fix: harden stripToolCallLeaks regex for CJK/non-ASCII garbage tokens

The previous regex used \w+ for descriptor tokens between the function
name and JSON body, which only matches ASCII word characters. Model
hallucinations often inject CJK/non-ASCII text (e.g. 彩神争霸) in this
position. Switch to (?:\s+[^\s{}]+)+ to match any whitespace-separated
non-brace tokens regardless of character set.

Also removes stale backward-compat re-exports from index.ts and updates
the test import for composeDashboardContent.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Eyejoker
2026-03-25 18:06:31 +09:00
parent 6806001ed6
commit c89242b6dd
4 changed files with 26 additions and 8 deletions

View File

@@ -70,10 +70,6 @@ import {
stopTokenRefreshLoop,
} from './token-refresh.js';
// Re-export for backwards compatibility during refactor
export { escapeXml, formatMessages } from './router.js';
export { composeDashboardContent } from './dashboard-render.js';
// Token rotation is initialized lazily on first use or at startup below
export async function sendFormattedChannelMessage(