Production report: after scanning QR for a brand-new channel the user gets
"WhatsApp não inicializado" / "1 sem ativação" because the `socket-query`
circuit breaker opens during the post-pairing `init queries` (USync,
device-list, app-state-sync). Existing channels are unaffected — only fresh
pairings trip the CB because their first round of metadata fetches is slow
(no warm server-side cache for the client, larger payload).
Two small changes:
1. Bump the `socket-query` CB timeout floor to 120 s (was
`defaultQueryTimeoutMs || 60000`, which evaluated to 30 s in this
build). The per-query `waitForMessage` timeout still enforces a tighter
bound for individual operations — this only widens the *cumulative*
window the CB watches before tripping.
2. Add `BAILEYS_DISABLE_CIRCUIT_BREAKER=true` env var as an emergency
kill-switch so operators can disable all three CBs (query, connection,
prekey) without touching code or rebuilding zpro. The default
`enableCircuitBreaker` config flag still works for callers that pass it
in code.
No behavior change for existing channels under normal load — the bump only
matters when init queries actually take longer than 30 s.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Restoring master to commit d04a3e1af8 ("fix: restore working carousel
send/render path (#297)") which is the LAST KNOWN GOOD state before the
inbound latency regression. PR #303 (pastParticipants HistorySync LID)
and subsequent commits introduced the per-message LID/PN session drift
that locked the inbound pipeline behind Bad MAC retry storms in
production.
WHAT IS PRESERVED:
- Tag `archive/master-pre-restore-2026-05-01` points at the previous
master tip (d03b625a89, "chore: update WhatsApp Web version (#404)")
- Branch `master-archive-pre-restore-2026-05-01` mirrors that tip for
easy browsing
- All 137 commits between Mar/18 and the previous master tip remain in
git history; downstream forks lose nothing
WHAT IS LOST FROM MASTER (preserved in archive):
- View-once features (#310, #316, #322, #355)
- USync username inbound (#382)
- Early-ignore JIDs (#383)
- History sync memory/CPU optimisation (#385)
- tcToken full lifecycle (#386, #387)
- Async LID mapping restore (#390)
- Decrypt-error noise reduction (#391)
- Detach post-upsert work (#392)
- Bounded-retry replacing CircuitBreaker (#393)
- wire address lock (#396)
- Decryption fail-fast (#402)
- ~30 WhatsApp Web/proto version updates (only the latest is reapplied)
Re-add features one at a time on top of this base, testing each so the
inbound regression doesn't silently sneak back in.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
- Add interactive message detection helpers (getButtonType, isCarouselMessage, etc.)
- Inject biz node with interactive/native_flow for non-carousel interactive messages
- Inject biz + quality_control with decision_id for carousel messages
- Skip bot node for native_flow/carousel/catalog (breaks Web rendering)
- Force device-identity inclusion for carousel messages
- Append deferred biz/bot/quality_control nodes after device-identity and tctoken
- Store tctoken under both LID and PN for reliable lookup
Two fixes:
1. Stanza type="media" for carousel messages — WhatsApp Web needs this
to render carousel in real-time. Without it, only shows header until
page refresh (F5).
2. Fix jimp detection: typeof Jimp === 'function' (not just 'object')
so jpegThumbnail is generated for card images.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
7 corrections based on reverse-engineering of WhatsApp Business Android:
1. resolveCanonicalJid: PN→LID resolution for transaction lock keys (prevent race conditions)
2. Retain PN session during LID migration (avoid No Session errors)
3. Delayed PreKey deletion with 5-min grace period (prevent Invalid PreKey ID races)
4. Surgical session cleanup: only delete the specific corrupted device, not all devices
5. Identity dual storage: save identity key in both LID and PN addresses
6. MAC error cooldown reduced 10s→1s (faster recovery, aligned with WABA)
7. Allow session recreation on first retry (retryCount >= 1 instead of > 1)
* fix: remove unused jidDecode import from decode-wa-message.ts
* fix: add try/catch to delayed PreKey deletion to prevent unhandled rejection
The setTimeout async callback in removePreKey could cause unhandled promise
rejection if the keystore was destroyed (connection closed) before the
5-min grace period expired.
The web protocol (WA\x06\x03) requires a web-compatible UserAgent.
Using SMB_ANDROID in the UserAgent caused pair code registration to
fail with "cannot connect device" even though the phone confirmation
appeared. The Android identity is now only set in DeviceProps.platformType
(ANDROID_PHONE) in the registration node, which correctly determines
the display name in "Linked Devices" as "Android (14)".
Changes:
- getUserAgent(): always returns MACOS platform and Desktop device
- getClientPayload(): always includes webInfo (no longer skipped for Android)
- Remove unused isAndroidBrowser import from validate-connection.ts
- Update pair code comments documenting tested platform IDs
- Add structured logging to pair code request