - {name: "Security Question", value: "Pet name", type: 0}, - {name: "PIN", value: "1234", type: 1} - ] -' | bw encode | bw create item -``` - -**Field types:** 0=text, 1=hidden, 2=boolean - -## Retrieve Patterns - -```bash -# Password only -bw get password "Site Name" - -# Username only -bw get username "Site Name" - -# Full login object -bw get item "Site Name" | jq '.login' - -# Card number -bw get item "Card Name" | jq -r '.card.number' - -# All card fields for form filling -bw get item "Card Name" | jq -r '.card | [.number, .expMonth, .expYear, .code] | @tsv' - -# Search by URL -bw list items --url "example.com" | jq '.[0].login' - -# List all cards -bw list items | jq '.[] | select(.type == 3) | .name' -``` diff --git a/skills/bitwarden/scripts/bw-session.sh b/skills/bitwarden/scripts/bw-session.sh deleted file mode 100755 index 1b353583e..000000000 --- a/skills/bitwarden/scripts/bw-session.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash -# Unlock Bitwarden vault and export session key -# Usage: source bw-session.sh -# Or: source bw-session.sh (prompts for password) - -set -e - -if [ -n "$1" ]; then - MASTER_PW="$1" -else - read -sp "Bitwarden master password: " MASTER_PW - echo -fi - -# Check if already logged in -if ! bw login --check &>/dev/null; then - echo "Not logged in. Run: bw login " - return 1 -fi - -# Unlock and get session -export BW_SESSION=$(echo "$MASTER_PW" | bw unlock --raw 2>/dev/null) - -if [ -z "$BW_SESSION" ]; then - echo "Failed to unlock vault" - return 1 -fi - -# Sync to get latest -bw sync &>/dev/null - -echo "✓ Vault unlocked and synced" -echo "Session valid for this shell" From 39b7f9d5817e58263330d39cbf65cb182efe1259 Mon Sep 17 00:00:00 2001 From: Roopak Nijhara Date: Tue, 27 Jan 2026 16:54:08 +0530 Subject: [PATCH 05/36] feat(hooks): make session-memory message count configurable (#2681) Adds `messages` config option to session-memory hook (default: 15). Fixes filter order bug - now filters user/assistant messages first, then slices to get exactly N messages. Previously sliced first which could result in fewer messages when non-message entries were present. Co-Authored-By: Claude Opus 4.5 --- src/hooks/bundled/session-memory/HOOK.md | 27 +- .../bundled/session-memory/handler.test.ts | 379 ++++++++++++++++++ src/hooks/bundled/session-memory/handler.ts | 30 +- 3 files changed, 424 insertions(+), 12 deletions(-) create mode 100644 src/hooks/bundled/session-memory/handler.test.ts diff --git a/src/hooks/bundled/session-memory/HOOK.md b/src/hooks/bundled/session-memory/HOOK.md index 2a635a645..0875486c9 100644 --- a/src/hooks/bundled/session-memory/HOOK.md +++ b/src/hooks/bundled/session-memory/HOOK.md @@ -23,7 +23,7 @@ Automatically saves session context to your workspace memory when you issue the When you run `/new` to start a fresh session: 1. **Finds the previous session** - Uses the pre-reset session entry to locate the correct transcript -2. **Extracts conversation** - Reads the last 15 lines of conversation from the session +2. **Extracts conversation** - Reads the last N user/assistant messages from the session (default: 15, configurable) 3. **Generates descriptive slug** - Uses LLM to create a meaningful filename slug based on conversation content 4. **Saves to memory** - Creates a new file at `/memory/YYYY-MM-DD-slug.md` 5. **Sends confirmation** - Notifies you with the file path @@ -57,7 +57,30 @@ The hook uses your configured LLM provider to generate slugs, so it works with a ## Configuration -No additional configuration required. The hook automatically: +The hook supports optional configuration: + +| Option | Type | Default | Description | +|--------|------|---------|-------------| +| `messages` | number | 15 | Number of user/assistant messages to include in the memory file | + +Example configuration: + +```json +{ + "hooks": { + "internal": { + "entries": { + "session-memory": { + "enabled": true, + "messages": 25 + } + } + } + } +} +``` + +The hook automatically: - Uses your workspace directory (`~/clawd` by default) - Uses your configured LLM for slug generation diff --git a/src/hooks/bundled/session-memory/handler.test.ts b/src/hooks/bundled/session-memory/handler.test.ts new file mode 100644 index 000000000..525e21059 --- /dev/null +++ b/src/hooks/bundled/session-memory/handler.test.ts @@ -0,0 +1,379 @@ +import fs from "node:fs/promises"; +import path from "node:path"; + +import { describe, expect, it } from "vitest"; + +import handler from "./handler.js"; +import { createHookEvent } from "../../hooks.js"; +import type { ClawdbotConfig } from "../../../config/config.js"; +import { makeTempWorkspace, writeWorkspaceFile } from "../../../test-helpers/workspace.js"; + +/** + * Create a mock session JSONL file with various entry types + */ +function createMockSessionContent( + entries: Array<{ role: string; content: string } | { type: string }>, +): string { + return entries + .map((entry) => { + if ("role" in entry) { + return JSON.stringify({ + type: "message", + message: { + role: entry.role, + content: entry.content, + }, + }); + } + // Non-message entry (tool call, system, etc.) + return JSON.stringify(entry); + }) + .join("\n"); +} + +describe("session-memory hook", () => { + it("skips non-command events", async () => { + const tempDir = await makeTempWorkspace("clawdbot-session-memory-"); + + const event = createHookEvent("agent", "bootstrap", "agent:main:main", { + workspaceDir: tempDir, + }); + + await handler(event); + + // Memory directory should not be created for non-command events + const memoryDir = path.join(tempDir, "memory"); + await expect(fs.access(memoryDir)).rejects.toThrow(); + }); + + it("skips commands other than new", async () => { + const tempDir = await makeTempWorkspace("clawdbot-session-memory-"); + + const event = createHookEvent("command", "help", "agent:main:main", { + workspaceDir: tempDir, + }); + + await handler(event); + + // Memory directory should not be created for other commands + const memoryDir = path.join(tempDir, "memory"); + await expect(fs.access(memoryDir)).rejects.toThrow(); + }); + + it("creates memory file with session content on /new command", async () => { + const tempDir = await makeTempWorkspace("clawdbot-session-memory-"); + const sessionsDir = path.join(tempDir, "sessions"); + await fs.mkdir(sessionsDir, { recursive: true }); + + // Create a mock session file with user/assistant messages + const sessionContent = createMockSessionContent([ + { role: "user", content: "Hello there" }, + { role: "assistant", content: "Hi! How can I help?" }, + { role: "user", content: "What is 2+2?" }, + { role: "assistant", content: "2+2 equals 4" }, + ]); + const sessionFile = await writeWorkspaceFile({ + dir: sessionsDir, + name: "test-session.jsonl", + content: sessionContent, + }); + + const cfg: ClawdbotConfig = { + agents: { defaults: { workspace: tempDir } }, + }; + + const event = createHookEvent("command", "new", "agent:main:main", { + cfg, + previousSessionEntry: { + sessionId: "test-123", + sessionFile, + }, + }); + + await handler(event); + + // Memory file should be created + const memoryDir = path.join(tempDir, "memory"); + const files = await fs.readdir(memoryDir); + expect(files.length).toBe(1); + + // Read the memory file and verify content + const memoryContent = await fs.readFile(path.join(memoryDir, files[0]!), "utf-8"); + expect(memoryContent).toContain("user: Hello there"); + expect(memoryContent).toContain("assistant: Hi! How can I help?"); + expect(memoryContent).toContain("user: What is 2+2?"); + expect(memoryContent).toContain("assistant: 2+2 equals 4"); + }); + + it("filters out non-message entries (tool calls, system)", async () => { + const tempDir = await makeTempWorkspace("clawdbot-session-memory-"); + const sessionsDir = path.join(tempDir, "sessions"); + await fs.mkdir(sessionsDir, { recursive: true }); + + // Create session with mixed entry types + const sessionContent = createMockSessionContent([ + { role: "user", content: "Hello" }, + { type: "tool_use", tool: "search", input: "test" }, + { role: "assistant", content: "World" }, + { type: "tool_result", result: "found it" }, + { role: "user", content: "Thanks" }, + ]); + const sessionFile = await writeWorkspaceFile({ + dir: sessionsDir, + name: "test-session.jsonl", + content: sessionContent, + }); + + const cfg: ClawdbotConfig = { + agents: { defaults: { workspace: tempDir } }, + }; + + const event = createHookEvent("command", "new", "agent:main:main", { + cfg, + previousSessionEntry: { + sessionId: "test-123", + sessionFile, + }, + }); + + await handler(event); + + const memoryDir = path.join(tempDir, "memory"); + const files = await fs.readdir(memoryDir); + const memoryContent = await fs.readFile(path.join(memoryDir, files[0]!), "utf-8"); + + // Only user/assistant messages should be present + expect(memoryContent).toContain("user: Hello"); + expect(memoryContent).toContain("assistant: World"); + expect(memoryContent).toContain("user: Thanks"); + // Tool entries should not appear + expect(memoryContent).not.toContain("tool_use"); + expect(memoryContent).not.toContain("tool_result"); + expect(memoryContent).not.toContain("search"); + }); + + it("filters out command messages starting with /", async () => { + const tempDir = await makeTempWorkspace("clawdbot-session-memory-"); + const sessionsDir = path.join(tempDir, "sessions"); + await fs.mkdir(sessionsDir, { recursive: true }); + + const sessionContent = createMockSessionContent([ + { role: "user", content: "/help" }, + { role: "assistant", content: "Here is help info" }, + { role: "user", content: "Normal message" }, + { role: "user", content: "/new" }, + ]); + const sessionFile = await writeWorkspaceFile({ + dir: sessionsDir, + name: "test-session.jsonl", + content: sessionContent, + }); + + const cfg: ClawdbotConfig = { + agents: { defaults: { workspace: tempDir } }, + }; + + const event = createHookEvent("command", "new", "agent:main:main", { + cfg, + previousSessionEntry: { + sessionId: "test-123", + sessionFile, + }, + }); + + await handler(event); + + const memoryDir = path.join(tempDir, "memory"); + const files = await fs.readdir(memoryDir); + const memoryContent = await fs.readFile(path.join(memoryDir, files[0]!), "utf-8"); + + // Command messages should be filtered out + expect(memoryContent).not.toContain("/help"); + expect(memoryContent).not.toContain("/new"); + // Normal messages should be present + expect(memoryContent).toContain("assistant: Here is help info"); + expect(memoryContent).toContain("user: Normal message"); + }); + + it("respects custom messages config (limits to N messages)", async () => { + const tempDir = await makeTempWorkspace("clawdbot-session-memory-"); + const sessionsDir = path.join(tempDir, "sessions"); + await fs.mkdir(sessionsDir, { recursive: true }); + + // Create 10 messages + const entries = []; + for (let i = 1; i <= 10; i++) { + entries.push({ role: "user", content: `Message ${i}` }); + } + const sessionContent = createMockSessionContent(entries); + const sessionFile = await writeWorkspaceFile({ + dir: sessionsDir, + name: "test-session.jsonl", + content: sessionContent, + }); + + // Configure to only include last 3 messages + const cfg: ClawdbotConfig = { + agents: { defaults: { workspace: tempDir } }, + hooks: { + internal: { + entries: { + "session-memory": { enabled: true, messages: 3 }, + }, + }, + }, + }; + + const event = createHookEvent("command", "new", "agent:main:main", { + cfg, + previousSessionEntry: { + sessionId: "test-123", + sessionFile, + }, + }); + + await handler(event); + + const memoryDir = path.join(tempDir, "memory"); + const files = await fs.readdir(memoryDir); + const memoryContent = await fs.readFile(path.join(memoryDir, files[0]!), "utf-8"); + + // Only last 3 messages should be present + expect(memoryContent).not.toContain("user: Message 1\n"); + expect(memoryContent).not.toContain("user: Message 7\n"); + expect(memoryContent).toContain("user: Message 8"); + expect(memoryContent).toContain("user: Message 9"); + expect(memoryContent).toContain("user: Message 10"); + }); + + it("filters messages before slicing (fix for #2681)", async () => { + const tempDir = await makeTempWorkspace("clawdbot-session-memory-"); + const sessionsDir = path.join(tempDir, "sessions"); + await fs.mkdir(sessionsDir, { recursive: true }); + + // Create session with many tool entries interspersed with messages + // This tests that we filter FIRST, then slice - not the other way around + const entries = [ + { role: "user", content: "First message" }, + { type: "tool_use", tool: "test1" }, + { type: "tool_result", result: "result1" }, + { role: "assistant", content: "Second message" }, + { type: "tool_use", tool: "test2" }, + { type: "tool_result", result: "result2" }, + { role: "user", content: "Third message" }, + { type: "tool_use", tool: "test3" }, + { type: "tool_result", result: "result3" }, + { role: "assistant", content: "Fourth message" }, + ]; + const sessionContent = createMockSessionContent(entries); + const sessionFile = await writeWorkspaceFile({ + dir: sessionsDir, + name: "test-session.jsonl", + content: sessionContent, + }); + + // Request 3 messages - if we sliced first, we'd only get 1-2 messages + // because the last 3 lines include tool entries + const cfg: ClawdbotConfig = { + agents: { defaults: { workspace: tempDir } }, + hooks: { + internal: { + entries: { + "session-memory": { enabled: true, messages: 3 }, + }, + }, + }, + }; + + const event = createHookEvent("command", "new", "agent:main:main", { + cfg, + previousSessionEntry: { + sessionId: "test-123", + sessionFile, + }, + }); + + await handler(event); + + const memoryDir = path.join(tempDir, "memory"); + const files = await fs.readdir(memoryDir); + const memoryContent = await fs.readFile(path.join(memoryDir, files[0]!), "utf-8"); + + // Should have exactly 3 user/assistant messages (the last 3) + expect(memoryContent).not.toContain("First message"); + expect(memoryContent).toContain("user: Third message"); + expect(memoryContent).toContain("assistant: Second message"); + expect(memoryContent).toContain("assistant: Fourth message"); + }); + + it("handles empty session files gracefully", async () => { + const tempDir = await makeTempWorkspace("clawdbot-session-memory-"); + const sessionsDir = path.join(tempDir, "sessions"); + await fs.mkdir(sessionsDir, { recursive: true }); + + const sessionFile = await writeWorkspaceFile({ + dir: sessionsDir, + name: "test-session.jsonl", + content: "", + }); + + const cfg: ClawdbotConfig = { + agents: { defaults: { workspace: tempDir } }, + }; + + const event = createHookEvent("command", "new", "agent:main:main", { + cfg, + previousSessionEntry: { + sessionId: "test-123", + sessionFile, + }, + }); + + // Should not throw + await handler(event); + + // Memory file should still be created with metadata + const memoryDir = path.join(tempDir, "memory"); + const files = await fs.readdir(memoryDir); + expect(files.length).toBe(1); + }); + + it("handles session files with fewer messages than requested", async () => { + const tempDir = await makeTempWorkspace("clawdbot-session-memory-"); + const sessionsDir = path.join(tempDir, "sessions"); + await fs.mkdir(sessionsDir, { recursive: true }); + + // Only 2 messages but requesting 15 (default) + const sessionContent = createMockSessionContent([ + { role: "user", content: "Only message 1" }, + { role: "assistant", content: "Only message 2" }, + ]); + const sessionFile = await writeWorkspaceFile({ + dir: sessionsDir, + name: "test-session.jsonl", + content: sessionContent, + }); + + const cfg: ClawdbotConfig = { + agents: { defaults: { workspace: tempDir } }, + }; + + const event = createHookEvent("command", "new", "agent:main:main", { + cfg, + previousSessionEntry: { + sessionId: "test-123", + sessionFile, + }, + }); + + await handler(event); + + const memoryDir = path.join(tempDir, "memory"); + const files = await fs.readdir(memoryDir); + const memoryContent = await fs.readFile(path.join(memoryDir, files[0]!), "utf-8"); + + // Both messages should be included + expect(memoryContent).toContain("user: Only message 1"); + expect(memoryContent).toContain("assistant: Only message 2"); + }); +}); diff --git a/src/hooks/bundled/session-memory/handler.ts b/src/hooks/bundled/session-memory/handler.ts index c087d73e8..c38a46e7b 100644 --- a/src/hooks/bundled/session-memory/handler.ts +++ b/src/hooks/bundled/session-memory/handler.ts @@ -11,22 +11,23 @@ import os from "node:os"; import type { MoltbotConfig } from "../../../config/config.js"; import { resolveAgentWorkspaceDir } from "../../../agents/agent-scope.js"; import { resolveAgentIdFromSessionKey } from "../../../routing/session-key.js"; +import { resolveHookConfig } from "../../config.js"; import type { HookHandler } from "../../hooks.js"; /** * Read recent messages from session file for slug generation */ -async function getRecentSessionContent(sessionFilePath: string): Promise { +async function getRecentSessionContent( + sessionFilePath: string, + messageCount: number = 15, +): Promise { try { const content = await fs.readFile(sessionFilePath, "utf-8"); const lines = content.trim().split("\n"); - // Get last 15 lines (recent conversation) - const recentLines = lines.slice(-15); - - // Parse JSONL and extract messages - const messages: string[] = []; - for (const line of recentLines) { + // Parse JSONL and extract user/assistant messages first + const allMessages: string[] = []; + for (const line of lines) { try { const entry = JSON.parse(line); // Session files have entries with type="message" containing a nested message object @@ -39,7 +40,7 @@ async function getRecentSessionContent(sessionFilePath: string): Promise c.type === "text")?.text : msg.content; if (text && !text.startsWith("/")) { - messages.push(`${role}: ${text}`); + allMessages.push(`${role}: ${text}`); } } } @@ -48,7 +49,9 @@ async function getRecentSessionContent(sessionFilePath: string): Promise { const sessionFile = currentSessionFile || undefined; + // Read message count from hook config (default: 15) + const hookConfig = resolveHookConfig(cfg, "session-memory"); + const messageCount = + typeof hookConfig?.messages === "number" && hookConfig.messages > 0 + ? hookConfig.messages + : 15; + let slug: string | null = null; let sessionContent: string | null = null; if (sessionFile) { // Get recent conversation content - sessionContent = await getRecentSessionContent(sessionFile); + sessionContent = await getRecentSessionContent(sessionFile, messageCount); console.log("[session-memory] sessionContent length:", sessionContent?.length || 0); if (sessionContent && cfg) { From bffcef981da30200542eef8e4e3e8736c728cc60 Mon Sep 17 00:00:00 2001 From: Roopak Nijhara Date: Tue, 27 Jan 2026 21:30:44 +0530 Subject: [PATCH 06/36] style: run pnpm format --- src/hooks/bundled/session-memory/HOOK.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/hooks/bundled/session-memory/HOOK.md b/src/hooks/bundled/session-memory/HOOK.md index 0875486c9..41223eb05 100644 --- a/src/hooks/bundled/session-memory/HOOK.md +++ b/src/hooks/bundled/session-memory/HOOK.md @@ -59,9 +59,9 @@ The hook uses your configured LLM provider to generate slugs, so it works with a The hook supports optional configuration: -| Option | Type | Default | Description | -|--------|------|---------|-------------| -| `messages` | number | 15 | Number of user/assistant messages to include in the memory file | +| Option | Type | Default | Description | +| ---------- | ------ | ------- | --------------------------------------------------------------- | +| `messages` | number | 15 | Number of user/assistant messages to include in the memory file | Example configuration: From d93f8ffc13b67f6ea065fdfece1ea311c6a6ddbc Mon Sep 17 00:00:00 2001 From: Roopak Nijhara Date: Tue, 27 Jan 2026 22:52:04 +0530 Subject: [PATCH 07/36] fix: use fileURLToPath for Windows compatibility --- src/hooks/bundled/session-memory/handler.ts | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/src/hooks/bundled/session-memory/handler.ts b/src/hooks/bundled/session-memory/handler.ts index c38a46e7b..5b5a69c9c 100644 --- a/src/hooks/bundled/session-memory/handler.ts +++ b/src/hooks/bundled/session-memory/handler.ts @@ -8,6 +8,7 @@ import fs from "node:fs/promises"; import path from "node:path"; import os from "node:os"; +import { fileURLToPath } from "node:url"; import type { MoltbotConfig } from "../../../config/config.js"; import { resolveAgentWorkspaceDir } from "../../../agents/agent-scope.js"; import { resolveAgentIdFromSessionKey } from "../../../routing/session-key.js"; @@ -116,10 +117,7 @@ const saveSessionToMemory: HookHandler = async (event) => { // Dynamically import the LLM slug generator (avoids module caching issues) // When compiled, handler is at dist/hooks/bundled/session-memory/handler.js // Going up ../.. puts us at dist/hooks/, so just add llm-slug-generator.js - const moltbotRoot = path.resolve( - path.dirname(import.meta.url.replace("file://", "")), - "../..", - ); + const moltbotRoot = path.resolve(path.dirname(fileURLToPath(import.meta.url)), "../.."); const slugGenPath = path.join(moltbotRoot, "llm-slug-generator.js"); const { generateSlugViaLLM } = await import(slugGenPath); From 57efd8e0838c7016d1c8e3036c764345e646b380 Mon Sep 17 00:00:00 2001 From: Bruno Guidolim Date: Wed, 28 Jan 2026 13:17:50 +0100 Subject: [PATCH 08/36] fix(media): add missing MIME type mappings for audio/video files MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Add mappings for audio/x-m4a, audio/mp4, and video/quicktime to ensure media files sent as documents are saved with proper extensions, enabling automatic transcription/analysis tools to work correctly. - audio/x-m4a → .m4a - audio/mp4 → .m4a - video/quicktime → .mov Also adds comprehensive test coverage for extensionForMime(). --- src/media/mime.test.ts | 46 +++++++++++++++++++++++++++++++++++++++++- src/media/mime.ts | 3 +++ 2 files changed, 48 insertions(+), 1 deletion(-) diff --git a/src/media/mime.test.ts b/src/media/mime.test.ts index a3c2a35d8..92325a62e 100644 --- a/src/media/mime.test.ts +++ b/src/media/mime.test.ts @@ -1,7 +1,7 @@ import JSZip from "jszip"; import { describe, expect, it } from "vitest"; -import { detectMime, imageMimeFromFormat } from "./mime.js"; +import { detectMime, extensionForMime, imageMimeFromFormat } from "./mime.js"; async function makeOoxmlZip(opts: { mainMime: string; partPath: string }): Promise { const zip = new JSZip(); @@ -53,3 +53,47 @@ describe("mime detection", () => { expect(mime).toBe("application/vnd.openxmlformats-officedocument.spreadsheetml.sheet"); }); }); + +describe("extensionForMime", () => { + it("maps image MIME types to extensions", () => { + expect(extensionForMime("image/jpeg")).toBe(".jpg"); + expect(extensionForMime("image/png")).toBe(".png"); + expect(extensionForMime("image/webp")).toBe(".webp"); + expect(extensionForMime("image/gif")).toBe(".gif"); + expect(extensionForMime("image/heic")).toBe(".heic"); + }); + + it("maps audio MIME types to extensions", () => { + expect(extensionForMime("audio/mpeg")).toBe(".mp3"); + expect(extensionForMime("audio/ogg")).toBe(".ogg"); + expect(extensionForMime("audio/x-m4a")).toBe(".m4a"); + expect(extensionForMime("audio/mp4")).toBe(".m4a"); + }); + + it("maps video MIME types to extensions", () => { + expect(extensionForMime("video/mp4")).toBe(".mp4"); + expect(extensionForMime("video/quicktime")).toBe(".mov"); + }); + + it("maps document MIME types to extensions", () => { + expect(extensionForMime("application/pdf")).toBe(".pdf"); + expect(extensionForMime("text/plain")).toBe(".txt"); + expect(extensionForMime("text/markdown")).toBe(".md"); + }); + + it("handles case insensitivity", () => { + expect(extensionForMime("IMAGE/JPEG")).toBe(".jpg"); + expect(extensionForMime("Audio/X-M4A")).toBe(".m4a"); + expect(extensionForMime("Video/QuickTime")).toBe(".mov"); + }); + + it("returns undefined for unknown MIME types", () => { + expect(extensionForMime("video/unknown")).toBeUndefined(); + expect(extensionForMime("application/x-custom")).toBeUndefined(); + }); + + it("returns undefined for null or undefined input", () => { + expect(extensionForMime(null)).toBeUndefined(); + expect(extensionForMime(undefined)).toBeUndefined(); + }); +}); diff --git a/src/media/mime.ts b/src/media/mime.ts index 79677b1cb..c50e9152c 100644 --- a/src/media/mime.ts +++ b/src/media/mime.ts @@ -13,7 +13,10 @@ const EXT_BY_MIME: Record = { "image/gif": ".gif", "audio/ogg": ".ogg", "audio/mpeg": ".mp3", + "audio/x-m4a": ".m4a", + "audio/mp4": ".m4a", "video/mp4": ".mp4", + "video/quicktime": ".mov", "application/pdf": ".pdf", "application/json": ".json", "application/zip": ".zip", From 01e0d3a320252664dc2bdeafdacb96cb4a473be0 Mon Sep 17 00:00:00 2001 From: Akshay Date: Wed, 28 Jan 2026 21:26:25 +0800 Subject: [PATCH 09/36] fix(cli): initialize plugins before pairing CLI registration (#3272) The pairing CLI calls listPairingChannels() at registration time, which requires the plugin registry to be populated. Without this, plugin-provided channels like Matrix fail with "does not support pairing" even though they have pairing adapters defined. This mirrors the existing pattern used by the plugins CLI entry. Co-authored-by: Shakker <165377636+shakkernerd@users.noreply.github.com> --- src/cli/program/register.subclis.ts | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/cli/program/register.subclis.ts b/src/cli/program/register.subclis.ts index 97ca4508a..e5684fbea 100644 --- a/src/cli/program/register.subclis.ts +++ b/src/cli/program/register.subclis.ts @@ -168,6 +168,11 @@ const entries: SubCliEntry[] = [ name: "pairing", description: "Pairing helpers", register: async (program) => { + // Initialize plugins before registering pairing CLI. + // The pairing CLI calls listPairingChannels() at registration time, + // which requires the plugin registry to be populated with channel plugins. + const { registerPluginCliCommands } = await import("../../plugins/cli.js"); + registerPluginCliCommands(program, await loadConfig()); const mod = await import("../pairing-cli.js"); mod.registerPairingCli(program); }, From 109ac1c54932511b36dc51fb0d18fbcddd7766d1 Mon Sep 17 00:00:00 2001 From: Gustavo Madeira Santana Date: Wed, 28 Jan 2026 11:39:35 -0500 Subject: [PATCH 10/36] fix: banner spacing --- src/cli/banner.ts | 1 + src/commands/onboard-helpers.ts | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/src/cli/banner.ts b/src/cli/banner.ts index 6ca7d4cbc..e19433e11 100644 --- a/src/cli/banner.ts +++ b/src/cli/banner.ts @@ -71,6 +71,7 @@ const LOBSTER_ASCII = [ "██░███░██░▀▀▀░██░▀▀░███░████░▀▀░██░▀▀▀░███░████", "▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀", " 🦞 FRESH DAILY 🦞 ", + " ", ]; export function formatCliBannerArt(options: BannerOptions = {}): string { diff --git a/src/commands/onboard-helpers.ts b/src/commands/onboard-helpers.ts index 165365bb6..376555a39 100644 --- a/src/commands/onboard-helpers.ts +++ b/src/commands/onboard-helpers.ts @@ -69,7 +69,8 @@ export function printWizardHeader(runtime: RuntimeEnv) { "██░█░█░██░███░██░██████░████░▄▄▀██░███░███░████", "██░███░██░▀▀▀░██░▀▀░███░████░▀▀░██░▀▀▀░███░████", "▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀", - " 🦞 FRESH DAILY 🦞 ", + " 🦞 FRESH DAILY 🦞 ", + " ", ].join("\n"); runtime.log(header); } From a7534dc22382c42465f3676724536a014ce0cbf7 Mon Sep 17 00:00:00 2001 From: Tyler Yust <64381258+tyler6204@users.noreply.github.com> Date: Wed, 28 Jan 2026 13:32:10 -0800 Subject: [PATCH 11/36] fix(ui): gateway URL confirmation modal (based on #2880) (#3578) * fix: adding confirmation modal to confirm gateway url change * refactor: added modal instead of confirm prompt * fix(ui): reconnect after confirming gateway url (#2880) (thanks @0xacb) --------- Co-authored-by: 0xacb --- ui/src/ui/app-render.ts | 2 ++ ui/src/ui/app-settings.ts | 3 +- ui/src/ui/app-view-state.ts | 3 ++ ui/src/ui/app.ts | 16 +++++++++ ui/src/ui/views/gateway-url-confirmation.ts | 39 +++++++++++++++++++++ 5 files changed, 62 insertions(+), 1 deletion(-) create mode 100644 ui/src/ui/views/gateway-url-confirmation.ts diff --git a/ui/src/ui/app-render.ts b/ui/src/ui/app-render.ts index a088c33ff..422af6863 100644 --- a/ui/src/ui/app-render.ts +++ b/ui/src/ui/app-render.ts @@ -42,6 +42,7 @@ import { renderNodes } from "./views/nodes"; import { renderOverview } from "./views/overview"; import { renderSessions } from "./views/sessions"; import { renderExecApprovalPrompt } from "./views/exec-approval"; +import { renderGatewayUrlConfirmation } from "./views/gateway-url-confirmation"; import { approveDevicePairing, loadDevices, @@ -578,6 +579,7 @@ export function renderApp(state: AppViewState) { : nothing} ${renderExecApprovalPrompt(state)} + ${renderGatewayUrlConfirmation(state)} `; } diff --git a/ui/src/ui/app-settings.ts b/ui/src/ui/app-settings.ts index e269742b2..7e3ab29cf 100644 --- a/ui/src/ui/app-settings.ts +++ b/ui/src/ui/app-settings.ts @@ -33,6 +33,7 @@ type SettingsHost = { basePath: string; themeMedia: MediaQueryList | null; themeMediaHandler: ((event: MediaQueryListEvent) => void) | null; + pendingGatewayUrl?: string | null; }; export function applySettings(host: SettingsHost, next: UiSettings) { @@ -98,7 +99,7 @@ export function applySettingsFromUrl(host: SettingsHost) { if (gatewayUrlRaw != null) { const gatewayUrl = gatewayUrlRaw.trim(); if (gatewayUrl && gatewayUrl !== host.settings.gatewayUrl) { - applySettings(host, { ...host.settings, gatewayUrl }); + host.pendingGatewayUrl = gatewayUrl; } params.delete("gatewayUrl"); shouldCleanUrl = true; diff --git a/ui/src/ui/app-view-state.ts b/ui/src/ui/app-view-state.ts index 069465e32..f58656bfb 100644 --- a/ui/src/ui/app-view-state.ts +++ b/ui/src/ui/app-view-state.ts @@ -73,6 +73,7 @@ export type AppViewState = { execApprovalQueue: ExecApprovalRequest[]; execApprovalBusy: boolean; execApprovalError: string | null; + pendingGatewayUrl: string | null; configLoading: boolean; configRaw: string; configRawOriginal: string; @@ -165,6 +166,8 @@ export type AppViewState = { handleNostrProfileImport: () => Promise; handleNostrProfileToggleAdvanced: () => void; handleExecApprovalDecision: (decision: "allow-once" | "allow-always" | "deny") => Promise; + handleGatewayUrlConfirm: () => void; + handleGatewayUrlCancel: () => void; handleConfigLoad: () => Promise; handleConfigSave: () => Promise; handleConfigApply: () => Promise; diff --git a/ui/src/ui/app.ts b/ui/src/ui/app.ts index d23e543cd..26f4a5836 100644 --- a/ui/src/ui/app.ts +++ b/ui/src/ui/app.ts @@ -152,6 +152,7 @@ export class MoltbotApp extends LitElement { @state() execApprovalQueue: ExecApprovalRequest[] = []; @state() execApprovalBusy = false; @state() execApprovalError: string | null = null; + @state() pendingGatewayUrl: string | null = null; @state() configLoading = false; @state() configRaw = "{\n}\n"; @@ -448,6 +449,21 @@ export class MoltbotApp extends LitElement { } } + handleGatewayUrlConfirm() { + const nextGatewayUrl = this.pendingGatewayUrl; + if (!nextGatewayUrl) return; + this.pendingGatewayUrl = null; + applySettingsInternal( + this as unknown as Parameters[0], + { ...this.settings, gatewayUrl: nextGatewayUrl }, + ); + this.connect(); + } + + handleGatewayUrlCancel() { + this.pendingGatewayUrl = null; + } + // Sidebar handlers for tool output viewing handleOpenSidebar(content: string) { if (this.sidebarCloseTimer != null) { diff --git a/ui/src/ui/views/gateway-url-confirmation.ts b/ui/src/ui/views/gateway-url-confirmation.ts new file mode 100644 index 000000000..7d48c4367 --- /dev/null +++ b/ui/src/ui/views/gateway-url-confirmation.ts @@ -0,0 +1,39 @@ +import { html, nothing } from "lit"; + +import type { AppViewState } from "../app-view-state"; + +export function renderGatewayUrlConfirmation(state: AppViewState) { + const { pendingGatewayUrl } = state; + if (!pendingGatewayUrl) return nothing; + + return html` + + `; +} From 67f1402703bb530246cf55e023d06c982ec8d991 Mon Sep 17 00:00:00 2001 From: Shakker Date: Wed, 28 Jan 2026 23:30:29 +0000 Subject: [PATCH 12/36] fix: tts base url runtime read (#3341) (thanks @hclsys) --- CHANGELOG.md | 1 + src/tts/tts.ts | 22 +++++++++++++++------- 2 files changed, 16 insertions(+), 7 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 5909c9899..37ae5fdf2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -77,6 +77,7 @@ Status: beta. - Agents: prevent retries on oversized image errors and surface size limits. (#2871) Thanks @Suksham-sharma. - Agents: inherit provider baseUrl/api for inline models. (#2740) Thanks @lploc94. - Memory Search: keep auto provider model defaults and only include remote when configured. (#2576) Thanks @papago2355. +- TTS: read OPENAI_TTS_BASE_URL at runtime instead of module load to honor config.env. (#3341) Thanks @hclsys. - macOS: auto-scroll to bottom when sending a new message while scrolled up. (#2471) Thanks @kennyklee. - Web UI: auto-expand the chat compose textarea while typing (with sensible max height). (#2950) Thanks @shivamraut101. - Gateway: prevent crashes on transient network errors (fetch failures, timeouts, DNS). Added fatal error detection to only exit on truly critical errors. Fixes #2895, #2879, #2873. (#2980) Thanks @elliotsecops. diff --git a/src/tts/tts.ts b/src/tts/tts.ts index af3d7fda5..faa83d3a6 100644 --- a/src/tts/tts.ts +++ b/src/tts/tts.ts @@ -757,11 +757,19 @@ export const OPENAI_TTS_MODELS = ["gpt-4o-mini-tts", "tts-1", "tts-1-hd"] as con * Custom OpenAI-compatible TTS endpoint. * When set, model/voice validation is relaxed to allow non-OpenAI models. * Example: OPENAI_TTS_BASE_URL=http://localhost:8880/v1 + * + * Note: Read at runtime (not module load) to support config.env loading. */ -const OPENAI_TTS_BASE_URL = ( - process.env.OPENAI_TTS_BASE_URL?.trim() || "https://api.openai.com/v1" -).replace(/\/+$/, ""); -const isCustomOpenAIEndpoint = OPENAI_TTS_BASE_URL !== "https://api.openai.com/v1"; +function getOpenAITtsBaseUrl(): string { + return (process.env.OPENAI_TTS_BASE_URL?.trim() || "https://api.openai.com/v1").replace( + /\/+$/, + "", + ); +} + +function isCustomOpenAIEndpoint(): boolean { + return getOpenAITtsBaseUrl() !== "https://api.openai.com/v1"; +} export const OPENAI_TTS_VOICES = [ "alloy", "ash", @@ -778,13 +786,13 @@ type OpenAiTtsVoice = (typeof OPENAI_TTS_VOICES)[number]; function isValidOpenAIModel(model: string): boolean { // Allow any model when using custom endpoint (e.g., Kokoro, LocalAI) - if (isCustomOpenAIEndpoint) return true; + if (isCustomOpenAIEndpoint()) return true; return OPENAI_TTS_MODELS.includes(model as (typeof OPENAI_TTS_MODELS)[number]); } function isValidOpenAIVoice(voice: string): voice is OpenAiTtsVoice { // Allow any voice when using custom endpoint (e.g., Kokoro Chinese voices) - if (isCustomOpenAIEndpoint) return true; + if (isCustomOpenAIEndpoint()) return true; return OPENAI_TTS_VOICES.includes(voice as OpenAiTtsVoice); } @@ -1011,7 +1019,7 @@ async function openaiTTS(params: { const timeout = setTimeout(() => controller.abort(), timeoutMs); try { - const response = await fetch(`${OPENAI_TTS_BASE_URL}/audio/speech`, { + const response = await fetch(`${getOpenAITtsBaseUrl()}/audio/speech`, { method: "POST", headers: { Authorization: `Bearer ${apiKey}`, From 1c98b9dec8da59cb44c4c1c28269a9d6ec92f4b3 Mon Sep 17 00:00:00 2001 From: Shakker Date: Wed, 28 Jan 2026 23:41:33 +0000 Subject: [PATCH 13/36] fix(ui): trim whitespace from config input fields on change --- ui/src/ui/views/config-form.node.ts | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/ui/src/ui/views/config-form.node.ts b/ui/src/ui/views/config-form.node.ts index 9d121d7f1..17a182281 100644 --- a/ui/src/ui/views/config-form.node.ts +++ b/ui/src/ui/views/config-form.node.ts @@ -260,6 +260,11 @@ function renderTextInput(params: { } onPatch(path, raw); }} + @change=${(e: Event) => { + if (inputType === "number") return; + const raw = (e.target as HTMLInputElement).value; + onPatch(path, raw.trim()); + }} /> ${schema.default !== undefined ? html` @@ -132,15 +138,47 @@ export function renderChatControls(state: AppViewState) { `; } -function resolveSessionOptions(sessionKey: string, sessions: SessionsListResult | null) { +type SessionDefaultsSnapshot = { + mainSessionKey?: string; + mainKey?: string; +}; + +function resolveMainSessionKey( + hello: AppViewState["hello"], + sessions: SessionsListResult | null, +): string | null { + const snapshot = hello?.snapshot as { sessionDefaults?: SessionDefaultsSnapshot } | undefined; + const mainSessionKey = snapshot?.sessionDefaults?.mainSessionKey?.trim(); + if (mainSessionKey) return mainSessionKey; + const mainKey = snapshot?.sessionDefaults?.mainKey?.trim(); + if (mainKey) return mainKey; + if (sessions?.sessions?.some((row) => row.key === "main")) return "main"; + return null; +} + +function resolveSessionOptions( + sessionKey: string, + sessions: SessionsListResult | null, + mainSessionKey?: string | null, +) { const seen = new Set(); const options: Array<{ key: string; displayName?: string }> = []; + const resolvedMain = + mainSessionKey && sessions?.sessions?.find((s) => s.key === mainSessionKey); const resolvedCurrent = sessions?.sessions?.find((s) => s.key === sessionKey); - // Add current session key first - seen.add(sessionKey); - options.push({ key: sessionKey, displayName: resolvedCurrent?.displayName }); + // Add main session key first + if (mainSessionKey) { + seen.add(mainSessionKey); + options.push({ key: mainSessionKey, displayName: resolvedMain?.displayName }); + } + + // Add current session key next + if (!seen.has(sessionKey)) { + seen.add(sessionKey); + options.push({ key: sessionKey, displayName: resolvedCurrent?.displayName }); + } // Add sessions from the result if (sessions?.sessions) { diff --git a/ui/src/ui/app.ts b/ui/src/ui/app.ts index 26f4a5836..50ffcdf76 100644 --- a/ui/src/ui/app.ts +++ b/ui/src/ui/app.ts @@ -258,6 +258,7 @@ export class MoltbotApp extends LitElement { private logsScrollFrame: number | null = null; private toolStreamById = new Map(); private toolStreamOrder: string[] = []; + refreshSessionsAfterChat = false; basePath = ""; private popStateHandler = () => onPopStateInternal( diff --git a/ui/src/ui/controllers/sessions.ts b/ui/src/ui/controllers/sessions.ts index 5c5077037..7e87f1911 100644 --- a/ui/src/ui/controllers/sessions.ts +++ b/ui/src/ui/controllers/sessions.ts @@ -14,18 +14,29 @@ export type SessionsState = { sessionsIncludeUnknown: boolean; }; -export async function loadSessions(state: SessionsState) { +export async function loadSessions( + state: SessionsState, + overrides?: { + activeMinutes?: number; + limit?: number; + includeGlobal?: boolean; + includeUnknown?: boolean; + }, +) { if (!state.client || !state.connected) return; if (state.sessionsLoading) return; state.sessionsLoading = true; state.sessionsError = null; try { + const includeGlobal = overrides?.includeGlobal ?? state.sessionsIncludeGlobal; + const includeUnknown = overrides?.includeUnknown ?? state.sessionsIncludeUnknown; + const activeMinutes = + overrides?.activeMinutes ?? toNumber(state.sessionsFilterActive, 0); + const limit = overrides?.limit ?? toNumber(state.sessionsFilterLimit, 0); const params: Record = { - includeGlobal: state.sessionsIncludeGlobal, - includeUnknown: state.sessionsIncludeUnknown, + includeGlobal, + includeUnknown, }; - const activeMinutes = toNumber(state.sessionsFilterActive, 0); - const limit = toNumber(state.sessionsFilterLimit, 0); if (activeMinutes > 0) params.activeMinutes = activeMinutes; if (limit > 0) params.limit = limit; const res = (await state.client.request("sessions.list", params)) as