feat: expand profile management commands

[dovocoder]

Summary

• Add profile commands to remove the account picture, set About text, and set the display name
• Add read commands for profile picture metadata, user About text, and WhatsApp Business profile details
• Document the expanded profile workflow and JSON-friendly outputs

Why

This makes wacli profile useful for both account profile maintenance and scriptable profile metadata lookups, without requiring users to write custom whatsmeow code for common profile operations.

Test plan

• go test ./...
• pnpm format:check
• pnpm lint
• pnpm test
• pnpm build
• git diff --check

[clawsweeper]

Codex review: needs real behavior proof before merge. Reviewed May 25, 2026, 3:27 AM ET / 07:27 UTC.

Summary
The PR adds profile subcommands for removing and reading pictures, setting About/name, fetching About and Business metadata, plus WA client wrappers, tests, docs, and changelog updates.

Reproducibility: yes. for the review finding from source: the three new metadata commands pass false into openLiveProfileApp, and that value is forwarded to newApp as needLock before Connect. I did not run the live command because this review is read-only and would require a linked WhatsApp store.

Review metrics: 1 noteworthy metric.

• Profile command surface: 6 subcommands added, 3 live metadata reads. The added read commands open the WhatsApp session store, so their lock behavior matters before merge.

Merge readiness
Overall: 🧂 unranked krab
Proof: 🧂 unranked krab
Patch quality: 🦪 silver shellfish
Result: blocked until real behavior proof is added.

Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch.

Rank-up moves:

• Add redacted terminal output, logs, or a recording showing the new profile commands against a real linked account; updating the PR body should trigger a fresh review, or a maintainer can request @clawsweeper re-review.
• Acquire the store lock for picture-info, get-about, and business, then add focused coverage for the intended live-app opening behavior.

Proof guidance:
Needs real behavior proof before merge: No after-fix real behavior proof is present; the PR body lists test commands only, so redacted terminal output, logs, a screenshot, or a recording from a real linked account is needed before merge. After adding proof, update the PR body; ClawSweeper should re-review automatically. If it does not, the PR author or someone with repository write access can comment @clawsweeper re-review.

Risk before merge

• The new profile metadata commands can open the live WhatsApp session store without holding the store lock, so they can race with sync/send or another live command that expects session serialization.
• The PR has no after-fix real behavior proof from a linked WhatsApp setup; tests and listed local commands are useful but do not prove the live profile operations work against WhatsApp.

Maintainer options:

1. Lock live profile metadata reads (recommended)
   Change picture-info, get-about, and business to open the live app with the store lock before connecting, matching the existing live command pattern.
2. Approve an explicit no-lock exception
   Maintainers could decide these metadata calls are safe without serialization, but that should be an intentional exception to the current store-lock model.

Next step before merge
Needs contributor real behavior proof plus maintainer review of the lock fix; automation should not take over while the external proof gate is missing.

Security
Cleared: No concrete security or supply-chain issue was found; the diff adds CLI/profile wrappers, docs, changelog, and tests without changing dependencies, workflows, secrets, or build tooling.

Review findings

• [P1] Acquire the store lock for live profile reads — cmd/wacli/profile.go:195

Review details

Best possible solution:

Land the expanded profile commands after all live profile metadata reads acquire the store lock and the PR includes redacted real-run output showing the new commands against a linked account.

Do we have a high-confidence way to reproduce the issue?

Yes for the review finding from source: the three new metadata commands pass false into openLiveProfileApp, and that value is forwarded to newApp as needLock before Connect. I did not run the live command because this review is read-only and would require a linked WhatsApp store.

Is this the best way to solve the issue?

No; the feature direction is reasonable, but the PR should serialize every live session-store open that cannot run in read-only mode. The narrow maintainable fix is to acquire the store lock for the profile metadata commands while preserving the current read-only rejection behavior.

Full review comments:

• [P1] Acquire the store lock for live profile reads — cmd/wacli/profile.go:195
  This starts picture-info without the lock, and the same openLiveProfileApp(flags, false) pattern is used by get-about and business. The helper forwards that boolean to newApp, then EnsureAuthed/Connect opens session.db; AGENTS.md and existing live command patterns treat this path as lock-sensitive. Please take the store lock for these live metadata commands so they cannot race with sync/send.
  Confidence: 0.86

Overall correctness: patch is incorrect
Overall confidence: 0.86

AGENTS.md: found and applied where relevant.

Codex review notes: model gpt-5.5, reasoning high; reviewed against e9f183056171.

Label changes

Label changes:

• add P2: This is a useful bounded feature PR with a merge-blocking session-lock issue, but it is not an urgent production regression.
• add merge-risk: 🚨 session-state: Merging as-is would add live commands that can open the WhatsApp session store without the normal LOCK serialization.
• add rating: 🧂 unranked krab: Overall readiness is 🧂 unranked krab; proof is 🧂 unranked krab and patch quality is 🦪 silver shellfish.
• add status: 📣 needs proof: The PR needs real behavior proof before ClawSweeper can clear the contributor ask. Needs real behavior proof before merge: No after-fix real behavior proof is present; the PR body lists test commands only, so redacted terminal output, logs, a screenshot, or a recording from a real linked account is needed before merge. After adding proof, update the PR body; ClawSweeper should re-review automatically. If it does not, the PR author or someone with repository write access can comment @clawsweeper re-review.

Label justifications:

• P2: This is a useful bounded feature PR with a merge-blocking session-lock issue, but it is not an urgent production regression.
• merge-risk: 🚨 session-state: Merging as-is would add live commands that can open the WhatsApp session store without the normal LOCK serialization.
• rating: 🧂 unranked krab: Overall readiness is 🧂 unranked krab; proof is 🧂 unranked krab and patch quality is 🦪 silver shellfish.
• status: 📣 needs proof: The PR needs real behavior proof before ClawSweeper can clear the contributor ask. Needs real behavior proof before merge: No after-fix real behavior proof is present; the PR body lists test commands only, so redacted terminal output, logs, a screenshot, or a recording from a real linked account is needed before merge. After adding proof, update the PR body; ClawSweeper should re-review automatically. If it does not, the PR author or someone with repository write access can comment @clawsweeper re-review.

Evidence reviewed

What I checked:

• Repository policy requires lock discipline: AGENTS.md says wacli has a session.db managed by whatsmeow and that a LOCK file is acquired before write operations; this applies because the new commands open the live WhatsApp session store. (AGENTS.md:17, e9f183056171)
• Opening WA is write-sensitive: Current App.OpenWA rejects read-only mode with the explicit error that the command would open the WhatsApp session store, so live session access is not a pure read-only DB path. (internal/app/app.go:148, e9f183056171)
• Comparable live reads take the lock: The existing group invite-link getter acquires the store lock before EnsureAuthed and Connect even though it is a live lookup, which is the safer pattern for the new profile metadata commands. (cmd/wacli/groups_invite_join.go:45, e9f183056171)
• PR metadata reads skip the lock: The proposed picture-info, get-about, and business commands call openLiveProfileApp(flags, false); the helper forwards that boolean to newApp as needLock before EnsureAuthed and Connect. (cmd/wacli/profile.go:195, 6596dae9659b)
• Current main lacks the requested commands: A source search on current main found no profile remove-picture, picture-info, set-about, get-about, set-name, business-profile, or matching WA wrapper commands, so the feature is not already implemented. (e9f183056171)
• Feature history: The original profile set-picture command and WA profile-picture wrapper were introduced by d08620a, which is the current behavior this PR extends. (cmd/wacli/profile.go:1, d08620abf98c)

Likely related people:

• gado-ships-it: Authored the commit that added the profile set-picture command, docs, app interface method, and WA profile-picture wrapper that this PR extends. (role: introduced profile behavior; confidence: high; commits: d08620abf98c; files: cmd/wacli/profile.go, internal/wa/client.go, internal/app/app.go)
• dovocoder: Authored the recent merged group admin command work that added live WhatsApp command patterns and app interface methods near the same lock/session boundary. (role: recent adjacent contributor; confidence: medium; commits: dc75b680c4ae; files: cmd/wacli/groups_admin.go, internal/app/app.go, internal/wa/groups.go)
• Peter Steinberger: Current checkout blame for the profile and WA files points through the v0.11.0 release commit, and the release commit includes the current profile command surface. (role: recent release/current-line owner; confidence: medium; commits: 201f7adcaf16; files: cmd/wacli/profile.go, internal/wa/client.go, docs/profile.md)

What the crustacean ranks mean

• 🦀 challenger crab: rare, exceptional readiness with strong proof, clean implementation, and convincing validation.
• 🦞 diamond lobster: very strong readiness with only minor maintainer review expected.
• 🐚 platinum hermit: good normal PR, likely mergeable with ordinary maintainer review.
• 🦐 gold shrimp: useful signal, but proof or patch confidence is still limited.
• 🦪 silver shellfish: thin signal; proof, validation, or implementation needs work.
• 🧂 unranked krab: not merge-ready because proof is missing/unusable or there are serious correctness or safety concerns.
• 🌊 off-meta tidepool: rating does not apply to this item.

Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics.

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.

[clawsweeper]

ClawSweeper PR egg

🎁 Pass real behavior proof to wake the egg and unlock a hatchable treat.

Where did the egg go?

• The egg game starts only after the PR passes the real-behavior proof check.
• Before that, no creature or rarity is rolled. The treat waits for real proof.
• This is still just collectible flavor: proof affects review readiness, not creature quality.