mirror of
https://github.com/larksuite/cli.git
synced 2026-07-07 17:20:00 +08:00
feat/sidecar-remote-https
7 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
|
|
bbef3cbfb1 |
feat(mail): HTML lint library + Larksuite-native autofix + lark-mail … (#1019)
* feat(mail): HTML lint library + Larksuite-native autofix + lark-mail skill 为 lark-cli mail 域写信链路引入 HTML lint 能力,提升邮件 HTML 的兼容性、 安全性与 Larksuite-native 格式适配。 lint 库(shortcuts/mail/lint/): - 四档分类:pass / native-autofix / warn-autofix / error-strip - 安全规则覆盖 script / iframe / on* 事件处理器 / javascript: 及其它 危险 URL scheme 等 XSS 向量,未知 scheme 一律删除并归 error - Larksuite-native 格式自动修复:双层 div 段落、原生多级列表结构、 灰边引用、Larksuite 蓝链接 - cleaned_html 输出确定性稳定(位置索引派生 data-ol-id),便于 golden-file 测试与缓存 +lint-html 独立预检 shortcut: - 只读、不调 API、不建草稿,供 AI / 用户 / CI 在写信前预览 lint 结果 写入路径内置 lint(6 个 compose shortcut): - +send / +draft-create / +draft-edit / +reply / +reply-all / +forward 在 emlbuilder 之前强制 lint 净化 HTML - 默认 envelope 对 lint 改动透明(无 lint 字段),保持小巧供 AI 消费; --show-lint-details 显式取证返回 lint_applied[] / original_blocked[] - --body-file 支持从文件读取 body(32MB 上限),与 --body 互斥 预制 HTML 邮件模板(skills/lark-mail/assets/templates/): - 资讯周报 / 个人周报 / 团队周报 / 调研报告 / 求职简历 5 套 - 按 Larksuite mail-editor 原生格式编写,含正确的多级列表嵌套结构 lark-mail skill 文档: - references/lark-mail-html.md:邮件 HTML 写法指南(24 个格式 section + 颜色调色盘 + URL scheme + 官方模板套用流程) - references/lark-mail-lint-html.md:+lint-html 用法 - SKILL.md 顶部 CRITICAL 引导 * fix(mail): remove unused readAttr func and apply gofmt Drop the unused `readAttr` helper in shortcuts/mail/lint/linter.go that was flagged by golangci-lint (unused linter). Apply gofmt to linter.go and rules.go which had minor formatting issues. * fix(mail): address compose lint and guidance |
||
|
|
ab94ee9f54 |
feat(mail): add +draft-send shortcut for batch draft sending (#1017)
Add `lark-cli mail +draft-send` shortcut that takes one or more existing
draft IDs and sends each via POST /drafts/:draft_id/send sequentially.
Per-draft failures are isolated and aggregated into a structured output;
fatal failures (auth, permission, network, mailbox quota) abort the
entire batch immediately while recoverable failures honor --stop-on-error.
Also extend internal/output with six mail-send-specific errno constants
(LarkErrMailboxNotFound=4013, LarkErrMailSendQuota{User,UserExt,TenantExt},
LarkErrMailQuota, LarkErrTenantStorageLimit) consumed by isFatalSendErr.
Risk is "high-risk-write" so the framework's --yes gate applies; the
shortcut declares only the minimal mail:user_mailbox.message:send scope
to avoid asking users for permissions it does not need.
|
||
|
|
af2398d636 |
feat(mail): add email template management + --template-id on compose (#642)
- `mail +template-create` / `mail +template-update` — manage personal
email templates (name, subject, body, recipients, attachments,
inline images).
- `--template-id` on `+send` / `+draft-create` / `+reply` /
`+reply-all` / `+forward` — apply a saved template when composing.
Recipients / subject / body / attachments merge into the draft;
explicit user flags take precedence.
|
||
|
|
2e7a11a8e8 |
feat(mail): support sharing emails to IM chats (#637)
* feat(mail): add +share-to-chat shortcut to share emails as IM cards Two-step API (create share token → send card) wrapped in a single shortcut. Supports message-id/thread-id, five receive-id-type variants (chat_id, open_id, user_id, union_id, email), and dry-run mode. Change-Id: Ic7b8c01c0d25fef262f35be92555f1fd019bd679 Co-Authored-By: AI * fix(mail): regenerate SKILL.md from skill-template instead of manual edit Add missing safety rule 8 (draft link rule) to skill-template/domains/mail.md so it survives regeneration. SKILL.md is now produced by `make gen-skills` in the registry repo rather than hand-edited. Change-Id: I9cf3605deae8b6de2042e40819fedc304967e78e Co-Authored-By: AI * fix(mail): add docstrings and use real validation path in tests - Add Go doc comments to exported symbols for docstring coverage - Rewrite tests to exercise MailShareToChat.Validate via RuntimeContext instead of duplicating validation logic - Replace hand-rolled containsStr with strings.Contains - Add httpmock stubs for execute and error path tests Change-Id: Ic781494f61e9e844224185844bce7b0c48e8e200 Co-Authored-By: AI * test(mail): add dry-run E2E test for +share-to-chat Validate request shape (method, URL, mailbox path) under --dry-run with fake credentials. Covers message-id, thread-id, and custom mailbox variants. Change-Id: Iae87bf141cbe4f312d3e9b1fca4ba175052c5c35 Co-Authored-By: AI * fix(mail): include request body and params in dry-run output DryRun now mirrors Execute: the share-token POST shows message_id or thread_id, and the send POST shows receive_id_type and receive_id. E2E test updated to assert these fields. Also fix strconv.Itoa usage. Change-Id: I00f8770fd5a12b7354986c5e5077f97cfe5d6653 * style(mail): gofmt dry-run test file Change-Id: I47dc6a9a47252dcfb7853737f88dfdaef65a0ae7 * test(mail): assert exact API call count in dry-run test Change-Id: I9f4a1a183b55d03f5248eb4adddfddb08037ca95 |
||
|
|
d92f0a2204 |
feat(mail): add read receipt support (--request-receipt, +send-receipt, +decline-receipt)
End-to-end RFC 3798 Message Disposition Notification support, covering
both sides of the receipt flow — requesting a receipt when composing, and
responding to one (send or decline) when reading.
Request side (compose)
- New --request-receipt flag on +send / +reply / +reply-all / +forward /
+draft-create / +draft-edit. When set, the outgoing EML carries a
Disposition-Notification-To header (RFC 3798) addressed to the resolved
sender. Recipient mail clients may prompt the user, auto-send a receipt,
or silently ignore — delivery is not guaranteed.
- requireSenderForRequestReceipt gates the flag against a controlled
sender address resolved BEFORE the orig.headTo fallback in +reply /
+reply-all / +forward, so the DNT cannot silently land on someone else
in CC / shared-mailbox flows.
Response side
- +send-receipt: build a system-templated reply for messages carrying the
READ_RECEIPT_REQUEST label (-607). Subject / recipient / sent / read
time layout matches the Lark client; body is non-customizable — receipt
bodies are system templates by industry convention; free-form notes
belong in +reply. Risk:"high-risk-write" + --yes required.
- +decline-receipt: clear READ_RECEIPT_REQUEST without sending anything
(mirrors the client's "不发送" / "Don't send" button). Idempotent on
re-run; Risk:"write" — no --yes needed.
Read-path hints
- +message / +messages / +thread emit a stderr hint when surfacing a
mail carrying READ_RECEIPT_REQUEST, exposing BOTH response paths
(+send-receipt --yes / +decline-receipt) so agents present a real
choice to the user instead of silently auto-sending.
Guard rails
- +send / +reply / +reply-all / +forward stay draft-by-default and
require --confirm-send to send, gated by a dynamic scope check for
mail:user_mailbox.message:send (absent from the default scope set so
draft-only flows don't need the sensitive permission).
- All header-bound user input (sender / display name / recipient /
subject) goes through CR/LF rejection plus Bidi / zero-width / line-
separator guards, mirroring emlbuilder.validateHeaderValue, to block
header injection and visual spoofing.
- Hint output strips terminal control characters (CR, LF) from any
untrusted field embedded into the user-visible suggestion.
Backend coupling
- Outgoing receipt EML carries the private header
X-Lark-Read-Receipt-Mail: 1. The data-access backend parses it into
BodyExtra.IsReadReceiptMail; DraftSend then applies READ_RECEIPT_SENT
(-608) and clears READ_RECEIPT_REQUEST (-607) from the original
message, closing the client-side banner.
- en receipts require backend TCC SubjectPrefixListForAdvancedSearch to
include "Read Receipt:" for conversation-view aggregation; zh prefix
("已读回执:") is already configured.
Docs: new reference pages for +send-receipt / +decline-receipt;
--request-receipt noted on each compose-side reference; SKILL.md
workflow (section 9) describes the full privacy-safe decision tree on
both sides.
Tests cover emlbuilder DispositionNotificationTo / IsReadReceiptMail
helpers, receiptMetaLabels (zh / en), buildReceiptSubject, text and HTML
body generators (with HTML escaping and Bidi guards), header-injection
defenses, sender-resolution gating (CC-only / shared-mailbox regression),
hint emission paths, and the full +send-receipt / +decline-receipt happy
+ idempotent paths via httpmock.
|
||
|
|
5fa68ccaa0 |
feat(mail): add email signature support (#485)
* feat(mail): add signature foundation, draft exports, and +signature shortcut - Add signature data model, API provider, and template variable interpolation with tests (shortcuts/mail/signature/) - Export signature-related symbols from draft package (SignatureWrapperClass, BuildSignatureHTML, FindMatchingCloseDiv, SplitAtQuote, RemoveSignatureHTML, SignatureSpacing, SignatureImage) for use by compose shortcuts - Add +signature shortcut for listing and viewing email signatures - Add signature reference documentation Change-Id: I62525e7b475692ada9ec8590b6d0252cf5afcdbc Co-Authored-By: AI * feat(mail): add --signature-id to all compose shortcuts - Add --signature-id flag to +draft-create, +send, +reply, +reply-all, +forward for inserting a signature into the email body - Add signature image download with SSRF protection (https enforcement, no token leak, context timeout, size limit) - Add signature HTML insertion with quote-aware placement - Update compose shortcut reference docs Change-Id: Ic5606bab7826a20364084898ad1714778e5a8bd0 Co-Authored-By: AI * feat(mail): add signature insert/remove ops for +draft-edit - Add insert_signature and remove_signature patch operations with old-signature MIME cleanup and case-insensitive CID matching - Expose signature ops in supported_ops flat list - Update SKILL.md and draft-edit reference docs Change-Id: I74affbf555e32351520f610ef42195f399a265d9 Co-Authored-By: AI * test(mail): add unit tests for signature patch operations Test insert_signature and remove_signature ops: - Insert into basic HTML body - Insert before quote block (reply/forward) - Replace existing signature - Error on plain-text-only draft - Remove existing signature - Error when no signature present Change-Id: Icd713552b130d6eb461ef1cabca61e82327f4f0b Co-Authored-By: AI * fix(mail): address reviewer findings on signature PR - Remove --device flag and device field from docs (not exposed in CLI) - Fix signature interpolation to match --from alias address in send_as list, instead of always using the primary mailbox address - Update lark-mail-signature.md reference doc Change-Id: I65f41a029cd33b17785e2355a99d042063962d23 Co-Authored-By: AI * fix(mail): resolve lint issues — remove unused code, fix gofmt - Remove unused cidSrcRe, collectSignatureCIDs, isCIDReferencedInHTML from signature_html.go (CID logic lives in draft/patch.go) - Remove unused strings import - Run gofmt on all affected files Change-Id: Ie142744a7ab17acf440dc69a5a78cefb3ce6c341 Co-Authored-By: AI * fix(mail): use draft From address for signature interpolation in +draft-edit Moved signature resolution after draft fetch+parse so insert_signature reads the From header from the existing draft. This ensures alias and shared-mailbox senders get correct template variable values (B-NAME, B-ENTERPRISE-EMAIL) instead of falling back to the primary address. Change-Id: I917016b17176090124814f30e8e15c67f1604de0 Co-Authored-By: AI |
||
|
|
83dfb068ad |
feat: open-source lark-cli — the official CLI for Lark/Feishu
Change-Id: I113d9cdb5403cec347efe4595415e34a18b7decf |