admin/Moltbot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
1007d71f0cece18ca74d2a2bc7ab3b88c734f75e
Moltbot/src/discord/monitor/presence-cache.ts
Tyler Yust 1007d71f0c fix: comprehensive BlueBubbles and channel cleanup (#11093) 
* feat(bluebubbles): auto-strip markdown from outbound messages (#7402)

* fix(security): add timeout to webhook body reading (#6762)

Adds 30-second timeout to readBody() in voice-call, bluebubbles, and nostr
webhook handlers. Prevents Slow-Loris DoS (CWE-400, CVSS 7.5).
Merged with existing maxBytes protection in voice-call.

* fix(security): unify Error objects and lint fixes in webhook timeouts (#6762)

* fix: prevent plugins from auto-enabling without user consent (#3961)

Changes default plugin enabled state from true to false in enablePluginEntry().
Preserves existing enabled:true values. Fixes #3932.

* fix: apply hierarchical mediaMaxMb config to all channels (#8749)

Generalizes resolveAttachmentMaxBytes() to use account → channel → global
config resolution for all channels, not just BlueBubbles. Fixes #7847.

* fix(bluebubbles): sanitize attachment filenames against header injection (#10333)

Strip ", \r, \n, and \\ from filenames after path.basename() to prevent
multipart Content-Disposition header injection (CWE-93, CVSS 5.4).
Also adds sanitization to setGroupIconBlueBubbles which had zero filename
sanitization.

* fix(lint): exclude extensions/ from Oxlint preflight check (#9313)

Extensions use PluginRuntime|null patterns that trigger
no-redundant-type-constituents because PluginRuntime resolves to any.
Excluding extensions/ from Oxlint unblocks user upgrades.
Re-applies the approach from closed PR #10087.

* fix(bluebubbles): add tempGuid to createNewChatWithMessage payload (#7745)

Non-Private-API mode (AppleScript) requires tempGuid in send payloads.
The main sendMessageBlueBubbles already had it, but createNewChatWithMessage
was missing it, causing 400 errors for new chat creation without Private API.

* fix: send stop-typing signal when run ends with NO_REPLY (#8785)

Adds onCleanup callback to the typing controller that fires when the
controller is cleaned up while typing was active (e.g., after NO_REPLY).
Channels using createTypingCallbacks automatically get stop-typing on
cleanup. This prevents the typing indicator from lingering in group chats
when the agent decides not to reply.

* fix(telegram): deduplicate skill commands in multi-agent setup (#5717)

Two fixes:
1. Skip duplicate workspace dirs when listing skill commands across agents.
   Multiple agents sharing the same workspace would produce duplicate commands
   with _2, _3 suffixes.
2. Clear stale commands via deleteMyCommands before registering new ones.
   Commands from deleted skills now get cleaned up on restart.

* fix: add size limits to unbounded in-memory caches (#4948)

Adds max-size caps with oldest-entry eviction to prevent OOM in
long-running deployments:
- BlueBubbles serverInfoCache: 64 entries (already has TTL)
- Google Chat authCache: 32 entries
- Matrix directRoomCache: 1024 entries
- Discord presenceCache: 5000 entries per account

* fix: address review concerns (#11093)

- Chain deleteMyCommands → setMyCommands to prevent race condition (#5717)
- Rename enablePluginEntry to registerPluginEntry (now sets enabled: false)
- Add Slow-Loris timeout test for readJsonBody (#6023)
2026-02-07 05:00:55 -08:00

62 lines
1.8 KiB
TypeScript
Raw Blame History

import type { GatewayPresenceUpdate } from "discord-api-types/v10";
/**
* In-memory cache of Discord user presence data.
* Populated by PRESENCE_UPDATE gateway events when the GuildPresences intent is enabled.
* Per-account maps are capped to prevent unbounded growth (#4948).
*/
const MAX_PRESENCE_PER_ACCOUNT = 5000;
const presenceCache = new Map<string, Map<string, GatewayPresenceUpdate>>();
function resolveAccountKey(accountId?: string): string {
return accountId ?? "default";
}
/** Update cached presence for a user. */
export function setPresence(
accountId: string | undefined,
userId: string,
data: GatewayPresenceUpdate,
): void {
const accountKey = resolveAccountKey(accountId);
let accountCache = presenceCache.get(accountKey);
if (!accountCache) {
accountCache = new Map();
presenceCache.set(accountKey, accountCache);
}
accountCache.set(userId, data);
// Evict oldest entries if cache exceeds limit
if (accountCache.size > MAX_PRESENCE_PER_ACCOUNT) {
const oldest = accountCache.keys().next().value;
if (oldest !== undefined) {
accountCache.delete(oldest);
}
}
}
/** Get cached presence for a user. Returns undefined if not cached. */
export function getPresence(
accountId: string | undefined,
userId: string,
): GatewayPresenceUpdate | undefined {
return presenceCache.get(resolveAccountKey(accountId))?.get(userId);
}
/** Clear cached presence data. */
export function clearPresences(accountId?: string): void {
if (accountId) {
presenceCache.delete(resolveAccountKey(accountId));
return;
}
presenceCache.clear();
}
/** Get the number of cached presence entries. */
export function presenceCacheSize(): number {
let total = 0;
for (const accountCache of presenceCache.values()) {
total += accountCache.size;
}
return total;
}
Reference in New Issue View Git Blame Copy Permalink