From 61ae553cb2d8683fcfba87102a4e347f6a464706 Mon Sep 17 00:00:00 2001
From: OwenYWT <ywt000818@gmail.com>
Date: Wed, 15 Apr 2026 10:02:04 +0800
Subject: [PATCH] fix(whatsapp): avoid duplicate creds save warnings

---
 extensions/whatsapp/src/session.test.ts |  3 ++-
 extensions/whatsapp/src/session.ts      | 14 +-------------
 2 files changed, 3 insertions(+), 14 deletions(-)

diff --git a/extensions/whatsapp/src/session.test.ts b/extensions/whatsapp/src/session.test.ts
index 9171765c4dd..cdf9ff66c19 100644
--- a/extensions/whatsapp/src/session.test.ts
+++ b/extensions/whatsapp/src/session.test.ts
@@ -382,16 +382,17 @@ describe("web session", () => {
     const writeFileSpy = vi.spyOn(fsSync.promises, "writeFile").mockResolvedValue(undefined);
     const renameSpy = vi.spyOn(fsSync.promises, "rename").mockResolvedValue(undefined);
     const rmSpy = vi.spyOn(fsSync.promises, "rm").mockResolvedValue(undefined);
+    const chmodSpy = vi.spyOn(fsSync, "chmodSync").mockImplementation(() => {});
 
     await writeCredsJsonAtomically(
       "/tmp/openclaw-oauth/whatsapp/default",
       { me: { id: "123@s.whatsapp.net" } },
-      { warn: vi.fn() } as never,
     );
 
     expect(writeFileSpy).toHaveBeenCalledTimes(1);
     expect(renameSpy).toHaveBeenCalledTimes(1);
     expect(rmSpy).not.toHaveBeenCalled();
+    expect(chmodSpy).not.toHaveBeenCalled();
     const writePath = String(writeFileSpy.mock.calls[0]?.[0] ?? "");
     const renameArgs = renameSpy.mock.calls[0] ?? [];
     expect(writePath).toContain(".creds.");
diff --git a/extensions/whatsapp/src/session.ts b/extensions/whatsapp/src/session.ts
index 5f507dadec2..fd8ea3101b5 100644
--- a/extensions/whatsapp/src/session.ts
+++ b/extensions/whatsapp/src/session.ts
@@ -47,25 +47,18 @@ async function loadQrTerminal() {
 export async function writeCredsJsonAtomically(
   authDir: string,
   creds: unknown,
-  logger: ReturnType<typeof getChildLogger>,
 ): Promise<void> {
   const credsPath = resolveWebCredsPath(authDir);
   const tempPath = path.join(authDir, `.creds.${process.pid}.${Date.now()}.tmp`);
   try {
     await fs.writeFile(tempPath, JSON.stringify(creds, BufferJSON.replacer), { mode: 0o600 });
     await fs.rename(tempPath, credsPath);
-    try {
-      fsSync.chmodSync(credsPath, 0o600);
-    } catch {
-      // best-effort on platforms that support it
-    }
   } catch (err) {
     try {
       await fs.rm(tempPath, { force: true });
     } catch {
       // best-effort cleanup
     }
-    logger.warn({ error: String(err) }, "failed atomic WhatsApp creds write");
     throw err;
   }
 }
@@ -121,11 +114,6 @@ async function safeSaveCreds(
   }
   try {
     await Promise.resolve(saveCreds());
-    try {
-      fsSync.chmodSync(resolveWebCredsPath(authDir), 0o600);
-    } catch {
-      // best-effort on platforms that support it
-    }
   } catch (err) {
     logger.warn({ error: String(err) }, "failed saving WhatsApp creds");
   }
@@ -153,7 +141,7 @@ export async function createWaSocket(
   maybeRestoreCredsFromBackup(authDir);
   const { state } = await useMultiFileAuthState(authDir);
   const saveCreds = async () => {
-    await writeCredsJsonAtomically(authDir, state.creds, sessionLogger);
+    await writeCredsJsonAtomically(authDir, state.creds);
   };
   const { version } = await fetchLatestBaileysVersion();
   const agent = await resolveEnvProxyAgent(sessionLogger);