Pairing-code delivery was hardwired to Discord DM (notifyBotToken +
adminUserId required). Make the provider config-selectable.
- core/config.ts: add notifyProvider ("discord"|"fabric", default
"discord" for back-compat); discord fields required only for discord;
add fabric block (centerApiBase/apiKey/guildNodeId/channelId) required
only for fabric
- notifications/types.ts: neutral PairingNotificationService interface
(DiscordNotificationService kept as back-compat alias)
- notifications/fabric.ts: post the pairing message to a Fabric channel
(agent/login -> guild token -> POST messages); self-contained, no
Fabric plugin dependency
- notifications/factory.ts: select provider from config
- core/runtime.ts: wire via factory
- openclaw.plugin.json: notifyProvider enum + fabric object; drop
notifyBotToken/adminUserId from required (conditional in code)
- tests: fabric notifier + provider-selection config (80 passing)
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Lifecycle:
- Move runtime.start() and shutdown handlers out of register() into
api.on("gateway_start", ...) and api.on("gateway_stop", ...). register()
runs in every CLI subprocess that loads plugins (e.g. `openclaw completion`,
`openclaw doctor`); without this gate the runtime would open a network
connection / bind a listener every time those one-shot commands ran.
- Drop process.once("SIGTERM"/"SIGINT") in favour of the gateway_stop hook,
which is the documented way for plugins to react to shutdown.
- Stop relying on the non-standard `api.rootDir` field (not present on the
current OpenClawPluginApi); compute the per-plugin data directory as
~/.openclaw/yonexus-server and ensure it exists before use.
Plugin SDK convention update:
- Wrap default export with definePluginEntry({ id, name, description, register })
per the current openclaw plugin authoring contract.
- Re-type the register function to accept OpenClawPluginApi instead of the
hand-crafted { rootDir, pluginConfig, ... } shape.
- Use focused subpath imports openclaw/plugin-sdk/plugin-entry and
openclaw/plugin-sdk/core.
- Add openclaw as a devDependency (file:/usr/lib/node_modules/openclaw) so
tsc resolves the SDK type subpaths at build time.
- Modernize openclaw.plugin.json: drop version/entry/permissions, add
activation.onStartup so gateway_start fires for this plugin at boot.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Module-level _serverStarted / ruleRegistry / onClientAuthenticatedCallbacks
reset on hot-reload (new VM context). After hot-reload the second runtime
attempt would hit EADDRINUSE (silently swallowed) while __yonexusServer
was overwritten to point at a transport that never started, making every
sendRule() return false.
- Replace let _serverStarted with _G["_yonexusServerStarted"]
- Store ruleRegistry and onClientAuthenticatedCallbacks under globalThis
keys, initialising only when absent
- Store transport under _G["_yonexusServerTransport"]; sendRule closure
reads it from globalThis instead of a module-local capture
- Re-write __yonexusServer every register() call (updated closures),
but skip runtime.start() when the globalThis flag is already set
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Add ruleRegistry and onClientAuthenticated options to YonexusServerRuntime
- Dispatch rewritten rule messages (rule::sender::content) to rule registry
- Guard onClientAuthenticated behind promoteToAuthenticated return value
- Fix transport message handler: use tempConn directly when ws is in temp state,
preventing stale _connections entry from causing promoteToAuthenticated to fail
- Close competing temp connections with same identifier on promotion
- Expose __yonexusServer on globalThis for cross-plugin communication
- Remove auto-failure on admin notification miss; pairing stays pending
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Refactor transport to track temp connections separately from authenticated
- Add assignIdentifierToTemp() for hello phase (pre-auth)
- Add promoteToAuthenticated() that closes old connection only after new one auths
- Add removeTempConnection() for cleanup on auth failure
- Update runtime to use new API: assignIdentifierToTemp() on hello, promoteToAuthenticated() on auth_success
This prevents an attacker from kicking an authenticated connection with just a hello message.
