release: prepare v0.2.0

Author: MackDing

README.md

@@ -86,6 +86,12 @@ npm run healthcheck
 npm run healthcheck:live
 ```
 
+For live checks, configure your own local `.env` values after startup and keep the output local.
+
+- do not commit or paste live output containing bot usernames, chat IDs, thread IDs, or other environment-specific identifiers
+- use your own `BOT_TOKEN`, `ALLOWED_USER_IDS`, and Codex credentials locally
+- for GitHub Actions, set `TELEGRAM_BOT_TOKEN`, `TELEGRAM_EXPECTED_USERNAME`, and `TELEGRAM_SMOKE_CHAT_ID` in repository secrets instead of hardcoding them
+
 ## Development Commands
 
 - `npm run start` - start the bot
@@ -378,10 +384,12 @@ Repository secrets for live smoke checks:
 - `TELEGRAM_EXPECTED_USERNAME` (optional)
 - `TELEGRAM_SMOKE_CHAT_ID` (optional)
 
+Keep live verification output out of git history and release notes. Bot usernames, thread IDs, and chat IDs are environment-specific operator data and should be configured by each user locally or through GitHub secrets.
+
 Recommended local release gate:
 
 ```bash
-npm run release:check
+BOT_TOKEN=dummy-token ALLOWED_USER_IDS=1 npm run release:check
 npm run healthcheck:live
 ```
 

docs/operations.md

@@ -45,6 +45,8 @@ npm run healthcheck:strict
 npm run healthcheck:live
 ```
 
+Use your own local `.env` values or CI secrets for live checks. Do not commit or paste live output that includes bot usernames, chat IDs, or Codex thread IDs.
+
 What the health check validates:
 
 - workspace and runner directories exist
@@ -59,5 +61,6 @@ What the health check validates:
 - If you also use Codex directly in a terminal, run that work in a separate git worktree. The bot only detects conflicts with other bot-managed chats, not external terminal sessions.
 - Run the bot under a restricted system user.
 - Keep `.env` outside version control.
+- Let each operator configure live-check credentials locally after startup instead of sharing one checked-in identity.
 - Rotate Telegram and GitHub tokens if they are ever exposed.
 - If you reinstall dependencies on macOS, rerun `npm run healthcheck`; the bot now auto-repairs `node-pty` helper permissions on startup.

docs/release.md

@@ -11,7 +11,7 @@ Run locally:
 
 ```bash
 npm install
-npm run release:check
+BOT_TOKEN=dummy-token ALLOWED_USER_IDS=1 npm run release:check
 ```
 
 Recommended production checks:
@@ -21,20 +21,23 @@ npm run healthcheck:strict
 npm run healthcheck:live
 ```
 
+Use operator-owned local credentials or GitHub secrets for live checks. Do not put real bot usernames, chat IDs, Telegram identities, or Codex thread IDs into tracked docs, release notes, or commits.
+
 Manual checks:
 
 - verify `/status`, `/repo`, `/continue`, `/language`, `/verbose`, `/mcp list`, and `/gh` on a real Telegram chat
 - verify PTY mode is active on the target host
 - verify cron and proactive push configuration
 - verify only one bot instance is polling
 - verify no second bot-managed chat can start a same-workdir Codex run without the explicit `/continue` override
+- record only pass/fail status in release notes; keep raw live output private to the operator who ran the checks
 
 ## Tag And Publish
 
 ```bash
 git checkout main
 git pull --ff-only
-npm run release:check
+BOT_TOKEN=dummy-token ALLOWED_USER_IDS=1 npm run release:check
 git tag v0.2.0
 git push origin main --tags
 ```

package-lock.json

@@ -1,6 +1,6 @@
 {
   "name": "codex-telegram-claws",
-  "version": "0.1.0",
+  "version": "0.2.0",
   "description": "A super Telegram bot that securely orchestrates Codex via SDK or CLI/PTy streaming, MCP routing, and GitHub automation skills.",
   "type": "module",
   "main": "src/index.ts",