2026-01-20 00:34:59 -08:00
|
|
|
import crypto from "node:crypto";
|
fix: comprehensive BlueBubbles and channel cleanup (#11093)
* feat(bluebubbles): auto-strip markdown from outbound messages (#7402)
* fix(security): add timeout to webhook body reading (#6762)
Adds 30-second timeout to readBody() in voice-call, bluebubbles, and nostr
webhook handlers. Prevents Slow-Loris DoS (CWE-400, CVSS 7.5).
Merged with existing maxBytes protection in voice-call.
* fix(security): unify Error objects and lint fixes in webhook timeouts (#6762)
* fix: prevent plugins from auto-enabling without user consent (#3961)
Changes default plugin enabled state from true to false in enablePluginEntry().
Preserves existing enabled:true values. Fixes #3932.
* fix: apply hierarchical mediaMaxMb config to all channels (#8749)
Generalizes resolveAttachmentMaxBytes() to use account → channel → global
config resolution for all channels, not just BlueBubbles. Fixes #7847.
* fix(bluebubbles): sanitize attachment filenames against header injection (#10333)
Strip ", \r, \n, and \\ from filenames after path.basename() to prevent
multipart Content-Disposition header injection (CWE-93, CVSS 5.4).
Also adds sanitization to setGroupIconBlueBubbles which had zero filename
sanitization.
* fix(lint): exclude extensions/ from Oxlint preflight check (#9313)
Extensions use PluginRuntime|null patterns that trigger
no-redundant-type-constituents because PluginRuntime resolves to any.
Excluding extensions/ from Oxlint unblocks user upgrades.
Re-applies the approach from closed PR #10087.
* fix(bluebubbles): add tempGuid to createNewChatWithMessage payload (#7745)
Non-Private-API mode (AppleScript) requires tempGuid in send payloads.
The main sendMessageBlueBubbles already had it, but createNewChatWithMessage
was missing it, causing 400 errors for new chat creation without Private API.
* fix: send stop-typing signal when run ends with NO_REPLY (#8785)
Adds onCleanup callback to the typing controller that fires when the
controller is cleaned up while typing was active (e.g., after NO_REPLY).
Channels using createTypingCallbacks automatically get stop-typing on
cleanup. This prevents the typing indicator from lingering in group chats
when the agent decides not to reply.
* fix(telegram): deduplicate skill commands in multi-agent setup (#5717)
Two fixes:
1. Skip duplicate workspace dirs when listing skill commands across agents.
Multiple agents sharing the same workspace would produce duplicate commands
with _2, _3 suffixes.
2. Clear stale commands via deleteMyCommands before registering new ones.
Commands from deleted skills now get cleaned up on restart.
* fix: add size limits to unbounded in-memory caches (#4948)
Adds max-size caps with oldest-entry eviction to prevent OOM in
long-running deployments:
- BlueBubbles serverInfoCache: 64 entries (already has TTL)
- Google Chat authCache: 32 entries
- Matrix directRoomCache: 1024 entries
- Discord presenceCache: 5000 entries per account
* fix: address review concerns (#11093)
- Chain deleteMyCommands → setMyCommands to prevent race condition (#5717)
- Rename enablePluginEntry to registerPluginEntry (now sets enabled: false)
- Add Slow-Loris timeout test for readJsonBody (#6023)
2026-02-07 05:00:55 -08:00
|
|
|
import path from "node:path";
|
2026-03-04 02:32:54 -05:00
|
|
|
import type { OpenClawConfig } from "openclaw/plugin-sdk/bluebubbles";
|
2026-02-16 14:51:55 +00:00
|
|
|
import { resolveBlueBubblesServerAccount } from "./account-resolve.js";
|
2026-02-15 19:24:03 +00:00
|
|
|
import { postMultipartFormData } from "./multipart.js";
|
2026-02-13 21:15:56 -08:00
|
|
|
import { getCachedBlueBubblesPrivateApiStatus } from "./probe.js";
|
2026-01-18 03:17:30 +00:00
|
|
|
import { blueBubblesFetchWithTimeout, buildBlueBubblesApiUrl } from "./types.js";
|
|
|
|
|
|
|
|
|
|
export type BlueBubblesChatOpts = {
|
|
|
|
|
serverUrl?: string;
|
|
|
|
|
password?: string;
|
|
|
|
|
accountId?: string;
|
|
|
|
|
timeoutMs?: number;
|
2026-01-30 03:15:10 +01:00
|
|
|
cfg?: OpenClawConfig;
|
2026-01-18 03:17:30 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
function resolveAccount(params: BlueBubblesChatOpts) {
|
2026-02-16 14:51:55 +00:00
|
|
|
return resolveBlueBubblesServerAccount(params);
|
2026-02-13 21:15:56 -08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function assertPrivateApiEnabled(accountId: string, feature: string): void {
|
|
|
|
|
if (getCachedBlueBubblesPrivateApiStatus(accountId) === false) {
|
|
|
|
|
throw new Error(
|
|
|
|
|
`BlueBubbles ${feature} requires Private API, but it is disabled on the BlueBubbles server.`,
|
|
|
|
|
);
|
|
|
|
|
}
|
2026-01-18 03:17:30 +00:00
|
|
|
}
|
|
|
|
|
|
2026-02-22 11:27:54 +00:00
|
|
|
function resolvePartIndex(partIndex: number | undefined): number {
|
|
|
|
|
return typeof partIndex === "number" ? partIndex : 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
async function sendPrivateApiJsonRequest(params: {
|
|
|
|
|
opts: BlueBubblesChatOpts;
|
|
|
|
|
feature: string;
|
|
|
|
|
action: string;
|
|
|
|
|
path: string;
|
|
|
|
|
method: "POST" | "PUT" | "DELETE";
|
|
|
|
|
payload?: unknown;
|
|
|
|
|
}): Promise<void> {
|
|
|
|
|
const { baseUrl, password, accountId } = resolveAccount(params.opts);
|
|
|
|
|
assertPrivateApiEnabled(accountId, params.feature);
|
|
|
|
|
const url = buildBlueBubblesApiUrl({
|
|
|
|
|
baseUrl,
|
|
|
|
|
path: params.path,
|
|
|
|
|
password,
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
const request: RequestInit = { method: params.method };
|
|
|
|
|
if (params.payload !== undefined) {
|
|
|
|
|
request.headers = { "Content-Type": "application/json" };
|
|
|
|
|
request.body = JSON.stringify(params.payload);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const res = await blueBubblesFetchWithTimeout(url, request, params.opts.timeoutMs);
|
|
|
|
|
if (!res.ok) {
|
|
|
|
|
const errorText = await res.text().catch(() => "");
|
|
|
|
|
throw new Error(
|
|
|
|
|
`BlueBubbles ${params.action} failed (${res.status}): ${errorText || "unknown"}`,
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2026-01-18 03:17:30 +00:00
|
|
|
export async function markBlueBubblesChatRead(
|
|
|
|
|
chatGuid: string,
|
|
|
|
|
opts: BlueBubblesChatOpts = {},
|
|
|
|
|
): Promise<void> {
|
|
|
|
|
const trimmed = chatGuid.trim();
|
2026-01-31 22:13:48 +09:00
|
|
|
if (!trimmed) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
2026-02-13 21:15:56 -08:00
|
|
|
const { baseUrl, password, accountId } = resolveAccount(opts);
|
|
|
|
|
if (getCachedBlueBubblesPrivateApiStatus(accountId) === false) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
2026-01-18 03:17:30 +00:00
|
|
|
const url = buildBlueBubblesApiUrl({
|
|
|
|
|
baseUrl,
|
|
|
|
|
path: `/api/v1/chat/${encodeURIComponent(trimmed)}/read`,
|
|
|
|
|
password,
|
|
|
|
|
});
|
|
|
|
|
const res = await blueBubblesFetchWithTimeout(url, { method: "POST" }, opts.timeoutMs);
|
|
|
|
|
if (!res.ok) {
|
|
|
|
|
const errorText = await res.text().catch(() => "");
|
|
|
|
|
throw new Error(`BlueBubbles read failed (${res.status}): ${errorText || "unknown"}`);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
export async function sendBlueBubblesTyping(
|
|
|
|
|
chatGuid: string,
|
|
|
|
|
typing: boolean,
|
|
|
|
|
opts: BlueBubblesChatOpts = {},
|
|
|
|
|
): Promise<void> {
|
|
|
|
|
const trimmed = chatGuid.trim();
|
2026-01-31 22:13:48 +09:00
|
|
|
if (!trimmed) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
2026-02-13 21:15:56 -08:00
|
|
|
const { baseUrl, password, accountId } = resolveAccount(opts);
|
|
|
|
|
if (getCachedBlueBubblesPrivateApiStatus(accountId) === false) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
2026-01-18 03:17:30 +00:00
|
|
|
const url = buildBlueBubblesApiUrl({
|
|
|
|
|
baseUrl,
|
|
|
|
|
path: `/api/v1/chat/${encodeURIComponent(trimmed)}/typing`,
|
|
|
|
|
password,
|
|
|
|
|
});
|
|
|
|
|
const res = await blueBubblesFetchWithTimeout(
|
|
|
|
|
url,
|
|
|
|
|
{ method: typing ? "POST" : "DELETE" },
|
|
|
|
|
opts.timeoutMs,
|
|
|
|
|
);
|
|
|
|
|
if (!res.ok) {
|
|
|
|
|
const errorText = await res.text().catch(() => "");
|
|
|
|
|
throw new Error(`BlueBubbles typing failed (${res.status}): ${errorText || "unknown"}`);
|
|
|
|
|
}
|
|
|
|
|
}
|
2026-01-19 18:23:00 -08:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Edit a message via BlueBubbles API.
|
|
|
|
|
* Requires macOS 13 (Ventura) or higher with Private API enabled.
|
|
|
|
|
*/
|
|
|
|
|
export async function editBlueBubblesMessage(
|
|
|
|
|
messageGuid: string,
|
|
|
|
|
newText: string,
|
|
|
|
|
opts: BlueBubblesChatOpts & { partIndex?: number; backwardsCompatMessage?: string } = {},
|
|
|
|
|
): Promise<void> {
|
|
|
|
|
const trimmedGuid = messageGuid.trim();
|
2026-01-31 22:13:48 +09:00
|
|
|
if (!trimmedGuid) {
|
|
|
|
|
throw new Error("BlueBubbles edit requires messageGuid");
|
|
|
|
|
}
|
2026-01-19 18:23:00 -08:00
|
|
|
const trimmedText = newText.trim();
|
2026-01-31 22:13:48 +09:00
|
|
|
if (!trimmedText) {
|
|
|
|
|
throw new Error("BlueBubbles edit requires newText");
|
|
|
|
|
}
|
2026-01-19 18:23:00 -08:00
|
|
|
|
2026-02-22 11:27:54 +00:00
|
|
|
await sendPrivateApiJsonRequest({
|
|
|
|
|
opts,
|
|
|
|
|
feature: "edit",
|
|
|
|
|
action: "edit",
|
|
|
|
|
method: "POST",
|
2026-01-19 18:23:00 -08:00
|
|
|
path: `/api/v1/message/${encodeURIComponent(trimmedGuid)}/edit`,
|
2026-02-22 11:27:54 +00:00
|
|
|
payload: {
|
|
|
|
|
editedMessage: trimmedText,
|
|
|
|
|
backwardsCompatibilityMessage: opts.backwardsCompatMessage ?? `Edited to: ${trimmedText}`,
|
|
|
|
|
partIndex: resolvePartIndex(opts.partIndex),
|
2026-01-19 18:23:00 -08:00
|
|
|
},
|
2026-02-22 11:27:54 +00:00
|
|
|
});
|
2026-01-19 18:23:00 -08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Unsend (retract) a message via BlueBubbles API.
|
|
|
|
|
* Requires macOS 13 (Ventura) or higher with Private API enabled.
|
|
|
|
|
*/
|
|
|
|
|
export async function unsendBlueBubblesMessage(
|
|
|
|
|
messageGuid: string,
|
|
|
|
|
opts: BlueBubblesChatOpts & { partIndex?: number } = {},
|
|
|
|
|
): Promise<void> {
|
|
|
|
|
const trimmedGuid = messageGuid.trim();
|
2026-01-31 22:13:48 +09:00
|
|
|
if (!trimmedGuid) {
|
|
|
|
|
throw new Error("BlueBubbles unsend requires messageGuid");
|
|
|
|
|
}
|
2026-01-19 18:23:00 -08:00
|
|
|
|
2026-02-22 11:27:54 +00:00
|
|
|
await sendPrivateApiJsonRequest({
|
|
|
|
|
opts,
|
|
|
|
|
feature: "unsend",
|
|
|
|
|
action: "unsend",
|
|
|
|
|
method: "POST",
|
2026-01-19 18:23:00 -08:00
|
|
|
path: `/api/v1/message/${encodeURIComponent(trimmedGuid)}/unsend`,
|
2026-02-22 11:27:54 +00:00
|
|
|
payload: { partIndex: resolvePartIndex(opts.partIndex) },
|
2026-01-19 18:23:00 -08:00
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Rename a group chat via BlueBubbles API.
|
|
|
|
|
*/
|
|
|
|
|
export async function renameBlueBubblesChat(
|
|
|
|
|
chatGuid: string,
|
|
|
|
|
displayName: string,
|
|
|
|
|
opts: BlueBubblesChatOpts = {},
|
|
|
|
|
): Promise<void> {
|
|
|
|
|
const trimmedGuid = chatGuid.trim();
|
2026-01-31 22:13:48 +09:00
|
|
|
if (!trimmedGuid) {
|
|
|
|
|
throw new Error("BlueBubbles rename requires chatGuid");
|
|
|
|
|
}
|
2026-01-19 18:23:00 -08:00
|
|
|
|
2026-02-22 11:27:54 +00:00
|
|
|
await sendPrivateApiJsonRequest({
|
|
|
|
|
opts,
|
|
|
|
|
feature: "renameGroup",
|
|
|
|
|
action: "rename",
|
|
|
|
|
method: "PUT",
|
2026-01-19 18:23:00 -08:00
|
|
|
path: `/api/v1/chat/${encodeURIComponent(trimmedGuid)}`,
|
2026-02-22 11:27:54 +00:00
|
|
|
payload: { displayName },
|
2026-01-19 18:23:00 -08:00
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Add a participant to a group chat via BlueBubbles API.
|
|
|
|
|
*/
|
|
|
|
|
export async function addBlueBubblesParticipant(
|
|
|
|
|
chatGuid: string,
|
|
|
|
|
address: string,
|
|
|
|
|
opts: BlueBubblesChatOpts = {},
|
|
|
|
|
): Promise<void> {
|
|
|
|
|
const trimmedGuid = chatGuid.trim();
|
2026-01-31 22:13:48 +09:00
|
|
|
if (!trimmedGuid) {
|
|
|
|
|
throw new Error("BlueBubbles addParticipant requires chatGuid");
|
|
|
|
|
}
|
2026-01-19 18:23:00 -08:00
|
|
|
const trimmedAddress = address.trim();
|
2026-01-31 22:13:48 +09:00
|
|
|
if (!trimmedAddress) {
|
|
|
|
|
throw new Error("BlueBubbles addParticipant requires address");
|
|
|
|
|
}
|
2026-01-19 18:23:00 -08:00
|
|
|
|
2026-02-22 11:27:54 +00:00
|
|
|
await sendPrivateApiJsonRequest({
|
|
|
|
|
opts,
|
|
|
|
|
feature: "addParticipant",
|
|
|
|
|
action: "addParticipant",
|
|
|
|
|
method: "POST",
|
2026-01-19 18:23:00 -08:00
|
|
|
path: `/api/v1/chat/${encodeURIComponent(trimmedGuid)}/participant`,
|
2026-02-22 11:27:54 +00:00
|
|
|
payload: { address: trimmedAddress },
|
2026-01-19 18:23:00 -08:00
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Remove a participant from a group chat via BlueBubbles API.
|
|
|
|
|
*/
|
|
|
|
|
export async function removeBlueBubblesParticipant(
|
|
|
|
|
chatGuid: string,
|
|
|
|
|
address: string,
|
|
|
|
|
opts: BlueBubblesChatOpts = {},
|
|
|
|
|
): Promise<void> {
|
|
|
|
|
const trimmedGuid = chatGuid.trim();
|
2026-01-31 22:13:48 +09:00
|
|
|
if (!trimmedGuid) {
|
|
|
|
|
throw new Error("BlueBubbles removeParticipant requires chatGuid");
|
|
|
|
|
}
|
2026-01-19 18:23:00 -08:00
|
|
|
const trimmedAddress = address.trim();
|
2026-01-31 22:13:48 +09:00
|
|
|
if (!trimmedAddress) {
|
|
|
|
|
throw new Error("BlueBubbles removeParticipant requires address");
|
|
|
|
|
}
|
2026-01-19 18:23:00 -08:00
|
|
|
|
2026-02-22 11:27:54 +00:00
|
|
|
await sendPrivateApiJsonRequest({
|
|
|
|
|
opts,
|
|
|
|
|
feature: "removeParticipant",
|
|
|
|
|
action: "removeParticipant",
|
|
|
|
|
method: "DELETE",
|
2026-01-19 18:23:00 -08:00
|
|
|
path: `/api/v1/chat/${encodeURIComponent(trimmedGuid)}/participant`,
|
2026-02-22 11:27:54 +00:00
|
|
|
payload: { address: trimmedAddress },
|
2026-01-19 18:23:00 -08:00
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Leave a group chat via BlueBubbles API.
|
|
|
|
|
*/
|
|
|
|
|
export async function leaveBlueBubblesChat(
|
|
|
|
|
chatGuid: string,
|
|
|
|
|
opts: BlueBubblesChatOpts = {},
|
|
|
|
|
): Promise<void> {
|
|
|
|
|
const trimmedGuid = chatGuid.trim();
|
2026-01-31 22:13:48 +09:00
|
|
|
if (!trimmedGuid) {
|
|
|
|
|
throw new Error("BlueBubbles leaveChat requires chatGuid");
|
|
|
|
|
}
|
2026-01-19 18:23:00 -08:00
|
|
|
|
2026-02-22 11:27:54 +00:00
|
|
|
await sendPrivateApiJsonRequest({
|
|
|
|
|
opts,
|
|
|
|
|
feature: "leaveGroup",
|
|
|
|
|
action: "leaveChat",
|
|
|
|
|
method: "POST",
|
2026-01-19 18:23:00 -08:00
|
|
|
path: `/api/v1/chat/${encodeURIComponent(trimmedGuid)}/leave`,
|
|
|
|
|
});
|
|
|
|
|
}
|
2026-01-20 00:34:59 -08:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Set a group chat's icon/photo via BlueBubbles API.
|
|
|
|
|
* Requires Private API to be enabled.
|
|
|
|
|
*/
|
|
|
|
|
export async function setGroupIconBlueBubbles(
|
|
|
|
|
chatGuid: string,
|
|
|
|
|
buffer: Uint8Array,
|
|
|
|
|
filename: string,
|
|
|
|
|
opts: BlueBubblesChatOpts & { contentType?: string } = {},
|
|
|
|
|
): Promise<void> {
|
|
|
|
|
const trimmedGuid = chatGuid.trim();
|
2026-01-31 22:13:48 +09:00
|
|
|
if (!trimmedGuid) {
|
|
|
|
|
throw new Error("BlueBubbles setGroupIcon requires chatGuid");
|
|
|
|
|
}
|
2026-01-20 00:34:59 -08:00
|
|
|
if (!buffer || buffer.length === 0) {
|
|
|
|
|
throw new Error("BlueBubbles setGroupIcon requires image buffer");
|
|
|
|
|
}
|
|
|
|
|
|
2026-02-13 21:15:56 -08:00
|
|
|
const { baseUrl, password, accountId } = resolveAccount(opts);
|
|
|
|
|
assertPrivateApiEnabled(accountId, "setGroupIcon");
|
2026-01-20 00:34:59 -08:00
|
|
|
const url = buildBlueBubblesApiUrl({
|
|
|
|
|
baseUrl,
|
|
|
|
|
path: `/api/v1/chat/${encodeURIComponent(trimmedGuid)}/icon`,
|
|
|
|
|
password,
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
// Build multipart form-data
|
|
|
|
|
const boundary = `----BlueBubblesFormBoundary${crypto.randomUUID().replace(/-/g, "")}`;
|
|
|
|
|
const parts: Uint8Array[] = [];
|
|
|
|
|
const encoder = new TextEncoder();
|
|
|
|
|
|
fix: comprehensive BlueBubbles and channel cleanup (#11093)
* feat(bluebubbles): auto-strip markdown from outbound messages (#7402)
* fix(security): add timeout to webhook body reading (#6762)
Adds 30-second timeout to readBody() in voice-call, bluebubbles, and nostr
webhook handlers. Prevents Slow-Loris DoS (CWE-400, CVSS 7.5).
Merged with existing maxBytes protection in voice-call.
* fix(security): unify Error objects and lint fixes in webhook timeouts (#6762)
* fix: prevent plugins from auto-enabling without user consent (#3961)
Changes default plugin enabled state from true to false in enablePluginEntry().
Preserves existing enabled:true values. Fixes #3932.
* fix: apply hierarchical mediaMaxMb config to all channels (#8749)
Generalizes resolveAttachmentMaxBytes() to use account → channel → global
config resolution for all channels, not just BlueBubbles. Fixes #7847.
* fix(bluebubbles): sanitize attachment filenames against header injection (#10333)
Strip ", \r, \n, and \\ from filenames after path.basename() to prevent
multipart Content-Disposition header injection (CWE-93, CVSS 5.4).
Also adds sanitization to setGroupIconBlueBubbles which had zero filename
sanitization.
* fix(lint): exclude extensions/ from Oxlint preflight check (#9313)
Extensions use PluginRuntime|null patterns that trigger
no-redundant-type-constituents because PluginRuntime resolves to any.
Excluding extensions/ from Oxlint unblocks user upgrades.
Re-applies the approach from closed PR #10087.
* fix(bluebubbles): add tempGuid to createNewChatWithMessage payload (#7745)
Non-Private-API mode (AppleScript) requires tempGuid in send payloads.
The main sendMessageBlueBubbles already had it, but createNewChatWithMessage
was missing it, causing 400 errors for new chat creation without Private API.
* fix: send stop-typing signal when run ends with NO_REPLY (#8785)
Adds onCleanup callback to the typing controller that fires when the
controller is cleaned up while typing was active (e.g., after NO_REPLY).
Channels using createTypingCallbacks automatically get stop-typing on
cleanup. This prevents the typing indicator from lingering in group chats
when the agent decides not to reply.
* fix(telegram): deduplicate skill commands in multi-agent setup (#5717)
Two fixes:
1. Skip duplicate workspace dirs when listing skill commands across agents.
Multiple agents sharing the same workspace would produce duplicate commands
with _2, _3 suffixes.
2. Clear stale commands via deleteMyCommands before registering new ones.
Commands from deleted skills now get cleaned up on restart.
* fix: add size limits to unbounded in-memory caches (#4948)
Adds max-size caps with oldest-entry eviction to prevent OOM in
long-running deployments:
- BlueBubbles serverInfoCache: 64 entries (already has TTL)
- Google Chat authCache: 32 entries
- Matrix directRoomCache: 1024 entries
- Discord presenceCache: 5000 entries per account
* fix: address review concerns (#11093)
- Chain deleteMyCommands → setMyCommands to prevent race condition (#5717)
- Rename enablePluginEntry to registerPluginEntry (now sets enabled: false)
- Add Slow-Loris timeout test for readJsonBody (#6023)
2026-02-07 05:00:55 -08:00
|
|
|
// Sanitize filename to prevent multipart header injection (CWE-93)
|
|
|
|
|
const safeFilename = path.basename(filename).replace(/[\r\n"\\]/g, "_") || "icon.png";
|
|
|
|
|
|
2026-01-20 00:34:59 -08:00
|
|
|
// Add file field named "icon" as per API spec
|
|
|
|
|
parts.push(encoder.encode(`--${boundary}\r\n`));
|
|
|
|
|
parts.push(
|
fix: comprehensive BlueBubbles and channel cleanup (#11093)
* feat(bluebubbles): auto-strip markdown from outbound messages (#7402)
* fix(security): add timeout to webhook body reading (#6762)
Adds 30-second timeout to readBody() in voice-call, bluebubbles, and nostr
webhook handlers. Prevents Slow-Loris DoS (CWE-400, CVSS 7.5).
Merged with existing maxBytes protection in voice-call.
* fix(security): unify Error objects and lint fixes in webhook timeouts (#6762)
* fix: prevent plugins from auto-enabling without user consent (#3961)
Changes default plugin enabled state from true to false in enablePluginEntry().
Preserves existing enabled:true values. Fixes #3932.
* fix: apply hierarchical mediaMaxMb config to all channels (#8749)
Generalizes resolveAttachmentMaxBytes() to use account → channel → global
config resolution for all channels, not just BlueBubbles. Fixes #7847.
* fix(bluebubbles): sanitize attachment filenames against header injection (#10333)
Strip ", \r, \n, and \\ from filenames after path.basename() to prevent
multipart Content-Disposition header injection (CWE-93, CVSS 5.4).
Also adds sanitization to setGroupIconBlueBubbles which had zero filename
sanitization.
* fix(lint): exclude extensions/ from Oxlint preflight check (#9313)
Extensions use PluginRuntime|null patterns that trigger
no-redundant-type-constituents because PluginRuntime resolves to any.
Excluding extensions/ from Oxlint unblocks user upgrades.
Re-applies the approach from closed PR #10087.
* fix(bluebubbles): add tempGuid to createNewChatWithMessage payload (#7745)
Non-Private-API mode (AppleScript) requires tempGuid in send payloads.
The main sendMessageBlueBubbles already had it, but createNewChatWithMessage
was missing it, causing 400 errors for new chat creation without Private API.
* fix: send stop-typing signal when run ends with NO_REPLY (#8785)
Adds onCleanup callback to the typing controller that fires when the
controller is cleaned up while typing was active (e.g., after NO_REPLY).
Channels using createTypingCallbacks automatically get stop-typing on
cleanup. This prevents the typing indicator from lingering in group chats
when the agent decides not to reply.
* fix(telegram): deduplicate skill commands in multi-agent setup (#5717)
Two fixes:
1. Skip duplicate workspace dirs when listing skill commands across agents.
Multiple agents sharing the same workspace would produce duplicate commands
with _2, _3 suffixes.
2. Clear stale commands via deleteMyCommands before registering new ones.
Commands from deleted skills now get cleaned up on restart.
* fix: add size limits to unbounded in-memory caches (#4948)
Adds max-size caps with oldest-entry eviction to prevent OOM in
long-running deployments:
- BlueBubbles serverInfoCache: 64 entries (already has TTL)
- Google Chat authCache: 32 entries
- Matrix directRoomCache: 1024 entries
- Discord presenceCache: 5000 entries per account
* fix: address review concerns (#11093)
- Chain deleteMyCommands → setMyCommands to prevent race condition (#5717)
- Rename enablePluginEntry to registerPluginEntry (now sets enabled: false)
- Add Slow-Loris timeout test for readJsonBody (#6023)
2026-02-07 05:00:55 -08:00
|
|
|
encoder.encode(`Content-Disposition: form-data; name="icon"; filename="${safeFilename}"\r\n`),
|
2026-01-20 00:34:59 -08:00
|
|
|
);
|
|
|
|
|
parts.push(
|
|
|
|
|
encoder.encode(`Content-Type: ${opts.contentType ?? "application/octet-stream"}\r\n\r\n`),
|
|
|
|
|
);
|
|
|
|
|
parts.push(buffer);
|
|
|
|
|
parts.push(encoder.encode("\r\n"));
|
|
|
|
|
|
|
|
|
|
// Close multipart body
|
|
|
|
|
parts.push(encoder.encode(`--${boundary}--\r\n`));
|
|
|
|
|
|
2026-02-15 19:24:03 +00:00
|
|
|
const res = await postMultipartFormData({
|
2026-01-20 00:34:59 -08:00
|
|
|
url,
|
2026-02-15 19:24:03 +00:00
|
|
|
boundary,
|
|
|
|
|
parts,
|
|
|
|
|
timeoutMs: opts.timeoutMs ?? 60_000, // longer timeout for file uploads
|
|
|
|
|
});
|
2026-01-20 00:34:59 -08:00
|
|
|
|
|
|
|
|
if (!res.ok) {
|
|
|
|
|
const errorText = await res.text().catch(() => "");
|
|
|
|
|
throw new Error(`BlueBubbles setGroupIcon failed (${res.status}): ${errorText || "unknown"}`);
|
|
|
|
|
}
|
|
|
|
|
}
|