2026-02-01 10:03:47 +09:00
|
|
|
import { normalizeProviderId } from "../agents/model-selection.js";
|
|
|
|
|
import {
|
|
|
|
|
getChannelPluginCatalogEntry,
|
|
|
|
|
listChannelPluginCatalogEntries,
|
|
|
|
|
} from "../channels/plugins/catalog.js";
|
2026-01-20 13:52:59 +00:00
|
|
|
import {
|
|
|
|
|
getChatChannelMeta,
|
|
|
|
|
listChatChannels,
|
|
|
|
|
normalizeChatChannelId,
|
|
|
|
|
} from "../channels/registry.js";
|
2026-02-24 11:09:31 +01:00
|
|
|
import {
|
|
|
|
|
loadPluginManifestRegistry,
|
|
|
|
|
type PluginManifestRegistry,
|
|
|
|
|
} from "../plugins/manifest-registry.js";
|
2026-02-09 17:02:55 -08:00
|
|
|
import { isRecord } from "../utils.js";
|
2026-01-20 11:11:42 +00:00
|
|
|
import { hasAnyWhatsAppAuth } from "../web/accounts.js";
|
2026-02-18 01:34:35 +00:00
|
|
|
import type { OpenClawConfig } from "./config.js";
|
2026-02-17 00:44:43 +00:00
|
|
|
import { ensurePluginAllowlisted } from "./plugins-allowlist.js";
|
2026-01-18 16:22:50 +00:00
|
|
|
|
|
|
|
|
type PluginEnableChange = {
|
|
|
|
|
pluginId: string;
|
|
|
|
|
reason: string;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
export type PluginAutoEnableResult = {
|
2026-01-30 03:15:10 +01:00
|
|
|
config: OpenClawConfig;
|
2026-01-18 16:22:50 +00:00
|
|
|
changes: string[];
|
|
|
|
|
};
|
|
|
|
|
|
2026-01-20 11:49:31 +00:00
|
|
|
const CHANNEL_PLUGIN_IDS = Array.from(
|
|
|
|
|
new Set([
|
|
|
|
|
...listChatChannels().map((meta) => meta.id),
|
|
|
|
|
...listChannelPluginCatalogEntries().map((entry) => entry.id),
|
|
|
|
|
]),
|
|
|
|
|
);
|
|
|
|
|
|
2026-01-18 16:22:50 +00:00
|
|
|
const PROVIDER_PLUGIN_IDS: Array<{ pluginId: string; providerId: string }> = [
|
|
|
|
|
{ pluginId: "google-gemini-cli-auth", providerId: "google-gemini-cli" },
|
|
|
|
|
{ pluginId: "qwen-portal-auth", providerId: "qwen-portal" },
|
|
|
|
|
{ pluginId: "copilot-proxy", providerId: "copilot-proxy" },
|
2026-01-31 12:42:45 +01:00
|
|
|
{ pluginId: "minimax-portal-auth", providerId: "minimax-portal" },
|
2026-01-18 16:22:50 +00:00
|
|
|
];
|
|
|
|
|
|
|
|
|
|
function hasNonEmptyString(value: unknown): boolean {
|
|
|
|
|
return typeof value === "string" && value.trim().length > 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function recordHasKeys(value: unknown): boolean {
|
|
|
|
|
return isRecord(value) && Object.keys(value).length > 0;
|
|
|
|
|
}
|
|
|
|
|
|
2026-02-24 15:15:11 +00:00
|
|
|
function accountsHaveKeys(value: unknown, keys: readonly string[]): boolean {
|
2026-01-31 16:19:20 +09:00
|
|
|
if (!isRecord(value)) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
2026-01-18 16:22:50 +00:00
|
|
|
for (const account of Object.values(value)) {
|
2026-01-31 16:19:20 +09:00
|
|
|
if (!isRecord(account)) {
|
|
|
|
|
continue;
|
|
|
|
|
}
|
2026-01-18 16:22:50 +00:00
|
|
|
for (const key of keys) {
|
2026-01-31 16:19:20 +09:00
|
|
|
if (hasNonEmptyString(account[key])) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
2026-01-18 16:22:50 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
2026-01-18 18:43:31 +00:00
|
|
|
function resolveChannelConfig(
|
2026-01-30 03:15:10 +01:00
|
|
|
cfg: OpenClawConfig,
|
2026-01-18 18:43:31 +00:00
|
|
|
channelId: string,
|
|
|
|
|
): Record<string, unknown> | null {
|
2026-01-18 16:22:50 +00:00
|
|
|
const channels = cfg.channels as Record<string, unknown> | undefined;
|
|
|
|
|
const entry = channels?.[channelId];
|
|
|
|
|
return isRecord(entry) ? entry : null;
|
|
|
|
|
}
|
|
|
|
|
|
2026-02-24 15:15:11 +00:00
|
|
|
type StructuredChannelConfigSpec = {
|
|
|
|
|
envAny?: readonly string[];
|
|
|
|
|
envAll?: readonly string[];
|
|
|
|
|
stringKeys?: readonly string[];
|
|
|
|
|
numberKeys?: readonly string[];
|
|
|
|
|
accountStringKeys?: readonly string[];
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
const STRUCTURED_CHANNEL_CONFIG_SPECS: Record<string, StructuredChannelConfigSpec> = {
|
|
|
|
|
telegram: {
|
|
|
|
|
envAny: ["TELEGRAM_BOT_TOKEN"],
|
|
|
|
|
stringKeys: ["botToken", "tokenFile"],
|
|
|
|
|
accountStringKeys: ["botToken", "tokenFile"],
|
|
|
|
|
},
|
|
|
|
|
discord: {
|
|
|
|
|
envAny: ["DISCORD_BOT_TOKEN"],
|
|
|
|
|
stringKeys: ["token"],
|
|
|
|
|
accountStringKeys: ["token"],
|
|
|
|
|
},
|
|
|
|
|
irc: {
|
|
|
|
|
envAll: ["IRC_HOST", "IRC_NICK"],
|
|
|
|
|
stringKeys: ["host", "nick"],
|
|
|
|
|
accountStringKeys: ["host", "nick"],
|
|
|
|
|
},
|
|
|
|
|
slack: {
|
|
|
|
|
envAny: ["SLACK_BOT_TOKEN", "SLACK_APP_TOKEN", "SLACK_USER_TOKEN"],
|
|
|
|
|
stringKeys: ["botToken", "appToken", "userToken"],
|
|
|
|
|
accountStringKeys: ["botToken", "appToken", "userToken"],
|
|
|
|
|
},
|
|
|
|
|
signal: {
|
|
|
|
|
stringKeys: ["account", "httpUrl", "httpHost", "cliPath"],
|
|
|
|
|
numberKeys: ["httpPort"],
|
|
|
|
|
accountStringKeys: ["account", "httpUrl", "httpHost", "cliPath"],
|
|
|
|
|
},
|
|
|
|
|
imessage: {
|
|
|
|
|
stringKeys: ["cliPath"],
|
|
|
|
|
},
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
function envHasAnyKeys(env: NodeJS.ProcessEnv, keys: readonly string[]): boolean {
|
|
|
|
|
for (const key of keys) {
|
|
|
|
|
if (hasNonEmptyString(env[key])) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
2026-01-31 16:19:20 +09:00
|
|
|
}
|
2026-02-24 15:15:11 +00:00
|
|
|
return false;
|
2026-01-18 16:22:50 +00:00
|
|
|
}
|
|
|
|
|
|
2026-02-24 15:15:11 +00:00
|
|
|
function envHasAllKeys(env: NodeJS.ProcessEnv, keys: readonly string[]): boolean {
|
|
|
|
|
for (const key of keys) {
|
|
|
|
|
if (!hasNonEmptyString(env[key])) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
2026-01-31 16:19:20 +09:00
|
|
|
}
|
2026-02-24 15:15:11 +00:00
|
|
|
return keys.length > 0;
|
2026-01-18 16:22:50 +00:00
|
|
|
}
|
|
|
|
|
|
2026-02-24 15:15:11 +00:00
|
|
|
function hasAnyNumberKeys(entry: Record<string, unknown>, keys: readonly string[]): boolean {
|
|
|
|
|
for (const key of keys) {
|
|
|
|
|
if (typeof entry[key] === "number") {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
2026-02-10 15:33:57 -08:00
|
|
|
}
|
2026-02-24 15:15:11 +00:00
|
|
|
return false;
|
2026-02-10 15:33:57 -08:00
|
|
|
}
|
|
|
|
|
|
2026-02-24 15:15:11 +00:00
|
|
|
function isStructuredChannelConfigured(
|
|
|
|
|
cfg: OpenClawConfig,
|
|
|
|
|
channelId: string,
|
|
|
|
|
env: NodeJS.ProcessEnv,
|
|
|
|
|
spec: StructuredChannelConfigSpec,
|
|
|
|
|
): boolean {
|
|
|
|
|
if (spec.envAny && envHasAnyKeys(env, spec.envAny)) {
|
2026-01-18 16:22:50 +00:00
|
|
|
return true;
|
|
|
|
|
}
|
2026-02-24 15:15:11 +00:00
|
|
|
if (spec.envAll && envHasAllKeys(env, spec.envAll)) {
|
2026-01-31 16:19:20 +09:00
|
|
|
return true;
|
|
|
|
|
}
|
2026-02-24 15:15:11 +00:00
|
|
|
const entry = resolveChannelConfig(cfg, channelId);
|
2026-01-31 16:19:20 +09:00
|
|
|
if (!entry) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
2026-02-24 15:15:11 +00:00
|
|
|
if (spec.stringKeys && spec.stringKeys.some((key) => hasNonEmptyString(entry[key]))) {
|
2026-01-18 16:22:50 +00:00
|
|
|
return true;
|
|
|
|
|
}
|
2026-02-24 15:15:11 +00:00
|
|
|
if (spec.numberKeys && hasAnyNumberKeys(entry, spec.numberKeys)) {
|
2026-01-31 16:19:20 +09:00
|
|
|
return true;
|
|
|
|
|
}
|
2026-02-24 15:15:11 +00:00
|
|
|
if (spec.accountStringKeys && accountsHaveKeys(entry.accounts, spec.accountStringKeys)) {
|
2026-01-31 16:19:20 +09:00
|
|
|
return true;
|
|
|
|
|
}
|
2026-01-18 16:22:50 +00:00
|
|
|
return recordHasKeys(entry);
|
|
|
|
|
}
|
|
|
|
|
|
2026-01-30 03:15:10 +01:00
|
|
|
function isWhatsAppConfigured(cfg: OpenClawConfig): boolean {
|
2026-01-31 16:19:20 +09:00
|
|
|
if (hasAnyWhatsAppAuth(cfg)) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
2026-01-18 16:22:50 +00:00
|
|
|
const entry = resolveChannelConfig(cfg, "whatsapp");
|
2026-01-31 16:19:20 +09:00
|
|
|
if (!entry) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
2026-01-18 16:22:50 +00:00
|
|
|
return recordHasKeys(entry);
|
|
|
|
|
}
|
|
|
|
|
|
2026-01-30 03:15:10 +01:00
|
|
|
function isGenericChannelConfigured(cfg: OpenClawConfig, channelId: string): boolean {
|
2026-01-18 16:22:50 +00:00
|
|
|
const entry = resolveChannelConfig(cfg, channelId);
|
|
|
|
|
return recordHasKeys(entry);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
export function isChannelConfigured(
|
2026-01-30 03:15:10 +01:00
|
|
|
cfg: OpenClawConfig,
|
2026-01-18 16:22:50 +00:00
|
|
|
channelId: string,
|
|
|
|
|
env: NodeJS.ProcessEnv = process.env,
|
|
|
|
|
): boolean {
|
2026-02-24 15:15:11 +00:00
|
|
|
if (channelId === "whatsapp") {
|
|
|
|
|
return isWhatsAppConfigured(cfg);
|
|
|
|
|
}
|
|
|
|
|
const spec = STRUCTURED_CHANNEL_CONFIG_SPECS[channelId];
|
|
|
|
|
if (spec) {
|
|
|
|
|
return isStructuredChannelConfigured(cfg, channelId, env, spec);
|
2026-01-18 16:22:50 +00:00
|
|
|
}
|
2026-02-24 15:15:11 +00:00
|
|
|
return isGenericChannelConfigured(cfg, channelId);
|
2026-01-18 16:22:50 +00:00
|
|
|
}
|
|
|
|
|
|
2026-01-30 03:15:10 +01:00
|
|
|
function collectModelRefs(cfg: OpenClawConfig): string[] {
|
2026-01-18 16:22:50 +00:00
|
|
|
const refs: string[] = [];
|
|
|
|
|
const pushModelRef = (value: unknown) => {
|
2026-01-31 16:19:20 +09:00
|
|
|
if (typeof value === "string" && value.trim()) {
|
|
|
|
|
refs.push(value.trim());
|
|
|
|
|
}
|
2026-01-18 16:22:50 +00:00
|
|
|
};
|
|
|
|
|
const collectFromAgent = (agent: Record<string, unknown> | null | undefined) => {
|
2026-01-31 16:19:20 +09:00
|
|
|
if (!agent) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
2026-01-18 16:22:50 +00:00
|
|
|
const model = agent.model;
|
|
|
|
|
if (typeof model === "string") {
|
|
|
|
|
pushModelRef(model);
|
|
|
|
|
} else if (isRecord(model)) {
|
|
|
|
|
pushModelRef(model.primary);
|
|
|
|
|
const fallbacks = model.fallbacks;
|
|
|
|
|
if (Array.isArray(fallbacks)) {
|
2026-01-31 16:19:20 +09:00
|
|
|
for (const entry of fallbacks) {
|
|
|
|
|
pushModelRef(entry);
|
|
|
|
|
}
|
2026-01-18 16:22:50 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
const models = agent.models;
|
|
|
|
|
if (isRecord(models)) {
|
|
|
|
|
for (const key of Object.keys(models)) {
|
|
|
|
|
pushModelRef(key);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
const defaults = cfg.agents?.defaults as Record<string, unknown> | undefined;
|
|
|
|
|
collectFromAgent(defaults);
|
|
|
|
|
|
|
|
|
|
const list = cfg.agents?.list;
|
|
|
|
|
if (Array.isArray(list)) {
|
|
|
|
|
for (const entry of list) {
|
2026-01-31 16:19:20 +09:00
|
|
|
if (isRecord(entry)) {
|
|
|
|
|
collectFromAgent(entry);
|
|
|
|
|
}
|
2026-01-18 16:22:50 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return refs;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function extractProviderFromModelRef(value: string): string | null {
|
|
|
|
|
const trimmed = value.trim();
|
|
|
|
|
const slash = trimmed.indexOf("/");
|
2026-01-31 16:19:20 +09:00
|
|
|
if (slash <= 0) {
|
|
|
|
|
return null;
|
|
|
|
|
}
|
2026-01-18 16:22:50 +00:00
|
|
|
return normalizeProviderId(trimmed.slice(0, slash));
|
|
|
|
|
}
|
|
|
|
|
|
2026-01-30 03:15:10 +01:00
|
|
|
function isProviderConfigured(cfg: OpenClawConfig, providerId: string): boolean {
|
2026-01-18 16:22:50 +00:00
|
|
|
const normalized = normalizeProviderId(providerId);
|
|
|
|
|
|
|
|
|
|
const profiles = cfg.auth?.profiles;
|
|
|
|
|
if (profiles && typeof profiles === "object") {
|
|
|
|
|
for (const profile of Object.values(profiles)) {
|
2026-01-31 16:19:20 +09:00
|
|
|
if (!isRecord(profile)) {
|
|
|
|
|
continue;
|
|
|
|
|
}
|
2026-01-18 16:22:50 +00:00
|
|
|
const provider = normalizeProviderId(String(profile.provider ?? ""));
|
2026-01-31 16:19:20 +09:00
|
|
|
if (provider === normalized) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
2026-01-18 16:22:50 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const providerConfig = cfg.models?.providers;
|
|
|
|
|
if (providerConfig && typeof providerConfig === "object") {
|
|
|
|
|
for (const key of Object.keys(providerConfig)) {
|
2026-01-31 16:19:20 +09:00
|
|
|
if (normalizeProviderId(key) === normalized) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
2026-01-18 16:22:50 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const modelRefs = collectModelRefs(cfg);
|
|
|
|
|
for (const ref of modelRefs) {
|
|
|
|
|
const provider = extractProviderFromModelRef(ref);
|
2026-01-31 16:19:20 +09:00
|
|
|
if (provider && provider === normalized) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
2026-01-18 16:22:50 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
2026-02-24 11:09:31 +01:00
|
|
|
function buildChannelToPluginIdMap(registry: PluginManifestRegistry): Map<string, string> {
|
|
|
|
|
const map = new Map<string, string>();
|
|
|
|
|
for (const record of registry.plugins) {
|
|
|
|
|
for (const channelId of record.channels) {
|
|
|
|
|
if (channelId && !map.has(channelId)) {
|
|
|
|
|
map.set(channelId, record.id);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return map;
|
|
|
|
|
}
|
|
|
|
|
|
2026-02-24 15:15:11 +00:00
|
|
|
function resolvePluginIdForChannel(
|
|
|
|
|
channelId: string,
|
|
|
|
|
channelToPluginId: ReadonlyMap<string, string>,
|
|
|
|
|
): string {
|
|
|
|
|
// Third-party plugins can expose a channel id that differs from their
|
|
|
|
|
// manifest id; plugins.entries must always be keyed by manifest id.
|
|
|
|
|
const builtInId = normalizeChatChannelId(channelId);
|
|
|
|
|
if (builtInId) {
|
|
|
|
|
return builtInId;
|
|
|
|
|
}
|
|
|
|
|
return channelToPluginId.get(channelId) ?? channelId;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function collectCandidateChannelIds(cfg: OpenClawConfig): string[] {
|
|
|
|
|
const channelIds = new Set<string>(CHANNEL_PLUGIN_IDS);
|
|
|
|
|
const configuredChannels = cfg.channels as Record<string, unknown> | undefined;
|
|
|
|
|
if (!configuredChannels || typeof configuredChannels !== "object") {
|
|
|
|
|
return Array.from(channelIds);
|
|
|
|
|
}
|
|
|
|
|
for (const key of Object.keys(configuredChannels)) {
|
|
|
|
|
if (key === "defaults" || key === "modelByChannel") {
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
const normalizedBuiltIn = normalizeChatChannelId(key);
|
|
|
|
|
channelIds.add(normalizedBuiltIn ?? key);
|
|
|
|
|
}
|
|
|
|
|
return Array.from(channelIds);
|
|
|
|
|
}
|
2026-02-24 11:09:31 +01:00
|
|
|
|
2026-01-18 18:43:31 +00:00
|
|
|
function resolveConfiguredPlugins(
|
2026-01-30 03:15:10 +01:00
|
|
|
cfg: OpenClawConfig,
|
2026-01-18 18:43:31 +00:00
|
|
|
env: NodeJS.ProcessEnv,
|
2026-02-24 11:09:31 +01:00
|
|
|
registry: PluginManifestRegistry,
|
2026-01-18 18:43:31 +00:00
|
|
|
): PluginEnableChange[] {
|
2026-01-18 16:22:50 +00:00
|
|
|
const changes: PluginEnableChange[] = [];
|
2026-02-24 11:09:31 +01:00
|
|
|
// Build reverse map: channel ID → plugin ID from installed plugin manifests.
|
|
|
|
|
const channelToPluginId = buildChannelToPluginIdMap(registry);
|
2026-02-24 15:15:11 +00:00
|
|
|
for (const channelId of collectCandidateChannelIds(cfg)) {
|
|
|
|
|
const pluginId = resolvePluginIdForChannel(channelId, channelToPluginId);
|
2026-01-18 16:22:50 +00:00
|
|
|
if (isChannelConfigured(cfg, channelId, env)) {
|
2026-02-24 11:09:31 +01:00
|
|
|
changes.push({ pluginId, reason: `${channelId} configured` });
|
2026-01-18 16:22:50 +00:00
|
|
|
}
|
|
|
|
|
}
|
2026-02-24 11:09:31 +01:00
|
|
|
|
2026-01-18 16:22:50 +00:00
|
|
|
for (const mapping of PROVIDER_PLUGIN_IDS) {
|
|
|
|
|
if (isProviderConfigured(cfg, mapping.providerId)) {
|
|
|
|
|
changes.push({
|
|
|
|
|
pluginId: mapping.pluginId,
|
|
|
|
|
reason: `${mapping.providerId} auth configured`,
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
}
|
2026-02-26 11:00:09 +01:00
|
|
|
const backendRaw =
|
|
|
|
|
typeof cfg.acp?.backend === "string" ? cfg.acp.backend.trim().toLowerCase() : "";
|
|
|
|
|
const acpConfigured =
|
|
|
|
|
cfg.acp?.enabled === true || cfg.acp?.dispatch?.enabled === true || backendRaw === "acpx";
|
|
|
|
|
if (acpConfigured && (!backendRaw || backendRaw === "acpx")) {
|
|
|
|
|
changes.push({
|
|
|
|
|
pluginId: "acpx",
|
|
|
|
|
reason: "ACP runtime configured",
|
|
|
|
|
});
|
|
|
|
|
}
|
2026-01-18 16:22:50 +00:00
|
|
|
return changes;
|
|
|
|
|
}
|
|
|
|
|
|
2026-01-30 03:15:10 +01:00
|
|
|
function isPluginExplicitlyDisabled(cfg: OpenClawConfig, pluginId: string): boolean {
|
2026-02-22 19:18:08 +01:00
|
|
|
const builtInChannelId = normalizeChatChannelId(pluginId);
|
|
|
|
|
if (builtInChannelId) {
|
|
|
|
|
const channels = cfg.channels as Record<string, unknown> | undefined;
|
|
|
|
|
const channelConfig = channels?.[builtInChannelId];
|
|
|
|
|
if (
|
|
|
|
|
channelConfig &&
|
|
|
|
|
typeof channelConfig === "object" &&
|
|
|
|
|
!Array.isArray(channelConfig) &&
|
|
|
|
|
(channelConfig as { enabled?: unknown }).enabled === false
|
|
|
|
|
) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
}
|
2026-01-18 16:22:50 +00:00
|
|
|
const entry = cfg.plugins?.entries?.[pluginId];
|
|
|
|
|
return entry?.enabled === false;
|
|
|
|
|
}
|
|
|
|
|
|
2026-01-30 03:15:10 +01:00
|
|
|
function isPluginDenied(cfg: OpenClawConfig, pluginId: string): boolean {
|
2026-01-18 16:22:50 +00:00
|
|
|
const deny = cfg.plugins?.deny;
|
|
|
|
|
return Array.isArray(deny) && deny.includes(pluginId);
|
|
|
|
|
}
|
|
|
|
|
|
2026-01-20 11:49:31 +00:00
|
|
|
function resolvePreferredOverIds(pluginId: string): string[] {
|
|
|
|
|
const normalized = normalizeChatChannelId(pluginId);
|
|
|
|
|
if (normalized) {
|
|
|
|
|
return getChatChannelMeta(normalized).preferOver ?? [];
|
|
|
|
|
}
|
|
|
|
|
const catalogEntry = getChannelPluginCatalogEntry(pluginId);
|
|
|
|
|
return catalogEntry?.meta.preferOver ?? [];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function shouldSkipPreferredPluginAutoEnable(
|
2026-01-30 03:15:10 +01:00
|
|
|
cfg: OpenClawConfig,
|
2026-01-20 11:49:31 +00:00
|
|
|
entry: PluginEnableChange,
|
2026-01-19 20:16:14 -08:00
|
|
|
configured: PluginEnableChange[],
|
|
|
|
|
): boolean {
|
2026-01-20 11:49:31 +00:00
|
|
|
for (const other of configured) {
|
2026-01-31 16:19:20 +09:00
|
|
|
if (other.pluginId === entry.pluginId) {
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
if (isPluginDenied(cfg, other.pluginId)) {
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
if (isPluginExplicitlyDisabled(cfg, other.pluginId)) {
|
|
|
|
|
continue;
|
|
|
|
|
}
|
2026-01-20 11:49:31 +00:00
|
|
|
const preferOver = resolvePreferredOverIds(other.pluginId);
|
|
|
|
|
if (preferOver.includes(entry.pluginId)) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return false;
|
2026-01-19 20:16:14 -08:00
|
|
|
}
|
|
|
|
|
|
fix: comprehensive BlueBubbles and channel cleanup (#11093)
* feat(bluebubbles): auto-strip markdown from outbound messages (#7402)
* fix(security): add timeout to webhook body reading (#6762)
Adds 30-second timeout to readBody() in voice-call, bluebubbles, and nostr
webhook handlers. Prevents Slow-Loris DoS (CWE-400, CVSS 7.5).
Merged with existing maxBytes protection in voice-call.
* fix(security): unify Error objects and lint fixes in webhook timeouts (#6762)
* fix: prevent plugins from auto-enabling without user consent (#3961)
Changes default plugin enabled state from true to false in enablePluginEntry().
Preserves existing enabled:true values. Fixes #3932.
* fix: apply hierarchical mediaMaxMb config to all channels (#8749)
Generalizes resolveAttachmentMaxBytes() to use account → channel → global
config resolution for all channels, not just BlueBubbles. Fixes #7847.
* fix(bluebubbles): sanitize attachment filenames against header injection (#10333)
Strip ", \r, \n, and \\ from filenames after path.basename() to prevent
multipart Content-Disposition header injection (CWE-93, CVSS 5.4).
Also adds sanitization to setGroupIconBlueBubbles which had zero filename
sanitization.
* fix(lint): exclude extensions/ from Oxlint preflight check (#9313)
Extensions use PluginRuntime|null patterns that trigger
no-redundant-type-constituents because PluginRuntime resolves to any.
Excluding extensions/ from Oxlint unblocks user upgrades.
Re-applies the approach from closed PR #10087.
* fix(bluebubbles): add tempGuid to createNewChatWithMessage payload (#7745)
Non-Private-API mode (AppleScript) requires tempGuid in send payloads.
The main sendMessageBlueBubbles already had it, but createNewChatWithMessage
was missing it, causing 400 errors for new chat creation without Private API.
* fix: send stop-typing signal when run ends with NO_REPLY (#8785)
Adds onCleanup callback to the typing controller that fires when the
controller is cleaned up while typing was active (e.g., after NO_REPLY).
Channels using createTypingCallbacks automatically get stop-typing on
cleanup. This prevents the typing indicator from lingering in group chats
when the agent decides not to reply.
* fix(telegram): deduplicate skill commands in multi-agent setup (#5717)
Two fixes:
1. Skip duplicate workspace dirs when listing skill commands across agents.
Multiple agents sharing the same workspace would produce duplicate commands
with _2, _3 suffixes.
2. Clear stale commands via deleteMyCommands before registering new ones.
Commands from deleted skills now get cleaned up on restart.
* fix: add size limits to unbounded in-memory caches (#4948)
Adds max-size caps with oldest-entry eviction to prevent OOM in
long-running deployments:
- BlueBubbles serverInfoCache: 64 entries (already has TTL)
- Google Chat authCache: 32 entries
- Matrix directRoomCache: 1024 entries
- Discord presenceCache: 5000 entries per account
* fix: address review concerns (#11093)
- Chain deleteMyCommands → setMyCommands to prevent race condition (#5717)
- Rename enablePluginEntry to registerPluginEntry (now sets enabled: false)
- Add Slow-Loris timeout test for readJsonBody (#6023)
2026-02-07 05:00:55 -08:00
|
|
|
function registerPluginEntry(cfg: OpenClawConfig, pluginId: string): OpenClawConfig {
|
2026-02-22 19:18:08 +01:00
|
|
|
const builtInChannelId = normalizeChatChannelId(pluginId);
|
|
|
|
|
if (builtInChannelId) {
|
|
|
|
|
const channels = cfg.channels as Record<string, unknown> | undefined;
|
|
|
|
|
const existing = channels?.[builtInChannelId];
|
|
|
|
|
const existingRecord =
|
|
|
|
|
existing && typeof existing === "object" && !Array.isArray(existing)
|
|
|
|
|
? (existing as Record<string, unknown>)
|
|
|
|
|
: {};
|
|
|
|
|
return {
|
|
|
|
|
...cfg,
|
|
|
|
|
channels: {
|
|
|
|
|
...cfg.channels,
|
|
|
|
|
[builtInChannelId]: {
|
|
|
|
|
...existingRecord,
|
|
|
|
|
enabled: true,
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
};
|
|
|
|
|
}
|
2026-01-18 16:22:50 +00:00
|
|
|
const entries = {
|
|
|
|
|
...cfg.plugins?.entries,
|
|
|
|
|
[pluginId]: {
|
|
|
|
|
...(cfg.plugins?.entries?.[pluginId] as Record<string, unknown> | undefined),
|
2026-02-14 01:56:00 +00:00
|
|
|
enabled: true,
|
2026-01-18 16:22:50 +00:00
|
|
|
},
|
|
|
|
|
};
|
|
|
|
|
return {
|
|
|
|
|
...cfg,
|
|
|
|
|
plugins: {
|
|
|
|
|
...cfg.plugins,
|
|
|
|
|
entries,
|
|
|
|
|
},
|
|
|
|
|
};
|
|
|
|
|
}
|
|
|
|
|
|
2026-01-20 15:58:26 +00:00
|
|
|
function formatAutoEnableChange(entry: PluginEnableChange): string {
|
|
|
|
|
let reason = entry.reason.trim();
|
|
|
|
|
const channelId = normalizeChatChannelId(entry.pluginId);
|
|
|
|
|
if (channelId) {
|
|
|
|
|
const label = getChatChannelMeta(channelId).label;
|
|
|
|
|
reason = reason.replace(new RegExp(`^${channelId}\\b`, "i"), label);
|
|
|
|
|
}
|
2026-02-14 01:56:00 +00:00
|
|
|
return `${reason}, enabled automatically.`;
|
2026-01-20 15:58:26 +00:00
|
|
|
}
|
|
|
|
|
|
2026-01-18 16:22:50 +00:00
|
|
|
export function applyPluginAutoEnable(params: {
|
2026-01-30 03:15:10 +01:00
|
|
|
config: OpenClawConfig;
|
2026-01-18 16:22:50 +00:00
|
|
|
env?: NodeJS.ProcessEnv;
|
2026-02-24 11:09:31 +01:00
|
|
|
/** Pre-loaded manifest registry. When omitted, the registry is loaded from
|
|
|
|
|
* the installed plugins on disk. Pass an explicit registry in tests to
|
|
|
|
|
* avoid filesystem access and control what plugins are "installed". */
|
|
|
|
|
manifestRegistry?: PluginManifestRegistry;
|
2026-01-18 16:22:50 +00:00
|
|
|
}): PluginAutoEnableResult {
|
|
|
|
|
const env = params.env ?? process.env;
|
2026-02-24 14:35:25 +00:00
|
|
|
const registry = params.manifestRegistry ?? loadPluginManifestRegistry({ config: params.config });
|
2026-02-24 11:09:31 +01:00
|
|
|
const configured = resolveConfiguredPlugins(params.config, env, registry);
|
2026-01-18 16:22:50 +00:00
|
|
|
if (configured.length === 0) {
|
|
|
|
|
return { config: params.config, changes: [] };
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
let next = params.config;
|
|
|
|
|
const changes: string[] = [];
|
|
|
|
|
|
|
|
|
|
if (next.plugins?.enabled === false) {
|
|
|
|
|
return { config: next, changes };
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for (const entry of configured) {
|
2026-02-22 19:18:08 +01:00
|
|
|
const builtInChannelId = normalizeChatChannelId(entry.pluginId);
|
2026-01-31 16:19:20 +09:00
|
|
|
if (isPluginDenied(next, entry.pluginId)) {
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
if (isPluginExplicitlyDisabled(next, entry.pluginId)) {
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
if (shouldSkipPreferredPluginAutoEnable(next, entry, configured)) {
|
|
|
|
|
continue;
|
|
|
|
|
}
|
2026-01-18 16:22:50 +00:00
|
|
|
const allow = next.plugins?.allow;
|
2026-02-22 19:30:29 +01:00
|
|
|
const allowMissing = Array.isArray(allow) && !allow.includes(entry.pluginId);
|
2026-02-22 19:18:08 +01:00
|
|
|
const alreadyEnabled =
|
|
|
|
|
builtInChannelId != null
|
|
|
|
|
? (() => {
|
|
|
|
|
const channels = next.channels as Record<string, unknown> | undefined;
|
|
|
|
|
const channelConfig = channels?.[builtInChannelId];
|
|
|
|
|
if (
|
|
|
|
|
!channelConfig ||
|
|
|
|
|
typeof channelConfig !== "object" ||
|
|
|
|
|
Array.isArray(channelConfig)
|
|
|
|
|
) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
return (channelConfig as { enabled?: unknown }).enabled === true;
|
|
|
|
|
})()
|
|
|
|
|
: next.plugins?.entries?.[entry.pluginId]?.enabled === true;
|
2026-01-31 16:19:20 +09:00
|
|
|
if (alreadyEnabled && !allowMissing) {
|
|
|
|
|
continue;
|
|
|
|
|
}
|
fix: comprehensive BlueBubbles and channel cleanup (#11093)
* feat(bluebubbles): auto-strip markdown from outbound messages (#7402)
* fix(security): add timeout to webhook body reading (#6762)
Adds 30-second timeout to readBody() in voice-call, bluebubbles, and nostr
webhook handlers. Prevents Slow-Loris DoS (CWE-400, CVSS 7.5).
Merged with existing maxBytes protection in voice-call.
* fix(security): unify Error objects and lint fixes in webhook timeouts (#6762)
* fix: prevent plugins from auto-enabling without user consent (#3961)
Changes default plugin enabled state from true to false in enablePluginEntry().
Preserves existing enabled:true values. Fixes #3932.
* fix: apply hierarchical mediaMaxMb config to all channels (#8749)
Generalizes resolveAttachmentMaxBytes() to use account → channel → global
config resolution for all channels, not just BlueBubbles. Fixes #7847.
* fix(bluebubbles): sanitize attachment filenames against header injection (#10333)
Strip ", \r, \n, and \\ from filenames after path.basename() to prevent
multipart Content-Disposition header injection (CWE-93, CVSS 5.4).
Also adds sanitization to setGroupIconBlueBubbles which had zero filename
sanitization.
* fix(lint): exclude extensions/ from Oxlint preflight check (#9313)
Extensions use PluginRuntime|null patterns that trigger
no-redundant-type-constituents because PluginRuntime resolves to any.
Excluding extensions/ from Oxlint unblocks user upgrades.
Re-applies the approach from closed PR #10087.
* fix(bluebubbles): add tempGuid to createNewChatWithMessage payload (#7745)
Non-Private-API mode (AppleScript) requires tempGuid in send payloads.
The main sendMessageBlueBubbles already had it, but createNewChatWithMessage
was missing it, causing 400 errors for new chat creation without Private API.
* fix: send stop-typing signal when run ends with NO_REPLY (#8785)
Adds onCleanup callback to the typing controller that fires when the
controller is cleaned up while typing was active (e.g., after NO_REPLY).
Channels using createTypingCallbacks automatically get stop-typing on
cleanup. This prevents the typing indicator from lingering in group chats
when the agent decides not to reply.
* fix(telegram): deduplicate skill commands in multi-agent setup (#5717)
Two fixes:
1. Skip duplicate workspace dirs when listing skill commands across agents.
Multiple agents sharing the same workspace would produce duplicate commands
with _2, _3 suffixes.
2. Clear stale commands via deleteMyCommands before registering new ones.
Commands from deleted skills now get cleaned up on restart.
* fix: add size limits to unbounded in-memory caches (#4948)
Adds max-size caps with oldest-entry eviction to prevent OOM in
long-running deployments:
- BlueBubbles serverInfoCache: 64 entries (already has TTL)
- Google Chat authCache: 32 entries
- Matrix directRoomCache: 1024 entries
- Discord presenceCache: 5000 entries per account
* fix: address review concerns (#11093)
- Chain deleteMyCommands → setMyCommands to prevent race condition (#5717)
- Rename enablePluginEntry to registerPluginEntry (now sets enabled: false)
- Add Slow-Loris timeout test for readJsonBody (#6023)
2026-02-07 05:00:55 -08:00
|
|
|
next = registerPluginEntry(next, entry.pluginId);
|
2026-02-22 19:30:29 +01:00
|
|
|
if (allowMissing || !builtInChannelId) {
|
2026-02-22 19:18:08 +01:00
|
|
|
next = ensurePluginAllowlisted(next, entry.pluginId);
|
|
|
|
|
}
|
2026-01-20 15:58:26 +00:00
|
|
|
changes.push(formatAutoEnableChange(entry));
|
2026-01-18 16:22:50 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return { config: next, changes };
|
|
|
|
|
}
|