Commit Graph

7891 Commits

Author SHA1 Message Date
Shunsuke Hayashi
ca57901c2d fix(response, review): fix P1-6, P1-7, P1-8 from Codex review
- P1-6: Add threadId support to Discord reply (use threadId as target channel)
- P1-7: Handle long input (>4000 chars) with temp files
- P1-8: Capture tmux output with capture-pane instead of send-keys stdout
2026-01-26 07:39:14 +09:00
Shunsuke Hayashi
415a52055c fix(session, theta, artifacts): fix P1 bugs from Codex review
- P1-1: Set currentPhase at start of execute() instead of end
- P1-2: Add AbortController support to timeout execution
- P1-3: Add createdAt to DynamoDB AttributeDefinitions for GSI
- P1-4: Remove PendingIndex to avoid hot key problem
- P1-5: Add conditional update to prevent recovery race condition
2026-01-26 07:35:38 +09:00
Shunsuke Hayashi
da1c5b26e0 fix(security): fix P0 critical bugs in agent selection and command injection
P0-1: Fix Agent Selection Bug (decide.ts)
- Move wildcard agent (conductor) to end of AVAILABLE_AGENTS array
- Update selectAgent() to prioritize specific intents over wildcard
- Previously, wildcard matched first, causing all intents to select conductor

P0-2: Fix Command Injection Vulnerability (codex-reviewer.ts)
- Add escapeShellString() function to sanitize user content
- Escape backslashes, quotes, $, backticks, newlines, carriage returns
- Apply escaping in execTmux() and buildCodexCommand()
- Previously, unescaped user content could execute arbitrary shell commands

Security: Prevents attackers from injecting malicious commands via
user-controlled content (code review input) that gets passed to tmux.
2026-01-26 07:25:36 +09:00
Shunsuke Hayashi
68a9b16c2b fix(response): resolve TypeScript compilation errors
- Add @aws-sdk/client-dynamodb dependency
- Remove non-existent LINE integration (line-reply.ts)
- Change ResponseFormat from enum to const object for type safety
- Fix Discord API imports - use inline types instead of non-existent exports
- Add CreateTableCommand import to artifacts/manager.ts
- Add tmuxTarget property to ReviewOptions
- Remove TimeToLiveSpecification from CreateTable (TTL configured separately)
- Fix timestamp type conversion in createDiscordReply

This resolves build errors when running the clawdbot command.
2026-01-26 07:16:59 +09:00
Shunsuke Hayashi
522e2a1310 feat(review): add Codex review integration via tmux
Implement automated code review using Codex:

- src/review/types.ts: Core type definitions
  * CodexReview with score, issues, suggestions
  * ReviewRequest, ReviewResult interfaces
  * ReviewScore (0-1 scale for overall/accuracy/style/security)
- src/review/codex-reviewer.ts: Codex execution via tmux
  * runCodexReview() - Execute Codex via MacBook tmux (%2)
  * parseCodexOutput() - Parse Codex JSON/Markdown output
  * evaluateReview() - Check against threshold (default: 0.8)
  * formatReview() - Convert to Markdown/JSON
  * createReviewRequest() - Build review request
  * detectLanguage() - Auto-detect from code patterns
- src/review/codex-reviewer.test.ts: Unit tests (skeleton)
- src/review/index.ts: Module exports

Features:
- tmux send-keys for Codex execution (target: %2 for Kaede)
- Score-based approval (0.8+ = approved)
- Critical issue auto-rejection
- Multi-language detection (TS, Python, Rust)
- Markdown/JSON formatted output

Co-Authored-By: Claude <noreply@anthropic.com>
2026-01-26 07:01:43 +09:00
Shunsuke Hayashi
12d7ff72fa feat(response): add unified reply format for Discord and LINE
Implement cross-platform reply system with quote support:

- src/response/types.ts: Core type definitions
  * ReplyOptions, ResponseFormat (text, embed, file, flex)
  * ReplyEmbed, ReplyAuthor, QuoteMetadata interfaces
- src/response/discord-reply.ts: Discord reply implementation
  * sendReply() - Send quoted reply to Discord
  * createDiscordReply() - Build reply data from Message
  * Supports attachments, embeds, allowed mentions
- src/response/line-reply.ts: LINE reply implementation
  * sendLineReply() - Send quoted reply via LINE Messaging API
  * createLineReply() - Build reply data from event
  * Flex Message support for rich formatting
- src/response/discord-reply.test.ts: Discord tests (skeleton)
- src/response/line-reply.test.ts: LINE tests (skeleton)
- src/response/index.ts: Module exports

Features:
- Quote original message in response
- Multi-platform support (Discord, LINE)
- File attachments from artifacts module
- Unified ReplyOptions interface
- Extensible for future platforms

Co-Authored-By: Claude <noreply@anthropic.com>
2026-01-26 06:59:42 +09:00
Shunsuke Hayashi
2931f600b4 feat(artifacts): add S3-based artifact management system
Implement artifact storage and distribution for θ-cycle outputs:

- src/artifacts/types.ts: Artifact, ArtifactMetadata interfaces
  * ArtifactType enum (file, code, report, image, log, json)
  * SaveArtifactOptions, DownloadUrlOptions, ArtifactFilter
- src/artifacts/manager.ts: S3 + DynamoDB client
  * save() / saveFile() - Upload to S3, store metadata in DynamoDB
  * getDownloadUrl() - Generate presigned URL (default: 1 hour)
  * get() - Retrieve artifact metadata
  * listBySession() / listByUser() - Query artifacts
  * deleteArtifact() / deleteBySession() - Cleanup
  * initializeTable() - DynamoDB table setup
- src/artifacts/manager.test.ts: Unit tests (skeleton)
- src/artifacts/index.ts: Module exports

Features:
- S3 storage with automatic expiration
- Presigned URLs for secure downloads
- DynamoDB metadata with TTL (default: 24 hours)
- GSI for sessionId/userId/type queries
- Session-based cleanup

Co-Authored-By: Claude <noreply@anthropic.com>
2026-01-26 06:57:01 +09:00
Shunsuke Hayashi
0dcc2b4c8d test: update test configurations and test cases
- Update integration tests for agent flow and githubops
- Update unit tests for agent, engine, and MCP
- Update vitest configs for better test isolation

Co-Authored-By: Claude <noreply@anthropic.com>
2026-01-26 06:54:38 +09:00
Shunsuke Hayashi
5ef449d3ee feat(session): add DynamoDB-based session persistence
Implement session state persistence for θ-cycle execution:

- src/session/types.ts: SessionState, SessionMetadata interfaces
- src/session/manager.ts: DynamoDB client with save/restore/query
  * saveState() - Persist session with TTL (default: 1 hour)
  * restoreState() - Recover session by ID
  * getPendingSessions() - Query incomplete sessions
  * updateStatus(), deleteSession() - State management
- src/session/recovery.ts: Fly.io/Lambda restart recovery
  * recoverPendingSessions() - Auto-resume on restart
  * heartbeatSession() - Keep-alive TTL extension
  * completeSession(), failSession() - Lifecycle hooks
- src/session/manager.test.ts: Unit tests (skeleton)

Features:
- DynamoDB TTL auto-cleanup
- GSI for userId/guildId/status queries
- Recovery on container restart
- Multi-filter pending session queries

Co-Authored-By: Claude <noreply@anthropic.com>
2026-01-26 06:53:50 +09:00
Shunsuke Hayashi
71ab3c3bcd test: add integration and unit test directories
Add test infrastructure:
- Integration tests directory
- Unit tests directory
- Existing E2E and provider tests
- Test fixtures, helpers, and mocks

Co-Authored-By: Claude <noreply@anthropic.com>
2026-01-26 06:42:04 +09:00
Shunsuke Hayashi
ed225fd9cf docs: add Discord server and CodeX review documentation
Add documentation for:
- Bot ID analysis and Discord server structure
- Development server channel organization
- Server optimization plan
- CodeX review summary for config reload fix

Security: Bot token redacted from bot-id-analysis.md

Co-Authored-By: Claude <noreply@anthropic.com>
2026-01-26 06:38:05 +09:00
Shunsuke Hayashi
7a39a76663 chore: ignore TypeScript build artifacts in src/
Add patterns for *.js, *.js.map, *.d.ts, and *.d.ts.map files
in src/ directory to exclude TypeScript compilation output from version control.

Co-Authored-By: Claude <noreply@anthropic.com>
2026-01-26 06:35:15 +09:00
Shunsuke Hayashi
817c411afd feat(skill-creator): add conversation activation templates
Add guidance for multi-turn conversation flows in skills:
- New "Activate the Conversation" section with prompts and questioning ladders
- Reference to chat-activation.md templates in references/ directory
- Example for project-intake skill with progressive questions

Co-Authored-By: Claude <noreply@anthropic.com>
2026-01-26 06:34:16 +09:00
Shunsuke Hayashi
4c014b7b6b fix: replace personal paths with placeholders and update test expectations
- Replace /Users/shunsukehayashi/dev/clawdbot with /path/to/clawdbot
- Sanitize local-only path references in docs
- Update debounceMs test expectation from 300ms to 5000ms to match implementation

Co-Authored-By: Claude <noreply@anthropic.com>
2026-01-26 06:33:44 +09:00
Shunsuke Hayashi
76e87167c9 feat(theta): implement θ-cycle for autonomous processing
- Add 6-phase processing cycle: OBSERVE → ANALYZE → DECIDE → EXECUTE → VERIFY → IMPROVE
- Types and interfaces in types.ts
- Each phase has dedicated module
- Entry point in index.ts

Closes #1801
2026-01-25 22:17:32 +09:00
Shunsuke Hayashi
afb659487c chore(ppal-aws): add terraform.tfstate after apply
Terraform apply complete - 25 resources created:
- API Gateway HTTP API (Discord Interactions)
- Lambda Function (ECR image)
- DynamoDB Tables (users, conversations)
- Secrets Manager (4 secrets)
- IAM Role + inline policies
- CloudWatch Log Groups

Endpoints:
- API Gateway: https://yov87xk6nb.execute-api.ap-northeast-1.amazonaws.com
- Discord Interactions: https://yov87xk6nb.execute-api.ap-northeast-1.amazonaws.com/interactions
- Lambda Function URL: https://b6hld4ksms3np2le3anzdnxsc40cnqfg.lambda-url.ap-northeast-1.on.aws/

Co-Authored-By: Claude <noreply@anthropic.com>
2026-01-25 21:58:49 +09:00
Shunsuke Hayashi
e31a0af9cc fix(ppal-aws): add discord-api-types and fix Dockerfile
Add missing discord-api-types dependency and fix Docker build:
- Add discord-api-types to dependencies
- Fix Dockerfile (npm ci without --omit=dev for build stage)

Co-Authored-By: Claude <noreply@anthropic.com>
2026-01-25 21:53:00 +09:00
Shunsuke Hayashi
ca0e991272 feat(ppal-aws): add Lambda handler for Discord Bot
Add Node.js 22 Lambda function for PPAL Discord Bot:
- Discord Interactions API with Ed25519 signature verification
- Slash commands: /ppal status/help, /miyabi issue/status, /help
- DynamoDB integration for user state management
- Secrets Manager integration for token retrieval
- GitHub API integration for issue creation

Files:
- package.json: Dependencies (aws-sdk v3, discord-api-types, tweetnacl)
- tsconfig.json: TypeScript strict mode, ES2022 target
- Dockerfile: Multi-stage Node.js 22 Alpine build
- src/index.ts: Lambda handler with signature verification
- src/discord/verify.ts: Ed25519 signature validation
- src/discord/commands.ts: Command handlers for /ppal, /miyabi, /help
- src/services/secrets.ts: AWS Secrets Manager client
- src/services/dynamodb.ts: DynamoDB DocumentClient operations

Commands:
- /ppal status: System status with user info
- /ppal help: PPAL commands help
- /miyabi issue <title>: Create GitHub issue
- /miyabi status: Miyabi agent society status
- /help: Full command list

Co-Authored-By: Claude <noreply@anthropic.com>
2026-01-25 19:09:12 +09:00
Shunsuke Hayashi
abed5cb5cb feat(ppal-aws): add Terraform configuration for Discord Bot
Add AWS infrastructure as code for PPAL Discord Bot:
- API Gateway (HTTP API) for Discord Interactions endpoint
- Lambda function (Node.js 20.x container image)
- DynamoDB tables (users, conversations) with PAY_PER_REQUEST
- Secrets Manager for tokens (Discord, GitHub, OpenAI)
- IAM role with inline policies for Lambda execution

Files:
- versions.tf: Terraform 1.0+ with AWS provider 5.x
- variables.tf: environment, project_name, lambda config
- api_gateway.tf: HTTP API with CloudWatch logging
- lambda.tf: ECR-based Lambda with function URL
- dynamodb.tf: GSI-enabled tables with PITR & encryption
- secrets.tf: 4 secrets with placeholder values
- iam.tf: Inline policies for DynamoDB, Secrets, Logs, ECR
- outputs.tf: Endpoint URLs, ARNs (sensitive)

Co-Authored-By: Claude <noreply@anthropic.com>
2026-01-25 19:04:55 +09:00
Peter Steinberger
50bb418fe7 fix: guard discord thread channel 2026-01-25 04:11:55 +00:00
Peter Steinberger
458e731f8b fix: newline chunking across channels 2026-01-25 04:11:36 +00:00
Peter Steinberger
ca78ccf74c docs: add dedicated host faq 2026-01-25 04:11:08 +00:00
Peter Steinberger
580fd7abbd fix: guard discord forum thread access 2026-01-25 04:11:04 +00:00
Peter Steinberger
4a82c258c7 docs: add windows restart faq 2026-01-25 04:09:51 +00:00
Peter Steinberger
58c7c61e62 fix: add duplex for fetch uploads 2026-01-25 04:05:30 +00:00
Peter Steinberger
629ce4454d docs: add tips + clawd-to-clawd faq 2026-01-25 04:04:18 +00:00
Peter Steinberger
617d8a12d7 chore: update clawtributors
Co-authored-by: vilkasdev <vilkasdev@users.noreply.github.com>
2026-01-25 04:01:10 +00:00
Shadow
cdceff2284
Discord: add forum parent context 2026-01-24 21:57:48 -06:00
Peter Steinberger
cb52ffb842 fix: drop unused cli import 2026-01-25 03:42:32 +00:00
Peter Steinberger
3a35d313d9 fix: signal reactions 2026-01-25 03:24:44 +00:00
Tom McKenzie
116fbb747f
CLI: fix subcommand registration to work without --help/--version flags (#1683)
## Problem

The clawdbot-gateway systemd service was crash-looping on Linux (Fedora 42,
aarch64) with the error:

    error: unknown command '/usr/bin/node-22'

After ~20 seconds of runtime, the gateway would exit with status 1/FAILURE
and systemd would restart it, repeating the cycle indefinitely (80+ restarts
observed).

## Root Cause Analysis

### Investigation Steps

1. Examined systemd service logs via `journalctl --user -u clawdbot-gateway.service`
2. Found the error appeared consistently after the service had been running
   for 20-30 seconds
3. Added debug logging to trace argv at parseAsync() call
4. Discovered that argv was being passed to Commander.js with the node binary
   and script paths still present: `["/usr/bin/node-22", "/path/to/entry.js", "gateway", "--port", "18789"]`
5. Traced the issue to the lazy subcommand registration logic in runCli()

### The Bug

The lazy-loading logic for subcommands was gated behind `hasHelpOrVersion(parseArgv)`:

```typescript
if (hasHelpOrVersion(parseArgv)) {
  const primary = getPrimaryCommand(parseArgv);
  if (primary) {
    const { registerSubCliByName } = await import("./program/register.subclis.js");
    await registerSubCliByName(program, primary);
  }
}
```

This meant that when running `clawdbot gateway --port 18789` (without --help
or --version), the `gateway` subcommand was never registered before
`program.parseAsync(parseArgv)` was called. Commander.js would then try to
parse the arguments without knowing about the gateway command, leading to
parse errors.

The error message "unknown command '/usr/bin/node-22'" appeared because
Commander was treating the first positional argument as a command name due to
argv not being properly stripped on non-Windows platforms in some code paths.

## The Fix

Remove the `hasHelpOrVersion()` gate and always register the primary
subcommand when one is detected:

```typescript
// Register the primary subcommand if one exists (for lazy-loading)
const primary = getPrimaryCommand(parseArgv);
if (primary) {
  const { registerSubCliByName } = await import("./program/register.subclis.js");
  await registerSubCliByName(program, primary);
}
```

This ensures that subcommands like `gateway` are properly registered before
parsing begins, regardless of what flags are present.

## Environment

- OS: Fedora 42 (Linux 6.15.9-201.fc42.aarch64)
- Arch: aarch64
- Node: /usr/bin/node-22 (symlink to node-22)
- Deployment: systemd user service
- Runtime: Gateway started via `clawdbot gateway --port 18789`

## Why This Should Be Merged

1. **Critical Bug**: The gateway service cannot run reliably on Linux without
   this fix, making it a blocking issue for production deployments via systemd.

2. **Affects All Non-Help Invocations**: Any direct subcommand invocation
   (gateway, channels, etc.) without --help/--version is broken.

3. **Simple & Safe Fix**: The change removes an unnecessary condition that was
   preventing lazy-loading from working correctly. Subcommands should always be
   registered when detected, not just for help/version requests.

4. **No Regression Risk**: The fix maintains the lazy-loading behavior (only
   loads the requested subcommand), just ensures it works in all cases instead
   of only help/version scenarios.

5. **Tested**: Verified that the gateway service now runs stably for extended
   periods (45+ seconds continuous runtime with no crashes) after applying this
   fix.

Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-01-25 03:17:02 +00:00
Peter Steinberger
b1a555da13 fix: skip tailscale dns probe when off 2026-01-25 02:51:20 +00:00
Peter Steinberger
c92aaca8b0 docs: answer local data storage faq 2026-01-25 02:48:28 +00:00
Peter Steinberger
c3e777e3e1 fix: keep raw config edits scoped to config view (#1673) (thanks @Glucksberg) 2026-01-25 02:48:07 +00:00
Peter Steinberger
2e3b14187b fix: stabilize venice model discovery 2026-01-25 02:43:08 +00:00
Peter Steinberger
f8a22521bd docs: clarify WSL2 recommendation 2026-01-25 02:30:09 +00:00
Peter Steinberger
8477394414 docs: explain unstuck commands 2026-01-25 02:04:32 +00:00
Peter Steinberger
e6e71457e0 fix: honor trusted proxy client IPs (PR #1654)
Thanks @ndbroadbent.

Co-authored-by: Nathan Broadbent <git@ndbroadbent.com>
2026-01-25 01:52:19 +00:00
Peter Steinberger
2684a364c6 docs: add basic debug commands to unstuck faq 2026-01-25 01:51:38 +00:00
Peter Steinberger
b9dc117309 docs: refine venice highlight 2026-01-25 01:49:53 +00:00
Peter Steinberger
9205ee55de docs: add fastest-unstuck guidance 2026-01-25 01:22:22 +00:00
Peter Steinberger
6e23e81678 docs: clarify lobster DSL rationale 2026-01-25 01:13:55 +00:00
Peter Steinberger
0163f53f5d fix: regenerate protocol models 2026-01-25 01:12:49 +00:00
jonisjongithub
25f2d2adb3 docs: remove rate limits claim from Venice docs 2026-01-25 01:11:57 +00:00
jonisjongithub
7540d1e8c1 feat: add Venice AI provider integration
Venice AI is a privacy-focused AI inference provider with support for
uncensored models and access to major proprietary models via their
anonymized proxy.

This integration adds:

- Complete model catalog with 25 models:
  - 15 private models (Llama, Qwen, DeepSeek, Venice Uncensored, etc.)
  - 10 anonymized models (Claude, GPT-5.2, Gemini, Grok, Kimi, MiniMax)
- Auto-discovery from Venice API with fallback to static catalog
- VENICE_API_KEY environment variable support
- Interactive onboarding via 'venice-api-key' auth choice
- Model selection prompt showing all available Venice models
- Provider auto-registration when API key is detected
- Comprehensive documentation covering:
  - Privacy modes (private vs anonymized)
  - All 25 models with context windows and features
  - Streaming, function calling, and vision support
  - Model selection recommendations

Privacy modes:
- Private: Fully private, no logging (open-source models)
- Anonymized: Proxied through Venice (proprietary models)

Default model: venice/llama-3.3-70b (good balance of capability + privacy)
Venice API: https://api.venice.ai/api/v1 (OpenAI-compatible)
2026-01-25 01:11:57 +00:00
Peter Steinberger
fc0e303e05 feat: add edge tts fallback provider 2026-01-25 01:05:43 +00:00
Peter Steinberger
6a7a1d7085 fix: add chat stop button
Co-authored-by: Nathan Broadbent <ndbroadbent@users.noreply.github.com>
2026-01-25 01:00:23 +00:00
Tyler Yust
92e794dc18
feat: add chunking mode option for BlueBubbles (#1645)
* feat: add chunking mode for outbound messages

- Introduced `chunkMode` option in various account configurations to allow splitting messages by "length" or "newline".
- Updated message processing to handle chunking based on the selected mode.
- Added tests for new chunking functionality, ensuring correct behavior for both modes.

* feat: enhance chunking mode documentation and configuration

- Added `chunkMode` option to the BlueBubbles account configuration, allowing users to choose between "length" and "newline" for message chunking.
- Updated documentation to clarify the behavior of the `chunkMode` setting.
- Adjusted account merging logic to incorporate the new `chunkMode` configuration.

* refactor: simplify chunk mode handling for BlueBubbles

- Removed `chunkMode` configuration from various account schemas and types, centralizing chunk mode logic to BlueBubbles only.
- Updated `processMessage` to default to "newline" for BlueBubbles chunking.
- Adjusted tests to reflect changes in chunk mode handling for BlueBubbles, ensuring proper functionality.

* fix: update default chunk mode to 'length' for BlueBubbles

- Changed the default value of `chunkMode` from 'newline' to 'length' in the BlueBubbles configuration and related processing functions.
- Updated documentation to reflect the new default behavior for chunking messages.
- Adjusted tests to ensure the correct default value is returned for BlueBubbles chunk mode.
2026-01-25 00:47:10 +00:00
Peter Steinberger
6375ee836f docs: clarify remote transport IP reporting 2026-01-25 00:39:54 +00:00
Peter Steinberger
a6c97b5a48 fix: reload TUI history after reconnect 2026-01-25 00:36:36 +00:00