Skip to content

add wecom and wecomApp#474

Open
swordkee wants to merge 3 commits intosipeed:mainfrom
swordkee:main
Open

add wecom and wecomApp#474
swordkee wants to merge 3 commits intosipeed:mainfrom
swordkee:main

Conversation

@swordkee
Copy link

@swordkee swordkee commented Feb 19, 2026

📝 Description

🗣️ Type of Change

  • 🐞 Bug fix (non-breaking change which fixes an issue)
  • ✨ New feature (non-breaking change which adds functionality)
  • 📖 Documentation update
  • ⚡ Code refactoring (no functional changes, no api changes)

🤖 AI Code Generation

  • 🤖 Fully AI-generated (100% AI, 0% Human)
  • 🛠️ Mostly AI-generated (AI draft, Human verified/modified)
  • 👨‍💻 Mostly Human-written (Human lead, AI assisted or none)

🔗 Related Issue

📚 Technical Context (Skip for Docs)

  • Reference URL:
  • Reasoning:

🧪 Test Environment

  • Hardware:
  • OS:
  • Model/Provider:
  • Channels:

📸 Evidence (Optional)

Click to view Logs/Screenshots

☑️ Checklist

  • My code/docs follow the style of this project.
  • I have performed a self-review of my own changes.
  • I have updated the documentation accordingly.

Copy link

@nikolasdehor nikolasdehor left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The WeCom integration adds useful channel support, but there are several issues that should be addressed before merging.

Missing error handling / security concerns:

  1. No tests included: This PR adds ~1100 lines of Go code across wecom.go (466 lines) and wecom_app.go (629 lines) with zero test files. At minimum, the AES decryption, signature verification, and XML parsing paths need unit tests — these are security-critical code paths.

  2. Config watcher (pkg/config/watcher.go): This adds a 258-line file watcher that is unrelated to WeCom. It should be a separate PR. Mixing orthogonal features makes review harder and increases merge conflict surface.

  3. allow_from field inconsistency: The README docs use allow_from (snake_case) for WeCom but some existing channels use allowFrom (camelCase). The config struct should be consistent with the rest of the codebase.

  4. Missing context.Context propagation: The WeCom HTTP handler should accept and pass through context.Context for proper cancellation support, consistent with how other channels (LINE, MaixCam) handle it.

  5. Hardcoded timeout values: The 5-second WeCom reply deadline is mentioned in docs but I do not see a configurable timeout in the code or config struct. This should be a config option.

  6. loop.go changes: The diff shows 18 additions / 21 deletions in loop.go — these changes should be reviewed carefully to ensure they do not affect existing channel behavior. Please describe what changed in the agent loop and why it was necessary for WeCom support.

Please split the config watcher into a separate PR and add tests for the security-critical paths (AES decryption, signature verification).

@swordkee swordkee changed the title add wecom and wecomApp and config monitor add wecom and wecomApp Feb 20, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants

Comments