From f565138ddc916cfa0c3d73064e0b0394f20593db Mon Sep 17 00:00:00 2001 From: Vincent Koc Date: Tue, 7 Jul 2026 13:16:57 -0700 Subject: [PATCH] refactor(deadcode): localize core helpers (#101869) --- src/agents/bash-tools.exec-host-shared.ts | 6 +++--- src/cli/hooks-cli.ts | 4 ++-- src/cli/update-cli/plugin-payload-validation.ts | 2 +- src/commands/doctor-plugin-registry.ts | 2 +- src/commands/onboard.ts | 2 +- src/commands/runtime-plugin-install.ts | 4 ++-- src/config/codex-plugin-diagnostics.ts | 2 +- src/config/nix-mode-write-guard.ts | 2 +- src/config/sessions/store-cache.ts | 4 ++-- src/config/sessions/transcript-jsonl.ts | 2 +- src/gateway/chat-display-projection.ts | 2 +- src/gateway/local-request-context.ts | 2 +- src/gateway/method-scopes.ts | 2 +- src/gateway/methods/core-descriptors.ts | 2 +- src/gateway/server-methods-list.ts | 2 +- src/gateway/server-methods/approval-shared.ts | 2 +- src/gateway/server-methods/channels.ts | 6 +++--- src/gateway/server-methods/chat.ts | 2 +- src/gateway/server-methods/talk-shared.ts | 2 +- src/gateway/server-methods/tools-catalog.ts | 2 +- src/gateway/server-methods/workspace-fs.ts | 2 +- src/gateway/server-startup-config.ts | 2 +- src/gateway/server/plugins-http/route-capability.ts | 2 +- src/gateway/server/plugins-http/route-match.ts | 2 +- src/gateway/session-child-sessions.ts | 2 +- src/gateway/session-utils.ts | 4 ++-- src/infra/command-carriers.ts | 2 +- src/infra/event-session-routing.ts | 2 +- src/infra/exec-control-command-guard.ts | 2 +- src/infra/host-env-security.ts | 5 +---- src/infra/kysely-sync.ts | 2 +- src/infra/net/proxy/proxy-tls.ts | 2 +- src/infra/outbound/message-action-tts.ts | 2 +- src/infra/outbound/target-errors.ts | 2 +- src/infra/promotions-feed.ts | 2 +- src/infra/stale-lock-file.ts | 2 +- src/infra/unhandled-rejections.ts | 2 +- src/infra/update-check.ts | 2 +- src/logging/diagnostic-stability-bundle.ts | 2 +- src/logging/diagnostic-support-export.ts | 2 +- src/media/input-files.ts | 2 +- src/plugins/activation-context.ts | 6 +++--- src/plugins/api-lifecycle.ts | 2 +- src/plugins/bundled-capability-runtime.ts | 2 +- src/plugins/bundled-load-path-aliases.ts | 2 +- src/plugins/bundled-manifest-contract-plugins.ts | 2 +- src/plugins/bundled-source-overlays.ts | 2 +- src/plugins/cli-registry-loader.ts | 8 ++++---- src/plugins/config-activation-shared.ts | 6 +++--- src/plugins/embedding-provider-runtime.ts | 4 ++-- src/plugins/install-paths.ts | 4 ++-- src/plugins/manifest-registry-installed.ts | 2 +- src/plugins/manifest.ts | 2 +- src/plugins/native-module-require.ts | 2 +- src/plugins/npm-project-roots.ts | 2 +- src/plugins/openai-compatible-embedding-provider.ts | 2 +- src/plugins/provider-catalog-result.ts | 2 +- src/plugins/provider-discovery.runtime.ts | 2 +- src/plugins/runtime/runtime-plugin-boundary.ts | 2 +- src/plugins/web-provider-public-artifacts.explicit.ts | 2 +- src/proxy-capture/coverage.ts | 4 ++-- src/secrets/auth-profiles-scan.ts | 2 +- src/secrets/channel-env-vars.ts | 2 +- src/secrets/legacy-secretref-env-marker.ts | 2 +- src/secrets/provider-env-vars.ts | 2 +- src/secrets/runtime-fast-path.ts | 2 +- src/secrets/runtime-state.ts | 2 +- src/security/audit.ts | 4 ++-- src/security/installed-plugin-dirs.ts | 2 +- src/sessions/input-provenance.ts | 4 +--- src/sessions/session-chat-type-shared.ts | 2 +- src/shared/device-pairing-access.ts | 4 ++-- src/skills/config/mutations.ts | 2 +- src/skills/loading/workspace.ts | 2 +- src/tasks/task-flow-registry.ts | 2 +- src/tasks/task-registry.audit.ts | 5 +---- src/tasks/task-registry.maintenance.ts | 2 +- src/trajectory/command-export.ts | 2 +- src/utils/delivery-context.shared.ts | 4 +--- 79 files changed, 99 insertions(+), 109 deletions(-) diff --git a/src/agents/bash-tools.exec-host-shared.ts b/src/agents/bash-tools.exec-host-shared.ts index aaeb8d54a5c..528fff61da5 100644 --- a/src/agents/bash-tools.exec-host-shared.ts +++ b/src/agents/bash-tools.exec-host-shared.ts @@ -147,7 +147,7 @@ export function createExecApprovalPendingState(params: { } /** Builds pending approval state plus rounded notice duration. */ -export function createExecApprovalRequestState(params: { +function createExecApprovalRequestState(params: { warnings: string[]; timeoutMs: number; approvalRunningNoticeMs: number; @@ -163,7 +163,7 @@ export function createExecApprovalRequestState(params: { } /** Creates a fresh approval id/slug/context key for a pending request. */ -export function createExecApprovalRequestContext(params: { +function createExecApprovalRequestContext(params: { warnings: string[]; timeoutMs: number; approvalRunningNoticeMs: number; @@ -188,7 +188,7 @@ export function createExecApprovalRequestContext(params: { } /** Creates a pending approval context using the default approval timeout. */ -export function createDefaultExecApprovalRequestContext(params: { +function createDefaultExecApprovalRequestContext(params: { warnings: string[]; approvalRunningNoticeMs: number; createApprovalSlug: (approvalId: string) => string; diff --git a/src/cli/hooks-cli.ts b/src/cli/hooks-cli.ts index 2a280664382..2dedb263200 100644 --- a/src/cli/hooks-cli.ts +++ b/src/cli/hooks-cli.ts @@ -440,7 +440,7 @@ export function formatHooksCheck(report: HookStatusReport, opts: HooksCheckOptio return lines.join("\n"); } -export async function enableHook(hookName: string): Promise { +async function enableHook(hookName: string): Promise { const snapshot = await readConfigFileSnapshot(); const config = (snapshot.sourceConfig ?? snapshot.config) as OpenClawConfig; const hook = resolveHookForToggle(buildHooksReport(config), hookName, { requireEligible: true }); @@ -460,7 +460,7 @@ export async function enableHook(hookName: string): Promise { ); } -export async function disableHook(hookName: string): Promise { +async function disableHook(hookName: string): Promise { const snapshot = await readConfigFileSnapshot(); const config = (snapshot.sourceConfig ?? snapshot.config) as OpenClawConfig; const hook = resolveHookForToggle(buildHooksReport(config), hookName); diff --git a/src/cli/update-cli/plugin-payload-validation.ts b/src/cli/update-cli/plugin-payload-validation.ts index c70b5c2b146..4337ca59edc 100644 --- a/src/cli/update-cli/plugin-payload-validation.ts +++ b/src/cli/update-cli/plugin-payload-validation.ts @@ -244,7 +244,7 @@ async function validatePackagePayload(params: { return failures; } -export function isBundleInstallRecord(record: PluginInstallRecord): boolean { +function isBundleInstallRecord(record: PluginInstallRecord): boolean { return ( (record as { format?: unknown }).format === "bundle" || record.clawhubFamily === "bundle-plugin" ); diff --git a/src/commands/doctor-plugin-registry.ts b/src/commands/doctor-plugin-registry.ts index 1ea78b226a2..604255556f1 100644 --- a/src/commands/doctor-plugin-registry.ts +++ b/src/commands/doctor-plugin-registry.ts @@ -321,7 +321,7 @@ export function maybeRepairStaleManagedNpmBundledPlugins( } /** Removes local install records that shadow current bundled plugin sources. */ -export async function maybeRepairStaleLocalBundledPluginInstallRecords( +async function maybeRepairStaleLocalBundledPluginInstallRecords( params: PluginRegistryDoctorRepairParams, ): Promise { const stale = await listStaleLocalBundledPluginInstallRecordShadows(params); diff --git a/src/commands/onboard.ts b/src/commands/onboard.ts index 93eaddba0c7..703cfc33966 100644 --- a/src/commands/onboard.ts +++ b/src/commands/onboard.ts @@ -41,7 +41,7 @@ const CONVERSATIONAL_SAFE_ONBOARD_KEYS = new Set([ "classic", ]); -export function wantsClassicInteractiveSetup(opts: OnboardOptions): boolean { +function wantsClassicInteractiveSetup(opts: OnboardOptions): boolean { if (opts.classic === true) { return true; } diff --git a/src/commands/runtime-plugin-install.ts b/src/commands/runtime-plugin-install.ts index ba58e83abea..e844ac134ce 100644 --- a/src/commands/runtime-plugin-install.ts +++ b/src/commands/runtime-plugin-install.ts @@ -69,7 +69,7 @@ function isInstalledRecordPresentOnDisk( } /** Ensures the runtime plugin required by the selected model is installed and enabled. */ -export async function ensureRuntimePluginForModelSelection(params: { +async function ensureRuntimePluginForModelSelection(params: { cfg: OpenClawConfig; model?: string; prompter: WizardPrompter; @@ -140,7 +140,7 @@ export async function ensureRuntimePluginForModelSelection(params: { } /** Repairs missing install records for runtime plugins required by model selection. */ -export async function repairRuntimePluginInstallForModelSelection(params: { +async function repairRuntimePluginInstallForModelSelection(params: { cfg: OpenClawConfig; model?: string; env?: NodeJS.ProcessEnv; diff --git a/src/config/codex-plugin-diagnostics.ts b/src/config/codex-plugin-diagnostics.ts index b0396635e15..294a22d15f1 100644 --- a/src/config/codex-plugin-diagnostics.ts +++ b/src/config/codex-plugin-diagnostics.ts @@ -185,7 +185,7 @@ function openAiDefaultRouteKeepsCodexUnavailable(cfg: OpenClawConfig): boolean { * Route-specific Codex selections still win; this only answers the missing-plugin * diagnostic question for OpenAI defaults and OpenAI-compatible proxy configs. */ -export function configExplicitlyKeepsCodexUnavailableForOpenAi(cfg: OpenClawConfig): boolean { +function configExplicitlyKeepsCodexUnavailableForOpenAi(cfg: OpenClawConfig): boolean { if (openAiHasCodexDefaultRuntimePolicy(cfg)) { return false; } diff --git a/src/config/nix-mode-write-guard.ts b/src/config/nix-mode-write-guard.ts index 5a23471850d..8ca308d8b22 100644 --- a/src/config/nix-mode-write-guard.ts +++ b/src/config/nix-mode-write-guard.ts @@ -17,7 +17,7 @@ export class NixModeConfigMutationError extends Error { } /** Build the operator-facing immutable-config message for Nix-managed installs. */ -export function formatNixModeConfigMutationMessage(params: { configPath?: string } = {}): string { +function formatNixModeConfigMutationMessage(params: { configPath?: string } = {}): string { return [ "Config is managed by Nix (`OPENCLAW_NIX_MODE=1`), so OpenClaw treats openclaw.json as immutable.", "This usually means nix-openclaw, the first-party Nix distribution, or another Nix-managed package set this mode.", diff --git a/src/config/sessions/store-cache.ts b/src/config/sessions/store-cache.ts index 4c685d03668..cfe8821fbec 100644 --- a/src/config/sessions/store-cache.ts +++ b/src/config/sessions/store-cache.ts @@ -119,7 +119,7 @@ export function internSessionEntryLargeStrings(entry: SessionEntry): void { snapshot.prompt = internLargeSessionStoreString(snapshot.prompt); } -export function internSessionStoreLargeStrings(store: Record): void { +function internSessionStoreLargeStrings(store: Record): void { for (const entry of Object.values(store)) { internSessionEntryLargeStrings(entry); } @@ -252,7 +252,7 @@ export function cloneSessionStoreSnapshotEntry(entry: SessionEntry): SessionStor return deepFreeze(cloneSessionStoreRecord({ entry }).entry); } -export function getSessionStoreTtl(): number { +function getSessionStoreTtl(): number { return resolveCacheTtlMs({ envValue: process.env.OPENCLAW_SESSION_CACHE_TTL_MS, defaultTtlMs: DEFAULT_SESSION_STORE_TTL_MS, diff --git a/src/config/sessions/transcript-jsonl.ts b/src/config/sessions/transcript-jsonl.ts index b2b2d722761..15b064f8108 100644 --- a/src/config/sessions/transcript-jsonl.ts +++ b/src/config/sessions/transcript-jsonl.ts @@ -28,7 +28,7 @@ export function serializeJsonlLine(entry: unknown): string { return serialized; } -export function serializeJsonlEntries(entries: readonly unknown[]): string { +function serializeJsonlEntries(entries: readonly unknown[]): string { return serializeJsonlLines(entries.map(serializeJsonlLine)); } diff --git a/src/gateway/chat-display-projection.ts b/src/gateway/chat-display-projection.ts index 2764b843635..fb66d45fe0d 100644 --- a/src/gateway/chat-display-projection.ts +++ b/src/gateway/chat-display-projection.ts @@ -63,7 +63,7 @@ function truncateChatHistoryText( } /** Return true for known tool-call/tool-result block type spellings in transcripts. */ -export function isToolHistoryBlockType(type: unknown): boolean { +function isToolHistoryBlockType(type: unknown): boolean { if (typeof type !== "string") { return false; } diff --git a/src/gateway/local-request-context.ts b/src/gateway/local-request-context.ts index 0af4892ac9f..fdbcbb12293 100644 --- a/src/gateway/local-request-context.ts +++ b/src/gateway/local-request-context.ts @@ -47,7 +47,7 @@ const unavailableCron: CronServiceContract = { }; /** Creates the minimal gateway context used by embedded local agent execution. */ -export function createLocalGatewayRequestContext( +function createLocalGatewayRequestContext( params: LocalGatewayRequestContextParams, ): GatewayRequestContext { const logGateway = createSubsystemLogger("gateway/local"); diff --git a/src/gateway/method-scopes.ts b/src/gateway/method-scopes.ts index eb564e2b73e..f2fc8ce61c5 100644 --- a/src/gateway/method-scopes.ts +++ b/src/gateway/method-scopes.ts @@ -69,7 +69,7 @@ export function isNodeRoleMethod(method: string): boolean { } /** Resolves the required static operator scope for a gateway method, if one exists. */ -export function resolveRequiredOperatorScopeForMethod(method: string): OperatorScope | undefined { +function resolveRequiredOperatorScopeForMethod(method: string): OperatorScope | undefined { return resolveScopedMethod(method); } diff --git a/src/gateway/methods/core-descriptors.ts b/src/gateway/methods/core-descriptors.ts index 2fe240f8cd1..1c3b204944a 100644 --- a/src/gateway/methods/core-descriptors.ts +++ b/src/gateway/methods/core-descriptors.ts @@ -293,7 +293,7 @@ export function listCoreGatewayMethodNames(): string[] { } /** Looks up the raw core method scope, including node and dynamic sentinel scopes. */ -export function resolveCoreGatewayMethodScope(method: string): GatewayMethodScope | undefined { +function resolveCoreGatewayMethodScope(method: string): GatewayMethodScope | undefined { return CORE_GATEWAY_METHOD_SPEC_BY_NAME.get(method)?.scope; } diff --git a/src/gateway/server-methods-list.ts b/src/gateway/server-methods-list.ts index b43cd085333..8256a9f69e1 100644 --- a/src/gateway/server-methods-list.ts +++ b/src/gateway/server-methods-list.ts @@ -11,7 +11,7 @@ type GatewayMethodChannelPlugin = { }; /** Lists core methods intentionally advertised to gateway clients. */ -export function listCoreGatewayMethods(): string[] { +function listCoreGatewayMethods(): string[] { return listCoreAdvertisedGatewayMethodNames(); } diff --git a/src/gateway/server-methods/approval-shared.ts b/src/gateway/server-methods/approval-shared.ts index a7ee565482e..fbe629d3395 100644 --- a/src/gateway/server-methods/approval-shared.ts +++ b/src/gateway/server-methods/approval-shared.ts @@ -86,7 +86,7 @@ function isPromiseLike(value: T | Promise): value is Promise { return typeof value === "object" && value !== null && "then" in value; } -export function isApprovalDecision(value: string): value is ExecApprovalDecision { +function isApprovalDecision(value: string): value is ExecApprovalDecision { return value === "allow-once" || value === "allow-always" || value === "deny"; } diff --git a/src/gateway/server-methods/channels.ts b/src/gateway/server-methods/channels.ts index 32ec0720576..471ecc58383 100644 --- a/src/gateway/server-methods/channels.ts +++ b/src/gateway/server-methods/channels.ts @@ -247,7 +247,7 @@ function resolveChannelGatewayAccountId(params: { } /** Log out one channel account through its owning channel plugin. */ -export async function logoutChannelAccount(params: { +async function logoutChannelAccount(params: { channelId: ChannelId; accountId?: string | null; cfg: OpenClawConfig; @@ -282,7 +282,7 @@ export async function logoutChannelAccount(params: { } /** Start one channel account through its owning channel plugin. */ -export async function startChannelAccount(params: { +async function startChannelAccount(params: { channelId: ChannelId; accountId?: string | null; cfg: OpenClawConfig; @@ -309,7 +309,7 @@ export async function startChannelAccount(params: { } /** Stop one channel account through its owning channel plugin. */ -export async function stopChannelAccount(params: { +async function stopChannelAccount(params: { channelId: ChannelId; accountId?: string | null; cfg: OpenClawConfig; diff --git a/src/gateway/server-methods/chat.ts b/src/gateway/server-methods/chat.ts index 2be3c3ebb3c..22d6c3eb47c 100644 --- a/src/gateway/server-methods/chat.ts +++ b/src/gateway/server-methods/chat.ts @@ -1595,7 +1595,7 @@ function buildChatSendUserTurnMedia(savedMedia: SavedMedia[]): NonNullable { +function buildOversizedHistoryPlaceholder(message?: unknown): Record { const role = message && typeof message === "object" && diff --git a/src/gateway/server-methods/talk-shared.ts b/src/gateway/server-methods/talk-shared.ts index 49880879088..e4c54ebd0c2 100644 --- a/src/gateway/server-methods/talk-shared.ts +++ b/src/gateway/server-methods/talk-shared.ts @@ -123,7 +123,7 @@ function getVoiceCallRealtimeConfig(config: OpenClawConfig): { return getVoiceCallProviderConfig(config, "realtime"); } -export function getVoiceCallStreamingConfig(config: OpenClawConfig): { +function getVoiceCallStreamingConfig(config: OpenClawConfig): { provider?: string; providers?: Record; } { diff --git a/src/gateway/server-methods/tools-catalog.ts b/src/gateway/server-methods/tools-catalog.ts index 67584f9e2cc..5c651afa7a1 100644 --- a/src/gateway/server-methods/tools-catalog.ts +++ b/src/gateway/server-methods/tools-catalog.ts @@ -194,7 +194,7 @@ function buildPluginGroups(params: { } /** Build the merged core/plugin tool catalog for one agent. */ -export function buildToolsCatalogResult(params: { +function buildToolsCatalogResult(params: { cfg: OpenClawConfig; agentId?: string; includePlugins?: boolean; diff --git a/src/gateway/server-methods/workspace-fs.ts b/src/gateway/server-methods/workspace-fs.ts index 1aab0cce838..0ca63d38c7e 100644 --- a/src/gateway/server-methods/workspace-fs.ts +++ b/src/gateway/server-methods/workspace-fs.ts @@ -11,7 +11,7 @@ export type WorkspaceDirEntry = WorkspacePathStat & { name: string }; /** Shared preview cap: keeps file payloads comfortably under client WS limits. */ export const WORKSPACE_PREVIEW_MAX_BYTES = 256 * 1024; -export async function openWorkspaceRoot(rootDir: string): Promise { +async function openWorkspaceRoot(rootDir: string): Promise { try { return await fsSafeRoot(rootDir, { hardlinks: "reject", diff --git a/src/gateway/server-startup-config.ts b/src/gateway/server-startup-config.ts index cd2be691734..45b218b1c7e 100644 --- a/src/gateway/server-startup-config.ts +++ b/src/gateway/server-startup-config.ts @@ -408,7 +408,7 @@ export function createRuntimeSecretsActivator(params: { } /** Throw a formatted startup error when the loaded config snapshot is invalid. */ -export function assertValidGatewayStartupConfigSnapshot( +function assertValidGatewayStartupConfigSnapshot( snapshot: ConfigFileSnapshot, options: { includeDoctorHint?: boolean } = {}, ): void { diff --git a/src/gateway/server/plugins-http/route-capability.ts b/src/gateway/server/plugins-http/route-capability.ts index db3152d7d2d..d796f19bfc7 100644 --- a/src/gateway/server/plugins-http/route-capability.ts +++ b/src/gateway/server/plugins-http/route-capability.ts @@ -34,7 +34,7 @@ function resolvePluginNodeCapabilityRouteSurface( } /** Lists all node-capability routes matching the already canonicalized path context. */ -export function findMatchingPluginNodeCapabilityRoutes( +function findMatchingPluginNodeCapabilityRoutes( registry: PluginRegistry, context: PluginRoutePathContext, ): PluginNodeCapabilityRoute[] { diff --git a/src/gateway/server/plugins-http/route-match.ts b/src/gateway/server/plugins-http/route-match.ts index cb81627cf64..26c2984061e 100644 --- a/src/gateway/server/plugins-http/route-match.ts +++ b/src/gateway/server/plugins-http/route-match.ts @@ -13,7 +13,7 @@ import { type PluginHttpRouteEntry = NonNullable[number]; /** Returns true when a registered route matches any canonical request candidate. */ -export function doesPluginRouteMatchPath( +function doesPluginRouteMatchPath( route: PluginHttpRouteEntry, context: PluginRoutePathContext, ): boolean { diff --git a/src/gateway/session-child-sessions.ts b/src/gateway/session-child-sessions.ts index 8f0fa9eccec..69083887a2f 100644 --- a/src/gateway/session-child-sessions.ts +++ b/src/gateway/session-child-sessions.ts @@ -14,7 +14,7 @@ export type DirectChildSessionEntry = { }; /** Returns true when a session store row is a direct child of the parent key. */ -export function isDirectChildSessionEntry(params: { +function isDirectChildSessionEntry(params: { sessionKey: string; entry: SessionEntry | undefined; parentKey: string; diff --git a/src/gateway/session-utils.ts b/src/gateway/session-utils.ts index d756bccd835..c32af959b2d 100644 --- a/src/gateway/session-utils.ts +++ b/src/gateway/session-utils.ts @@ -1045,7 +1045,7 @@ export function loadSessionEntry(sessionKey: string, opts?: { agentId?: string; }; } -export function resolveFreshestSessionStoreMatchFromStoreKeys( +function resolveFreshestSessionStoreMatchFromStoreKeys( store: Record, storeKeys: string[], ): { key: string; entry: SessionEntry } | undefined { @@ -1570,7 +1570,7 @@ export function resolveGatewaySessionStoreTarget(params: { export { loadCombinedSessionStoreForGateway } from "../config/sessions/combined-store-gateway.js"; -export function resolveGatewaySessionThinkingDefault(params: { +function resolveGatewaySessionThinkingDefault(params: { cfg: OpenClawConfig; provider: string; model: string; diff --git a/src/infra/command-carriers.ts b/src/infra/command-carriers.ts index b091a4e82b8..8d78008f3b1 100644 --- a/src/infra/command-carriers.ts +++ b/src/infra/command-carriers.ts @@ -295,7 +295,7 @@ export function unwrapEnvInvocation(argv: string[]): string[] | null { } /** Resolve the command argv behind an `env` carrier, honoring bounded `env -S` recursion. */ -export function resolveEnvCarriedArgv(argv: string[], depth = 0): string[] | null { +function resolveEnvCarriedArgv(argv: string[], depth = 0): string[] | null { const parsed = parseEnvInvocationPrelude(argv, depth); return parsed ? (parsed.splitArgv ?? argv.slice(parsed.commandIndex)) : null; } diff --git a/src/infra/event-session-routing.ts b/src/infra/event-session-routing.ts index f4951e75f04..9c814f76c8b 100644 --- a/src/infra/event-session-routing.ts +++ b/src/infra/event-session-routing.ts @@ -93,7 +93,7 @@ export function parseDirectAgentSessionTarget( } /** Resolve the configured DM allowlist that applies to an event session. */ -export function resolveEventSessionAllowFrom(params: { +function resolveEventSessionAllowFrom(params: { cfg?: OpenClawConfig; sessionKey?: string | null; channel?: string | null; diff --git a/src/infra/exec-control-command-guard.ts b/src/infra/exec-control-command-guard.ts index 0d0bcda4d88..b5c8471b52e 100644 --- a/src/infra/exec-control-command-guard.ts +++ b/src/infra/exec-control-command-guard.ts @@ -11,7 +11,7 @@ type ParsedExecApprovalCommand = { export type UnsafeExecControlShellCommandKind = "approve" | "channel-login"; -export function parseExecApprovalShellCommand(raw: string): ParsedExecApprovalCommand | null { +function parseExecApprovalShellCommand(raw: string): ParsedExecApprovalCommand | null { const normalized = raw.trimStart(); const match = normalized.match( /^\/approve(?:@[^\s]+)?\s+([A-Za-z0-9][A-Za-z0-9._:-]*)\s+(allow-once|allow-always|always|deny)\b/i, diff --git a/src/infra/host-env-security.ts b/src/infra/host-env-security.ts index e17759b49ec..92835d2e03b 100644 --- a/src/infra/host-env-security.ts +++ b/src/infra/host-env-security.ts @@ -178,10 +178,7 @@ function sanitizeInheritedGitAllowProtocolValue(value: string): string { return safeProtocols.join(":"); } -export function sanitizeHostInheritedEnvEntry( - rawKey: string, - value: string, -): [string, string] | null { +function sanitizeHostInheritedEnvEntry(rawKey: string, value: string): [string, string] | null { const key = normalizeEnvVarKey(rawKey); if (!key) { return null; diff --git a/src/infra/kysely-sync.ts b/src/infra/kysely-sync.ts index a39a447d12c..18775db5bd7 100644 --- a/src/infra/kysely-sync.ts +++ b/src/infra/kysely-sync.ts @@ -32,7 +32,7 @@ export function getNodeSqliteKysely(db: DatabaseSync): Kysely( +function executeCompiledSqliteQuerySync( db: DatabaseSync, compiledQuery: CompiledQuery, ): QueryResult { diff --git a/src/infra/net/proxy/proxy-tls.ts b/src/infra/net/proxy/proxy-tls.ts index c3244e35df1..f45e3fad3c7 100644 --- a/src/infra/net/proxy/proxy-tls.ts +++ b/src/infra/net/proxy/proxy-tls.ts @@ -30,7 +30,7 @@ function isHttpsProxyUrl(value: string | undefined): boolean { } /** Resolves the configured managed proxy CA file, with env/CLI override first. */ -export function resolveManagedProxyCaFile(params: { +function resolveManagedProxyCaFile(params: { config?: ProxyConfig; caFileOverride?: string; }): string | undefined { diff --git a/src/infra/outbound/message-action-tts.ts b/src/infra/outbound/message-action-tts.ts index 5a87b101b34..0f0b66f0c2c 100644 --- a/src/infra/outbound/message-action-tts.ts +++ b/src/infra/outbound/message-action-tts.ts @@ -14,7 +14,7 @@ const loadMessageActionTtsRuntime = createLazyRuntimeModule( ); /** Reads the session-level TTS auto mode for a message-action send. */ -export function resolveMessageActionSessionTtsAuto(params: { +function resolveMessageActionSessionTtsAuto(params: { cfg: OpenClawConfig; sessionKey?: string; agentId?: string; diff --git a/src/infra/outbound/target-errors.ts b/src/infra/outbound/target-errors.ts index bbb312cda38..667787341bc 100644 --- a/src/infra/outbound/target-errors.ts +++ b/src/infra/outbound/target-errors.ts @@ -40,7 +40,7 @@ export function unknownTargetError(provider: string, raw: string, hint?: string) return new Error(unknownTargetMessage(provider, raw, hint)); } -export function reservedTargetLiteralMessage(provider: string, raw: string, hint?: string): string { +function reservedTargetLiteralMessage(provider: string, raw: string, hint?: string): string { return `Reserved target "${raw}" for ${provider} cannot be used as a literal destination. Provide an explicit id or handle.${formatTargetHint(hint, true)}`; } diff --git a/src/infra/promotions-feed.ts b/src/infra/promotions-feed.ts index 1390df7e47b..08162cd8226 100644 --- a/src/infra/promotions-feed.ts +++ b/src/infra/promotions-feed.ts @@ -194,7 +194,7 @@ export function markPromotionSlugsNotified(slugs: Iterable): void { } } -export function isPromotionWindowLive( +function isPromotionWindowLive( entry: Pick, nowMs: number, ): boolean { diff --git a/src/infra/stale-lock-file.ts b/src/infra/stale-lock-file.ts index 269561ff54d..c3981080235 100644 --- a/src/infra/stale-lock-file.ts +++ b/src/infra/stale-lock-file.ts @@ -10,7 +10,7 @@ export type LockFileOwnerPayload = { starttime?: number; }; -export function readLockFileOwnerPayload( +function readLockFileOwnerPayload( payload: Record | null, ): LockFileOwnerPayload | null { if (!payload) { diff --git a/src/infra/unhandled-rejections.ts b/src/infra/unhandled-rejections.ts index 3bf654c6f0f..90701dceeac 100644 --- a/src/infra/unhandled-rejections.ts +++ b/src/infra/unhandled-rejections.ts @@ -473,7 +473,7 @@ export function registerUnhandledRejectionHandler(handler: UnhandledRejectionHan }; } -export function isUnhandledRejectionHandled(reason: unknown): boolean { +function isUnhandledRejectionHandled(reason: unknown): boolean { for (const handler of handlers) { try { if (handler(reason)) { diff --git a/src/infra/update-check.ts b/src/infra/update-check.ts index 7d073fc3a1a..5030e37b39a 100644 --- a/src/infra/update-check.ts +++ b/src/infra/update-check.ts @@ -302,7 +302,7 @@ async function detectGitRoot(root: string): Promise { return top ? path.resolve(top) : null; } -export async function checkGitUpdateStatus(params: { +async function checkGitUpdateStatus(params: { root: string; timeoutMs?: number; fetch?: boolean; diff --git a/src/logging/diagnostic-stability-bundle.ts b/src/logging/diagnostic-stability-bundle.ts index 094f80aa12b..dbb2af6e951 100644 --- a/src/logging/diagnostic-stability-bundle.ts +++ b/src/logging/diagnostic-stability-bundle.ts @@ -225,7 +225,7 @@ function readSafeErrorMetadata(error: unknown): DiagnosticStabilityBundle["error }; } -export function resolveDiagnosticStabilityBundleDir( +function resolveDiagnosticStabilityBundleDir( options: DiagnosticStabilityBundleLocationOptions = {}, ): string { return path.join( diff --git a/src/logging/diagnostic-support-export.ts b/src/logging/diagnostic-support-export.ts index 96c2b6be0e5..086e82c1304 100644 --- a/src/logging/diagnostic-support-export.ts +++ b/src/logging/diagnostic-support-export.ts @@ -670,7 +670,7 @@ function resolveOutputPath(options: { return resolved; } -export async function buildDiagnosticSupportExport( +async function buildDiagnosticSupportExport( options: DiagnosticSupportExportOptions = {}, ): Promise { const env = options.env ?? process.env; diff --git a/src/media/input-files.ts b/src/media/input-files.ts index 2f76009b183..8e63ef7526c 100644 --- a/src/media/input-files.ts +++ b/src/media/input-files.ts @@ -161,7 +161,7 @@ export function normalizeMimeType(value: string | undefined): string | undefined } /** Parses a Content-Type header into normalized MIME and optional charset values. */ -export function parseContentType(value: string | undefined): { +function parseContentType(value: string | undefined): { mimeType?: string; charset?: string; } { diff --git a/src/plugins/activation-context.ts b/src/plugins/activation-context.ts index 181cce32d16..0f8b9cf1ef5 100644 --- a/src/plugins/activation-context.ts +++ b/src/plugins/activation-context.ts @@ -114,7 +114,7 @@ export function withActivatedPluginIds(params: { }; } -export function applyPluginCompatibilityOverrides(params: { +function applyPluginCompatibilityOverrides(params: { config?: OpenClawConfig; compat?: PluginActivationCompatConfig; env: NodeJS.ProcessEnv; @@ -183,7 +183,7 @@ function applyPluginAutoEnableForActivation(params: { }); } -export function resolvePluginActivationSnapshot(params: { +function resolvePluginActivationSnapshot(params: { rawConfig?: OpenClawConfig; resolvedConfig?: OpenClawConfig; autoEnabledReasons?: Record; @@ -220,7 +220,7 @@ export function resolvePluginActivationSnapshot(params: { }; } -export function resolvePluginActivationInputs(params: { +function resolvePluginActivationInputs(params: { rawConfig?: OpenClawConfig; resolvedConfig?: OpenClawConfig; autoEnabledReasons?: Record; diff --git a/src/plugins/api-lifecycle.ts b/src/plugins/api-lifecycle.ts index 759b0dee45c..b56f0de9361 100644 --- a/src/plugins/api-lifecycle.ts +++ b/src/plugins/api-lifecycle.ts @@ -25,7 +25,7 @@ const PLUGIN_API_METHOD_POLICIES: Partial { +function parseLinuxMountInfoMountPoints(mountInfo: string): Set { const mountPoints = new Set(); for (const line of mountInfo.split(/\r?\n/u)) { const trimmed = line.trim(); diff --git a/src/plugins/cli-registry-loader.ts b/src/plugins/cli-registry-loader.ts index 0563b595fd6..d719b08244e 100644 --- a/src/plugins/cli-registry-loader.ts +++ b/src/plugins/cli-registry-loader.ts @@ -131,7 +131,7 @@ async function resolvePrimaryCommandPluginIds( } /** Builds the runtime load context used for CLI-only plugin registry loading. */ -export function resolvePluginCliLoadContext(params: { +function resolvePluginCliLoadContext(params: { cfg?: OpenClawConfig; env?: NodeJS.ProcessEnv; logger: PluginLogger; @@ -143,7 +143,7 @@ export function resolvePluginCliLoadContext(params: { }); } -export async function loadPluginCliMetadataRegistryWithContext( +async function loadPluginCliMetadataRegistryWithContext( context: PluginCliLoadContext, params?: { primaryCommand?: string }, loaderOptions?: PluginCliLoaderOptions, @@ -156,7 +156,7 @@ export async function loadPluginCliMetadataRegistryWithContext( }; } -export async function loadPluginCliCommandRegistryWithContext(params: { +async function loadPluginCliCommandRegistryWithContext(params: { context: PluginCliLoadContext; primaryCommand?: string; loaderOptions?: PluginCliLoaderOptions; @@ -242,7 +242,7 @@ export async function loadPluginCliDescriptors( } } -export async function loadPluginCliRegistrationEntries(params: { +async function loadPluginCliRegistrationEntries(params: { cfg?: OpenClawConfig; env?: NodeJS.ProcessEnv; loaderOptions?: PluginCliLoaderOptions; diff --git a/src/plugins/config-activation-shared.ts b/src/plugins/config-activation-shared.ts index 3af6776a00c..bfd59322ba2 100644 --- a/src/plugins/config-activation-shared.ts +++ b/src/plugins/config-activation-shared.ts @@ -72,7 +72,7 @@ const PLUGIN_ACTIVATION_REASON_BY_CAUSE: Record = "bundled-disabled-by-default": "bundled (disabled by default)", }; -export function resolvePluginActivationReason( +function resolvePluginActivationReason( cause?: PluginActivationCause, reason?: string, ): string | undefined { @@ -298,11 +298,11 @@ export function resolvePluginActivationDecisionShared(params: { }; } -export function toEnableStateResult(state: EnableStateLike): { enabled: boolean; reason?: string } { +function toEnableStateResult(state: EnableStateLike): { enabled: boolean; reason?: string } { return state.enabled ? { enabled: true } : { enabled: false, reason: state.reason }; } -export function resolveEnableStateResult( +function resolveEnableStateResult( params: TParams, resolveState: (params: TParams) => EnableStateLike, ): { enabled: boolean; reason?: string } { diff --git a/src/plugins/embedding-provider-runtime.ts b/src/plugins/embedding-provider-runtime.ts index 2af97834796..b0019857056 100644 --- a/src/plugins/embedding-provider-runtime.ts +++ b/src/plugins/embedding-provider-runtime.ts @@ -15,7 +15,7 @@ import { export { listRegisteredEmbeddingProviders }; /** Lists embedding provider adapters registered directly with the process registry. */ -export function listRegisteredEmbeddingProviderAdapters(): EmbeddingProviderAdapter[] { +function listRegisteredEmbeddingProviderAdapters(): EmbeddingProviderAdapter[] { return listRegisteredEmbeddingProviders().map((entry) => entry.adapter); } @@ -28,7 +28,7 @@ export function listEmbeddingProviders(cfg?: OpenClawConfig): EmbeddingProviderA }); } -export function resolveConfiguredEmbeddingProviderId( +function resolveConfiguredEmbeddingProviderId( providerId: string, cfg?: OpenClawConfig, ): string | undefined { diff --git a/src/plugins/install-paths.ts b/src/plugins/install-paths.ts index fc6951d6598..6ecf2eee803 100644 --- a/src/plugins/install-paths.ts +++ b/src/plugins/install-paths.ts @@ -96,7 +96,7 @@ export function resolveDefaultPluginNpmDir( } /** Encodes an npm package name into a managed npm project directory name. */ -export function encodePluginNpmProjectDirName(packageName: string): string { +function encodePluginNpmProjectDirName(packageName: string): string { const trimmed = packageName.trim(); if (!trimmed) { throw new Error("invalid npm package name: missing"); @@ -130,7 +130,7 @@ export function resolvePluginNpmGenerationProjectDirPrefix(packageName: string): } /** Encodes a package generation fingerprint into a compact project directory suffix. */ -export function encodePluginNpmGenerationKeyDirName(generationKey: string): string { +function encodePluginNpmGenerationKeyDirName(generationKey: string): string { const digest = createHash("sha256").update(generationKey).digest("hex"); return `g-${digest.slice(0, PLUGIN_NPM_GENERATION_KEY_HASH_CHARS)}`; } diff --git a/src/plugins/manifest-registry-installed.ts b/src/plugins/manifest-registry-installed.ts index e64123f6933..34afe7a08c4 100644 --- a/src/plugins/manifest-registry-installed.ts +++ b/src/plugins/manifest-registry-installed.ts @@ -45,7 +45,7 @@ type InstalledPackageMetadata = { packageOptionalDependencies?: PluginDependencySpecMap; }; -export function clearInstalledManifestRegistryProcessCaches(): void { +function clearInstalledManifestRegistryProcessCaches(): void { installedPackageJsonPathCache.clear(); installedPackageMetadataCache.clear(); installedManifestRegistryRealpathCache.clear(); diff --git a/src/plugins/manifest.ts b/src/plugins/manifest.ts index 02d58b84576..ca4a4e139fd 100644 --- a/src/plugins/manifest.ts +++ b/src/plugins/manifest.ts @@ -1627,7 +1627,7 @@ export function normalizeManifestChannelCommandDefaults( : undefined; } -export function resolvePluginManifestPath(rootDir: string): string { +function resolvePluginManifestPath(rootDir: string): string { for (const filename of PLUGIN_MANIFEST_FILENAMES) { const candidate = path.join(rootDir, filename); if (fs.existsSync(candidate)) { diff --git a/src/plugins/native-module-require.ts b/src/plugins/native-module-require.ts index 925fffc74f2..0d3097249a3 100644 --- a/src/plugins/native-module-require.ts +++ b/src/plugins/native-module-require.ts @@ -151,7 +151,7 @@ function requireWithOptionalAliases( } /** Runs a native require block with temporary CJS/ESM alias hooks and restores both afterward. */ -export function withNativeRequireAliases( +function withNativeRequireAliases( aliasMap: Record | undefined, run: () => T, ): T { diff --git a/src/plugins/npm-project-roots.ts b/src/plugins/npm-project-roots.ts index 60aea85934a..bc679c7a50f 100644 --- a/src/plugins/npm-project-roots.ts +++ b/src/plugins/npm-project-roots.ts @@ -31,7 +31,7 @@ export function listManagedPluginNpmProjectRootsSync(npmRoot: string): string[] } /** Async variant of project-level managed npm root discovery. */ -export async function listManagedPluginNpmProjectRoots(npmRoot: string): Promise { +async function listManagedPluginNpmProjectRoots(npmRoot: string): Promise { const projectsDir = resolvePluginNpmProjectsDir(npmRoot); try { return sortPaths( diff --git a/src/plugins/openai-compatible-embedding-provider.ts b/src/plugins/openai-compatible-embedding-provider.ts index 1d2de4bb605..a17e4e8cfda 100644 --- a/src/plugins/openai-compatible-embedding-provider.ts +++ b/src/plugins/openai-compatible-embedding-provider.ts @@ -392,7 +392,7 @@ async function postEmbeddingRequest(params: { } /** Creates a normalized OpenAI-compatible embedding client from runtime config. */ -export async function createOpenAICompatibleEmbeddingClient( +async function createOpenAICompatibleEmbeddingClient( options: EmbeddingProviderCreateOptions, ): Promise { const configuredProvider = resolveConfiguredProvider(options); diff --git a/src/plugins/provider-catalog-result.ts b/src/plugins/provider-catalog-result.ts index 988a482b9ce..2e284f7abf2 100644 --- a/src/plugins/provider-catalog-result.ts +++ b/src/plugins/provider-catalog-result.ts @@ -115,7 +115,7 @@ function copyProviderCatalogModel(model: unknown): ModelDefinitionConfig | undef } /** Copies the supported provider config fields from a provider catalog result. */ -export function copyProviderCatalogProviderConfig( +function copyProviderCatalogProviderConfig( providerConfig: unknown, ): ModelProviderConfig | undefined { if (!isRecord(providerConfig)) { diff --git a/src/plugins/provider-discovery.runtime.ts b/src/plugins/provider-discovery.runtime.ts index 602dd88504a..7a31db754a9 100644 --- a/src/plugins/provider-discovery.runtime.ts +++ b/src/plugins/provider-discovery.runtime.ts @@ -52,7 +52,7 @@ function resolveProviderDiscoveryDependencyRoot(rootDir: string): string { return rootDir; } -export function clearProviderDiscoveryModuleLoaders(): void { +function clearProviderDiscoveryModuleLoaders(): void { providerDiscoveryModuleLoaders.clear(); for (const [modulePath, rootDir] of providerDiscoveryModuleRoots) { clearNativeRequireJavaScriptModuleCache(modulePath, { dependencyRoot: rootDir }); diff --git a/src/plugins/runtime/runtime-plugin-boundary.ts b/src/plugins/runtime/runtime-plugin-boundary.ts index 72e967e2a6e..eee78779d31 100644 --- a/src/plugins/runtime/runtime-plugin-boundary.ts +++ b/src/plugins/runtime/runtime-plugin-boundary.ts @@ -19,7 +19,7 @@ type PluginRuntimeRecord = { source: string; }; -export function readPluginBoundaryConfigSafely() { +function readPluginBoundaryConfigSafely() { try { return getRuntimeConfig(); } catch { diff --git a/src/plugins/web-provider-public-artifacts.explicit.ts b/src/plugins/web-provider-public-artifacts.explicit.ts index b84cd8ba475..6fd09757644 100644 --- a/src/plugins/web-provider-public-artifacts.explicit.ts +++ b/src/plugins/web-provider-public-artifacts.explicit.ts @@ -153,7 +153,7 @@ export function loadBundledWebFetchProviderEntriesFromDir(params: { }); } -export function loadBundledRuntimeWebFetchProviderEntriesFromDir(params: { +function loadBundledRuntimeWebFetchProviderEntriesFromDir(params: { dirName: string; pluginId: string; }): PluginWebFetchProviderEntry[] | null { diff --git a/src/proxy-capture/coverage.ts b/src/proxy-capture/coverage.ts index b058f2ccd0e..e008d085de7 100644 --- a/src/proxy-capture/coverage.ts +++ b/src/proxy-capture/coverage.ts @@ -125,7 +125,7 @@ const DEBUG_PROXY_COVERAGE_ENTRIES: readonly DebugProxyCoverageEntry[] = [ let warnedCoverageSessionKey: string | null = null; -export function listDebugProxyCoverageEntries(): DebugProxyCoverageEntry[] { +function listDebugProxyCoverageEntries(): DebugProxyCoverageEntry[] { // Return copies because callers may render/sort/filter entries for CLI output. return DEBUG_PROXY_COVERAGE_ENTRIES.map((entry) => ({ ...entry, @@ -133,7 +133,7 @@ export function listDebugProxyCoverageEntries(): DebugProxyCoverageEntry[] { })); } -export function summarizeDebugProxyCoverage( +function summarizeDebugProxyCoverage( entries: readonly DebugProxyCoverageEntry[] = DEBUG_PROXY_COVERAGE_ENTRIES, ): DebugProxyCoverageSummary { let captured = 0; diff --git a/src/secrets/auth-profiles-scan.ts b/src/secrets/auth-profiles-scan.ts index 00dceb2e900..703c40de338 100644 --- a/src/secrets/auth-profiles-scan.ts +++ b/src/secrets/auth-profiles-scan.ts @@ -82,7 +82,7 @@ const AUTH_PROFILE_FIELD_SPEC_BY_TYPE = (() => { })(); /** Returns the value/ref field names for one auth-profile credential type. */ -export function getAuthProfileFieldSpec(type: AuthProfileCredentialType): AuthProfileFieldSpec { +function getAuthProfileFieldSpec(type: AuthProfileCredentialType): AuthProfileFieldSpec { return AUTH_PROFILE_FIELD_SPEC_BY_TYPE[type]; } diff --git a/src/secrets/channel-env-vars.ts b/src/secrets/channel-env-vars.ts index 0dafb39339e..5a6d95afc08 100644 --- a/src/secrets/channel-env-vars.ts +++ b/src/secrets/channel-env-vars.ts @@ -18,7 +18,7 @@ type ChannelEnvVarLookupParams = { * Resolves plugin-declared channel environment variable names keyed by channel id. * The result is deterministic so env-shell docs and prompt snapshots stay stable. */ -export function resolveChannelEnvVars( +function resolveChannelEnvVars( params?: ChannelEnvVarLookupParams, ): Record { const snapshot = loadPluginMetadataSnapshot({ diff --git a/src/secrets/legacy-secretref-env-marker.ts b/src/secrets/legacy-secretref-env-marker.ts index 0a792a2f087..8da723de267 100644 --- a/src/secrets/legacy-secretref-env-marker.ts +++ b/src/secrets/legacy-secretref-env-marker.ts @@ -41,7 +41,7 @@ function toCandidate( /** * Finds legacy env marker strings on registered secret targets without mutating config. */ -export function collectLegacySecretRefEnvMarkerCandidates( +function collectLegacySecretRefEnvMarkerCandidates( config: OpenClawConfig, ): LegacySecretRefEnvMarkerCandidate[] { const defaults = config.secrets?.defaults; diff --git a/src/secrets/provider-env-vars.ts b/src/secrets/provider-env-vars.ts index 94afb468849..44492e94f7e 100644 --- a/src/secrets/provider-env-vars.ts +++ b/src/secrets/provider-env-vars.ts @@ -345,7 +345,7 @@ export function resolveProviderAuthLookupMaps( } /** Resolves env vars used by setup, default SecretRefs, and broad secret scrubbing. */ -export function resolveProviderEnvVars( +function resolveProviderEnvVars( params?: ProviderEnvVarLookupParams, ): Record { return { diff --git a/src/secrets/runtime-fast-path.ts b/src/secrets/runtime-fast-path.ts index 972daa4c526..6366ae21339 100644 --- a/src/secrets/runtime-fast-path.ts +++ b/src/secrets/runtime-fast-path.ts @@ -110,7 +110,7 @@ function hasCandidateAuthProfileStoreSource(agentDir: string): boolean { /** * Returns whether auth profile files or OAuth state exist for candidate agent dirs. */ -export function hasCandidateAuthProfileStoreSources(params: { +function hasCandidateAuthProfileStoreSources(params: { config: OpenClawConfig; env: NodeJS.ProcessEnv | Record; agentDirs?: string[]; diff --git a/src/secrets/runtime-state.ts b/src/secrets/runtime-state.ts index b5edc808a45..2f45d7fe5e9 100644 --- a/src/secrets/runtime-state.ts +++ b/src/secrets/runtime-state.ts @@ -51,7 +51,7 @@ const preparedSnapshotRefreshContext = new WeakMap< /** * Clones refresh context while preserving callback identity and isolating mutable maps/config. */ -export function cloneSecretsRuntimeRefreshContext( +function cloneSecretsRuntimeRefreshContext( context: SecretsRuntimeRefreshContext, ): SecretsRuntimeRefreshContext { const cloned: SecretsRuntimeRefreshContext = { diff --git a/src/security/audit.ts b/src/security/audit.ts index b2dfdd899d9..da1ace2e0a5 100644 --- a/src/security/audit.ts +++ b/src/security/audit.ts @@ -306,7 +306,7 @@ function buildSecurityAuditSuppressionsActiveFinding(params: { }; } -export function applySecurityAuditSuppressions( +function applySecurityAuditSuppressions( findings: SecurityAuditFinding[], suppressions: SecurityAuditSuppression[] | undefined, ): { findings: SecurityAuditFinding[]; suppressedFindings: SecurityAuditSuppressedFinding[] } { @@ -1153,7 +1153,7 @@ function collectAgentSkillMcpBoundaryScopes(cfg: OpenClawConfig): AgentSkillMcpB }); } -export async function collectAgentSkillMcpBoundaryFindings(params: { +async function collectAgentSkillMcpBoundaryFindings(params: { cfg: OpenClawConfig; stateDir: string; }): Promise { diff --git a/src/security/installed-plugin-dirs.ts b/src/security/installed-plugin-dirs.ts index b17f9b75dd9..e6105f733d6 100644 --- a/src/security/installed-plugin-dirs.ts +++ b/src/security/installed-plugin-dirs.ts @@ -9,7 +9,7 @@ const IGNORED_INSTALLED_PLUGIN_DIR_NAMES = new Set(["node_modules", ".openclaw-i * Decide whether an installed-plugin directory should be skipped by security audits. * This filters generated install debris while keeping real plugin roots visible to scans. */ -export function shouldIgnoreInstalledPluginDirName(name: string): boolean { +function shouldIgnoreInstalledPluginDirName(name: string): boolean { const normalized = normalizeOptionalLowercaseString(name); if (!normalized) { return true; diff --git a/src/sessions/input-provenance.ts b/src/sessions/input-provenance.ts index 42066cac24a..ca0663aee80 100644 --- a/src/sessions/input-provenance.ts +++ b/src/sessions/input-provenance.ts @@ -114,9 +114,7 @@ export function hasInterSessionUserProvenance( // Prefix text is model-facing safety context for inter-session handoffs. It // states source metadata and explicitly prevents treating the payload as direct // end-user instruction. -export function buildInterSessionPromptPrefix( - inputProvenance: InputProvenance | undefined, -): string { +function buildInterSessionPromptPrefix(inputProvenance: InputProvenance | undefined): string { const provenance = inputProvenance?.kind === "inter_session" ? inputProvenance : undefined; const details = [ provenance?.sourceSessionKey ? `sourceSession=${provenance.sourceSessionKey}` : undefined, diff --git a/src/sessions/session-chat-type-shared.ts b/src/sessions/session-chat-type-shared.ts index 22f7acdffcb..b4612b478c5 100644 --- a/src/sessions/session-chat-type-shared.ts +++ b/src/sessions/session-chat-type-shared.ts @@ -93,7 +93,7 @@ function deriveBuiltInLegacySessionChatType( return undefined; } -export function deriveSessionChatTypeFromScopedKey( +function deriveSessionChatTypeFromScopedKey( scopedSessionKey: string, deriveLegacySessionChatTypes: Array< (scopedSessionKey: string) => SessionKeyChatType | undefined diff --git a/src/shared/device-pairing-access.ts b/src/shared/device-pairing-access.ts index e0db38b1638..f0156ed1e00 100644 --- a/src/shared/device-pairing-access.ts +++ b/src/shared/device-pairing-access.ts @@ -66,7 +66,7 @@ function includesAll(allowed: readonly string[], requested: readonly string[]): } /** Normalizes requested roles/scopes from pending pairing records, including legacy singular role. */ -export function summarizePendingDeviceAccess(request: PendingLike): DevicePairingAccessSummary { +function summarizePendingDeviceAccess(request: PendingLike): DevicePairingAccessSummary { return { roles: normalizeRoleList(request.roles, request.role), scopes: normalizeDeviceAuthScopes(request.scopes), @@ -74,7 +74,7 @@ export function summarizePendingDeviceAccess(request: PendingLike): DevicePairin } /** Summarizes currently approved device access, excluding roles whose tokens are revoked. */ -export function summarizeApprovedDeviceAccess(device: PairedLike): DevicePairingAccessSummary { +function summarizeApprovedDeviceAccess(device: PairedLike): DevicePairingAccessSummary { const approvedRoles = normalizeRoleList(device.roles, device.role); const tokenList = Array.isArray(device.tokens) ? device.tokens diff --git a/src/skills/config/mutations.ts b/src/skills/config/mutations.ts index f2ad1ccb552..89b22e3d39d 100644 --- a/src/skills/config/mutations.ts +++ b/src/skills/config/mutations.ts @@ -4,7 +4,7 @@ import { REDACTED_SENTINEL } from "../../config/redact-snapshot.js"; import type { OpenClawConfig } from "../../config/types.openclaw.js"; import { normalizeSecretInput } from "../../utils/normalize-secret-input.js"; -export function patchSkillConfigEntry( +function patchSkillConfigEntry( cfg: OpenClawConfig, skillKey: string, patch: { enabled?: boolean; apiKey?: string; env?: Record }, diff --git a/src/skills/loading/workspace.ts b/src/skills/loading/workspace.ts index 4491ce081f5..26d7de744c6 100644 --- a/src/skills/loading/workspace.ts +++ b/src/skills/loading/workspace.ts @@ -530,7 +530,7 @@ function resolveContainedSkillPath(params: { return null; } -export function resolveNestedSkillsRoot( +function resolveNestedSkillsRoot( dir: string, opts?: { maxEntriesToScan?: number; diff --git a/src/tasks/task-flow-registry.ts b/src/tasks/task-flow-registry.ts index 3be98d4c41f..7333df1e272 100644 --- a/src/tasks/task-flow-registry.ts +++ b/src/tasks/task-flow-registry.ts @@ -202,7 +202,7 @@ function resolveFlowBlockedSummary( ); } -export function deriveTaskFlowStatusFromTask( +function deriveTaskFlowStatusFromTask( task: Pick, ): TaskFlowStatus { if (task.status === "queued") { diff --git a/src/tasks/task-registry.audit.ts b/src/tasks/task-registry.audit.ts index 3bcdb242410..a59d468bfba 100644 --- a/src/tasks/task-registry.audit.ts +++ b/src/tasks/task-registry.audit.ts @@ -187,10 +187,7 @@ export function listTaskAuditFindings(options: TaskAuditOptions = {}): TaskAudit return findings.toSorted(compareFindings); } -export function isRetainedLostTaskAuditFinding( - finding: TaskAuditFinding, - now = Date.now(), -): boolean { +function isRetainedLostTaskAuditFinding(finding: TaskAuditFinding, now = Date.now()): boolean { const cleanupAfter = resolveEffectiveTaskCleanupAfter(finding.task); return ( finding.code === "lost" && diff --git a/src/tasks/task-registry.maintenance.ts b/src/tasks/task-registry.maintenance.ts index 1c77edd31af..b91594bed8c 100644 --- a/src/tasks/task-registry.maintenance.ts +++ b/src/tasks/task-registry.maintenance.ts @@ -883,7 +883,7 @@ function reconcileTaskRecordForOperatorInspectionWithContexts( return projectTaskLost(task, now, backingSessionContext); } -export function reconcileTaskRecordForOperatorInspection( +function reconcileTaskRecordForOperatorInspection( task: TaskRecord, context: CronRecoveryContext = createCronRecoveryContext(), ): TaskRecord { diff --git a/src/trajectory/command-export.ts b/src/trajectory/command-export.ts index 54d46cc1d1d..9014f04c5c4 100644 --- a/src/trajectory/command-export.ts +++ b/src/trajectory/command-export.ts @@ -69,7 +69,7 @@ async function resolveTrajectoryExportBaseDir(workspaceDir: string): Promise<{ return { baseDir: path.resolve(baseDir), realBase }; } -export async function resolveTrajectoryCommandOutputDir(params: { +async function resolveTrajectoryCommandOutputDir(params: { outputPath?: string; workspaceDir: string; sessionId: string; diff --git a/src/utils/delivery-context.shared.ts b/src/utils/delivery-context.shared.ts index 7bdc528c1e4..7d74faded00 100644 --- a/src/utils/delivery-context.shared.ts +++ b/src/utils/delivery-context.shared.ts @@ -84,9 +84,7 @@ export function deliveryContextFromChannelRoute( } /** Converts delivery context fields into the SDK channel route reference shape. */ -export function channelRouteFromDeliveryContext( - context?: DeliveryContext, -): ChannelRouteRef | undefined { +function channelRouteFromDeliveryContext(context?: DeliveryContext): ChannelRouteRef | undefined { return normalizeChannelRouteTarget(normalizeDeliveryContext(context)); }