mirror of
https://github.com/openclaw/openclaw.git
synced 2026-07-17 05:51:40 +00:00
* fix(core): make indexed access explicit in auto-reply, infra, and config Part 1/3 of the src NUIA phase-3b burn-down (#104600): iteration and destructuring over index reads, boundary guards on parsed input, and named invariants. Config path walkers bind the path head once; SQLite migration key handling is hoisted without query-shape changes. * fix(core): make indexed access explicit in cli, gateway, commands, security, shared Part 2/3: argv/token selection restructured, gateway event/attachment invariants named, security parsers stay fail-closed (invariant violations throw), edit-distance matrices access checked entries. * fix(core): make indexed access explicit across remaining src surfaces Part 3/3: channels, plugins, process, cron, plugin-sdk, media, logging, tui, hooks, daemon, and small directories. Latent bug fixed: a tailnet resolver could leak undefined through a string|null contract and now fails with a descriptive local error. * fix(core): keep optional boundaries optional after per-commit review Review findings: expectDefined misused where absence is a legitimate state. CLI --profile/route-args missing next tokens take their existing miss paths; help normalization compares --help against the last positional again; first-time plugin install spreads absent cfg.plugins; denylist scan iterates manifest dependency entries instead of throwing on omitted sections; tailnet resolver returns a guaranteed string at the source instead of a caller-side undefined throw. * refactor(core): closed-key provider labels and honest optional passthroughs PROVIDER_LABELS becomes a satisfies-typed closed record (static reads provably defined; dynamic lookups go through providerUsageLabel with honest string|undefined). Status-scan overview passes its optional params through unchanged instead of asserting them. * fix(channels): make getChatChannelMeta honestly optional The original signature claimed ChatChannelMeta while leaking undefined on bundled channel id metadata drift; three of four callers already handled absence. The return type now says so, and the one assuming caller falls back to the raw channel label. * fix(core): index-safety for post-rebase main drift Covers the sqlite-sessions flip and auth-source-plan code that landed mid-phase, plus the channel-validation test consuming the now honestly optional getChatChannelMeta. * refactor(channels): split chat-meta accessors along the SDK contract getChatChannelMeta keeps its shipped plugin-SDK signature (defined for bundled ids, fail-loud on impossible misses); new findChatChannelMeta carries the drift-tolerant optional contract for core auto-enable and formatting paths. * fix(qa-channel): own channel metadata instead of a guaranteed-undefined catalog lookup qa-channel spread getChatChannelMeta over an id that is never in the bundled catalog, shipping an empty setup meta by accident; the fail-loud SDK accessor exposed it. The channel now declares its metadata once. * fix(gateway): heartbeat projection lookahead is optional at the transcript tail expectDefined wrapped messages[i + 1] whose absence on the final message is the normal case; the adjacent ternary already handled it. Restores the plain optional read with an explicit guard in the pair condition. * fix(plugin-sdk): channel plugin factory tolerates non-bundled channel ids again createChannelPluginBase spreads bundled catalog meta for ANY channel id, where absence is the normal case for external plugins; the resolver is honestly optional again while the exported bundled-id accessor keeps the fail-loud contract. * fix(core): spreads of optional config sections stay optional Fresh-setup and first-install paths (crestodian setup inference, hook installs, agent config base, target agent models) legitimately lack the section being rebuilt; spreading undefined is the shipped {} semantics. Removes the remaining gratuitous assertion wraps found by tree audit.
70 lines
2.6 KiB
TypeScript
70 lines
2.6 KiB
TypeScript
import { expectDefined } from "@openclaw/normalization-core";
|
|
// Resolves CLI command path policy from the declarative command catalog.
|
|
import { isGatewayConfigBypassCommandPath } from "../gateway/explicit-connection-policy.js";
|
|
import { getCommandPathWithRootOptions } from "./argv.js";
|
|
import {
|
|
cliCommandCatalog,
|
|
type CliCommandPathPolicy,
|
|
type CliNetworkProxyPolicy,
|
|
} from "./command-catalog.js";
|
|
import { matchesCommandPath } from "./command-path-matches.js";
|
|
import { resolveGatewayCatalogCommandPath } from "./gateway-run-argv.js";
|
|
|
|
const DEFAULT_CLI_COMMAND_PATH_POLICY: CliCommandPathPolicy = {
|
|
bypassConfigGuard: false,
|
|
routeConfigGuard: "never",
|
|
loadPlugins: "never",
|
|
pluginRegistry: { scope: "all" },
|
|
ownsProtocolStdout: false,
|
|
hideBanner: false,
|
|
ensureCliPath: true,
|
|
networkProxy: "default",
|
|
};
|
|
|
|
export function resolveCliCommandPathPolicy(commandPath: string[]): CliCommandPathPolicy {
|
|
// Later catalog entries can refine broader root policies with exact subcommand overrides.
|
|
const resolvedPolicy: CliCommandPathPolicy = { ...DEFAULT_CLI_COMMAND_PATH_POLICY };
|
|
for (const entry of cliCommandCatalog) {
|
|
if (!entry.policy) {
|
|
continue;
|
|
}
|
|
if (!matchesCommandPath(commandPath, entry.commandPath, { exact: entry.exact })) {
|
|
continue;
|
|
}
|
|
Object.assign(resolvedPolicy, entry.policy);
|
|
}
|
|
if (isGatewayConfigBypassCommandPath(commandPath)) {
|
|
resolvedPolicy.bypassConfigGuard = true;
|
|
}
|
|
return resolvedPolicy;
|
|
}
|
|
|
|
function isCommandPathPrefix(commandPath: string[], pattern: readonly string[]): boolean {
|
|
return pattern.every((segment, index) => commandPath[index] === segment);
|
|
}
|
|
|
|
export function resolveCliCatalogCommandPath(argv: string[]): string[] {
|
|
// Gateway `run openclaw ...` argv needs catalog routing against the embedded command path.
|
|
const tokens =
|
|
resolveGatewayCatalogCommandPath(argv) ?? getCommandPathWithRootOptions(argv, argv.length);
|
|
if (tokens.length === 0) {
|
|
return [];
|
|
}
|
|
let bestMatch: readonly string[] | null = null;
|
|
for (const entry of cliCommandCatalog) {
|
|
if (!isCommandPathPrefix(tokens, entry.commandPath)) {
|
|
continue;
|
|
}
|
|
if (!bestMatch || entry.commandPath.length > bestMatch.length) {
|
|
bestMatch = entry.commandPath;
|
|
}
|
|
}
|
|
return bestMatch ? [...bestMatch] : [expectDefined(tokens[0], "tokens entry at 0")];
|
|
}
|
|
|
|
export function resolveCliNetworkProxyPolicy(argv: string[]): CliNetworkProxyPolicy {
|
|
const commandPath = resolveCliCatalogCommandPath(argv);
|
|
const networkProxy = resolveCliCommandPathPolicy(commandPath).networkProxy;
|
|
return typeof networkProxy === "function" ? networkProxy({ argv, commandPath }) : networkProxy;
|
|
}
|