diff --git a/CHANGELOG.md b/CHANGELOG.md index 2ace486db..2383eb8cd 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,7 @@ ### Security - Hardened the relay IPC socket: now lives under `~/.warelay/ipc`, enforces 0700 dir / 0600 socket perms, rejects symlink or foreign-owned paths, and includes unit tests to lock in the behavior. - `warelay logout` now also prunes the shared session store (`~/.warelay/sessions.json`) alongside WhatsApp Web credentials, reducing leftover state after unlinking. +- Logging now rolls daily to `/tmp/warelay/warelay-YYYY-MM-DD.log` (or custom dir) and prunes files older than 24h to reduce data retention. ## 1.3.0 — 2025-12-02 diff --git a/README.md b/README.md index 70cd06569..6524c35ea 100644 --- a/README.md +++ b/README.md @@ -137,6 +137,16 @@ warelay supports running on the same phone number you message from—you chat wi } ``` +#### Abort trigger words +- If an inbound body is exactly `stop`, `esc`, `abort`, `wait`, or `exit`, the command/agent run is skipped and the user immediately gets `Agent was aborted.`. +- The session is tagged so the *next* prompt sent to the agent is prefixed with a short reminder that the previous run was aborted; the hint clears after that turn. + +#### Agent choices +- `inbound.reply.agent.kind` can be `claude`, `opencode`, `pi`, `codex`, or `gemini`. +- Gemini CLI supports `--output-format text|json|stream-json`; warelay auto-adds it when you set `agent.format`. +- Session defaults: Claude uses `--session-id/--resume`, Codex/Opencode/Pi use `--session`, and Gemini defaults to `--resume` for session resumes (new sessions need no flag). Override via `sessionArgNew/sessionArgResume` if you prefer custom flags. +- Reliability note: only Claude reliably returns a `session_id` that warelay can persist and reuse. Other harnesses currently don’t emit a stable session identifier, so multi-turn continuity may reset between runs for those agents (Pi does not auto-compact, but still doesn’t expose a session id). + #### Heartbeat pings (command mode) - When `heartbeatMinutes` is set (default 10 for `mode: "command"`), the relay periodically runs your command/Claude session with a heartbeat prompt. - Heartbeat body is `HEARTBEAT ultrathink` (so the model can recognize the probe); if Claude replies exactly `HEARTBEAT_OK`, the message is suppressed; otherwise the reply (or media) is forwarded. Suppressions are still logged so you know the heartbeat ran. @@ -145,7 +155,7 @@ warelay supports running on the same phone number you message from—you chat wi - When multiple active sessions exist, `warelay heartbeat` requires `--to ` or `--all`; if `allowFrom` is just `"*"`, you must choose a target with one of those flags. ### Logging (optional) -- File logs are written to `/tmp/warelay/warelay.log` by default. Levels: `silent | fatal | error | warn | info | debug | trace` (CLI `--verbose` forces `debug`). Web-provider inbound/outbound entries include message bodies and auto-reply text for easier auditing. +- File logs are written to `/tmp/warelay/warelay-YYYY-MM-DD.log` by default (rotated daily; files older than 24h are pruned). Levels: `silent | fatal | error | warn | info | debug | trace` (CLI `--verbose` forces `debug`). Web-provider inbound/outbound entries include message bodies and auto-reply text for easier auditing. - Override in `~/.warelay/warelay.json`: ```json5 @@ -208,7 +218,7 @@ Templating tokens: `{{Body}}`, `{{BodyStripped}}`, `{{From}}`, `{{To}}`, `{{Mess ## FAQ & Safety - Twilio errors: **63016 “permission to send an SMS has not been enabled”** → ensure your number is WhatsApp-enabled; **63007 template not approved** → send a free-form session message within 24h or use an approved template; **63112 policy violation** → adjust content, shorten to <1600 chars, avoid links that trigger spam filters. Re-run `pnpm warelay status` to see the exact Twilio response body. -- Does this store my messages? warelay only writes `~/.warelay/warelay.json` (config), `~/.warelay/credentials/` (WhatsApp Web auth), and `~/.warelay/sessions.json` (session IDs + timestamps). It does **not** persist message bodies beyond the session store. Logs stream to stdout/stderr and also `/tmp/warelay/warelay.log` (configurable via `logging.file`). +- Does this store my messages? warelay only writes `~/.warelay/warelay.json` (config), `~/.warelay/credentials/` (WhatsApp Web auth), and `~/.warelay/sessions.json` (session IDs + timestamps). It does **not** persist message bodies beyond the session store. Logs stream to stdout/stderr and also `/tmp/warelay/warelay-YYYY-MM-DD.log` (configurable via `logging.file`). - Personal WhatsApp safety: Automation on personal accounts can be rate-limited or logged out by WhatsApp. Use `--provider web` sparingly, keep messages human-like, and re-run `login` if the session is dropped. - Limits to remember: WhatsApp text limit ~1600 chars; avoid rapid bursts—space sends by a few seconds; keep webhook replies under a couple seconds for good UX; command auto-replies time out after 600s by default. - Deploy / keep running: Use `tmux` or `screen` for ad-hoc (`tmux new -s warelay -- pnpm warelay relay --provider twilio`). For long-running hosts, wrap `pnpm warelay relay ...` or `pnpm warelay webhook --ingress tailscale ...` in a systemd service or macOS LaunchAgent; ensure environment variables are loaded in that context. diff --git a/src/logger.test.ts b/src/logger.test.ts index 1e7d6aa63..709fcca35 100644 --- a/src/logger.test.ts +++ b/src/logger.test.ts @@ -7,7 +7,11 @@ import { afterEach, describe, expect, it, vi } from "vitest"; import { setVerbose } from "./globals.js"; import { logDebug, logError, logInfo, logSuccess, logWarn } from "./logger.js"; -import { resetLogger, setLoggerOverride } from "./logging.js"; +import { + DEFAULT_LOG_DIR, + resetLogger, + setLoggerOverride, +} from "./logging.js"; import type { RuntimeEnv } from "./runtime.js"; describe("logger helpers", () => { @@ -67,6 +71,28 @@ describe("logger helpers", () => { expect(content).toContain("warn-only"); cleanup(logPath); }); + + it("uses daily rolling default log file and prunes old ones", () => { + resetLogger(); + setLoggerOverride({}); // force defaults regardless of user config + const today = new Date().toISOString().slice(0, 10); + const todayPath = path.join(DEFAULT_LOG_DIR, `warelay-${today}.log`); + + // create an old file to be pruned + const oldPath = path.join(DEFAULT_LOG_DIR, "warelay-2000-01-01.log"); + fs.mkdirSync(DEFAULT_LOG_DIR, { recursive: true }); + fs.writeFileSync(oldPath, "old"); + fs.utimesSync(oldPath, new Date(0), new Date(0)); + cleanup(todayPath); + + logInfo("roll-me"); + + expect(fs.existsSync(todayPath)).toBe(true); + expect(fs.readFileSync(todayPath, "utf-8")).toContain("roll-me"); + expect(fs.existsSync(oldPath)).toBe(false); + + cleanup(todayPath); + }); }); function pathForTest() { diff --git a/src/logging.ts b/src/logging.ts index 3e0a6d21b..cabe9b277 100644 --- a/src/logging.ts +++ b/src/logging.ts @@ -6,8 +6,12 @@ import pino, { type Bindings, type LevelWithSilent, type Logger } from "pino"; import { loadConfig, type WarelayConfig } from "./config/config.js"; import { isVerbose } from "./globals.js"; -const DEFAULT_LOG_DIR = path.join(os.tmpdir(), "warelay"); -export const DEFAULT_LOG_FILE = path.join(DEFAULT_LOG_DIR, "warelay.log"); +export const DEFAULT_LOG_DIR = path.join(os.tmpdir(), "warelay"); +export const DEFAULT_LOG_FILE = path.join(DEFAULT_LOG_DIR, "warelay.log"); // legacy single-file path + +const LOG_PREFIX = "warelay"; +const LOG_SUFFIX = ".log"; +const MAX_LOG_AGE_MS = 24 * 60 * 60 * 1000; // 24h const ALLOWED_LEVELS: readonly LevelWithSilent[] = [ "silent", @@ -46,7 +50,7 @@ function resolveSettings(): ResolvedSettings { const cfg: WarelayConfig["logging"] | undefined = overrideSettings ?? loadConfig().logging; const level = normalizeLevel(cfg?.level); - const file = cfg?.file ?? DEFAULT_LOG_FILE; + const file = cfg?.file ?? defaultRollingPathForToday(); return { level, file }; } @@ -57,6 +61,10 @@ function settingsChanged(a: ResolvedSettings | null, b: ResolvedSettings) { function buildLogger(settings: ResolvedSettings): Logger { fs.mkdirSync(path.dirname(settings.file), { recursive: true }); + // Clean up stale rolling logs when using a dated log filename. + if (isRollingPath(settings.file)) { + pruneOldRollingLogs(path.dirname(settings.file)); + } const destination = pino.destination({ dest: settings.file, mkdir: true, @@ -104,3 +112,39 @@ export function resetLogger() { cachedSettings = null; overrideSettings = null; } + +function defaultRollingPathForToday(): string { + const today = new Date().toISOString().slice(0, 10); // YYYY-MM-DD + return path.join(DEFAULT_LOG_DIR, `${LOG_PREFIX}-${today}${LOG_SUFFIX}`); +} + +function isRollingPath(file: string): boolean { + const base = path.basename(file); + return ( + base.startsWith(`${LOG_PREFIX}-`) && + base.endsWith(LOG_SUFFIX) && + base.length === `${LOG_PREFIX}-YYYY-MM-DD${LOG_SUFFIX}`.length + ); +} + +function pruneOldRollingLogs(dir: string): void { + try { + const entries = fs.readdirSync(dir, { withFileTypes: true }); + const cutoff = Date.now() - MAX_LOG_AGE_MS; + for (const entry of entries) { + if (!entry.isFile()) continue; + if (!entry.name.startsWith(`${LOG_PREFIX}-`) || !entry.name.endsWith(LOG_SUFFIX)) continue; + const fullPath = path.join(dir, entry.name); + try { + const stat = fs.statSync(fullPath); + if (stat.mtimeMs < cutoff) { + fs.rmSync(fullPath, { force: true }); + } + } catch { + // ignore errors during pruning + } + } + } catch { + // ignore missing dir or read errors + } +}