Commit Graph

65023 Commits

Author SHA1 Message Date
snowzlmbot
2f98e1fdb5 fix(telegram): address rich fallback proof review 2026-07-07 14:14:03 +05:30
snowzlmbot
982328218b fix(telegram): harden rich send fallback and typing breaker
- Raise typing-breaker default from 2 to 5 consecutive failures via a
  named constant, keeping explicit overrides intact.
- Extend rich-plain-fallback trigger map to classify
  RICH_MESSAGE_CONTENT_REQUIRED alongside existing invalid-entity
  errors so both durable and streaming send funnels benefit.
- Add empty rendered-rich-HTML guards before sendRichMessage in both
  the durable chunk loop (send.ts) and the streaming delivery funnel
  (delivery.send.ts), preventing doomed Bot API calls and preserving
  later valid chunks.
- Add regression tests for the default typing breaker, delivery-side
  and durable-side RICH_MESSAGE_CONTENT_REQUIRED fallback behavior.
2026-07-07 14:14:03 +05:30
sunlit-deng
24330a82b4 fix(mattermost): reject oversized websocket events (#99366)
* fix(mattermost): bound monitor websocket payloads

* fix(mattermost): preserve websocket payload headroom

Co-authored-by: sunlit-deng <yang.jiajun1@xydigit.com>

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-07 09:35:00 +01:00
Peter Steinberger
cc2c6a87dc fix(ios): skip onboarding for configured gateways (#101481)
* fix(ios): skip onboarding for configured gateways

Fixes #98570

* fix(ios): prioritize saved gateway state
2026-07-07 09:31:18 +01:00
LiLan0125
686b778468 fix(backup): isolate retry temp archives (#101449)
* fix(backup): isolate retry temp archives

Closes #101382

* fix(backup): remove unused retry path initializer

---------

Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-07-07 01:29:45 -07:00
Vincent Koc
6799b5b3d4 refactor(android): remove obsolete global cache cleanup (#101470) 2026-07-07 01:19:17 -07:00
LZY3538
a6352f9356 fix(status): surface auto-fallback model in status and session_status (#96126) (#101337)
* @
fix(status): surface auto-fallback model in status and session_status (#96126)

When a session falls back to an alternate model via auto-fallback
(modelOverrideSource: "auto"), both `openclaw status` and `session_status`
silently showed the active fallback model without indicating it differs
from the configured primary. The mismatch gate used
hasUserPinnedModelSelection() which returns false for auto-fallback.

- status.summary.ts: widen mismatch gate from hasUserPinnedModelSelection
  to entry?.modelOverride != null; emit distinct "fallback selected"
  reason alongside existing "session override"
- status.command-sections.ts: add fallback-specific wording ("auto
  fallback" / "check provider availability") while keeping the
  modelSelectionReason filter intact (no false-positive null-reason rows)
- status-message.ts: add sessionHasAutoFallback detection for the
  session_status RPC path; show "auto fallback" / "check provider" label
  instead of "pinned session" / "clear /model default"

Co-Authored-By: Claude <noreply@anthropic.com>
@

* fix(status): narrow fallback detection to real fallback provenance

Replace entry?.modelOverride != null with
hasSessionAutoModelFallbackProvenance(entry) to avoid mislabeling
configured subagent automatic model selections as provider fallback.

Co-Authored-By: Claude <noreply@anthropic.com>

* fix(status): distinguish configured models from fallback

Co-authored-by: LZY3538 <liu.zhenye@xydigit.com>

---------

Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-07 09:17:58 +01:00
cxbAsDev
e1b79346c5 fix(signal): bound outbound container attachment file reads (#101391)
* fix(signal): bound outbound container attachment file reads

* fix(signal): honor configured container attachment limits

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-07 09:17:14 +01:00
Petros Dhespollari
6894bb7508 fix(gateway): persist media metadata in agent.request transcripts (#86936)
* fix(gateway): persist agent request transcript media

Route inline and offloaded agent.request images through the canonical user-turn transcript recorder across embedded, CLI, and ACP runtimes. Share ordered media persistence with chat.send and cover media-only empty-reply turns.

Co-authored-by: Petros Dhespollari <info@peterdsp.dev>

* fix(gateway): avoid transcript media shadowing

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-07 09:16:15 +01:00
Peter Steinberger
82b0f7cdc8 perf(test): use lightweight thinking fallback fixture 2026-07-07 03:59:28 -04:00
Peter Steinberger
48e77b6abf feat(ios): render inline LaTeX math in completed chat prose (#101388) 2026-07-07 08:46:31 +01:00
pick-cat
e72dadbb3b fix(anthropic): resolve thinking as disabled when legacy budget is below 1024 (#101415)
* fix(anthropic): resolve thinking as disabled when legacy budget is below 1024

When adjustMaxTokensForThinking collapses the thinking budget below the
Anthropic minimum (1024), option resolution now sets thinkingEnabled to
false instead of always forcing it to true. This keeps every downstream
consumer (payload, replay, temperature, tool-choice) consistent — they
all see the same disabled state instead of an enabled flag with a
missing or API-rejected thinking block.

|| → ?? in both builders is defensive: the resolution layer already
prevents invalid budgets from reaching the builder through the normal
path, but ?? preserves an explicit zero when the builder is called
directly.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

* fix(anthropic): guard raw streamAnthropic builder path against sub-minimum budgets

Add budget guards in both Anthropic payload builders so direct
streamAnthropic and bundled-plugin callers (e.g. Mantle) that bypass
option resolution also get the disabled-state rule instead of producing
API-rejected { type: "enabled", budget_tokens: < 1024 } requests.

Add proof-anthropic-thinking-budget.mts driving real production
functions with terminal output and negative control.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

* fix(anthropic): normalize legacy thinking budgets

Co-authored-by: Pick-cat <huang.ting3@xydigit.com>

---------

Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-07 08:42:40 +01:00
Vincent Koc
07a765522a test(mcp): bind channel non-owner gateway client 2026-07-07 09:39:26 +02:00
wings1029
5c4b63964c fix(memory-host-sdk): handle stdout/stderr stream errors in runCliCommand (#101402)
* fix(memory-host-sdk): handle stdout/stderr stream errors in runCliCommand

Register error handlers on stdout and stderr streams in
runCliCommand() to prevent uncaught exceptions when a pipe
breaks (e.g. EPIPE after child process exit).

Without these listeners, Node.js throws an uncaught exception
that crashes the process.

Co-Authored-By: Claude <noreply@anthropic.com>

* fix(memory-host-sdk): extract listenForChildOutputErrors helper

Refactor the inline stream error handling into a reusable
listenForChildOutputErrors helper, matching the pattern
established in the merged #101370 (agent-core).

The helper registers error listeners on stdout/stderr via a
shared loop, keeping the pattern consistent across the codebase.

Co-Authored-By: Claude <noreply@anthropic.com>

* fix(memory-host-sdk): harden qmd stream failures

* fix(memory-host-sdk): harden qmd stream failures

* docs(changelog): note qmd stream hardening

* chore: keep release changelog out of contributor PR

---------

Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-07 08:37:21 +01:00
Vincent Koc
1aeed5ec26 refactor(plugins): localize private config types (#101452) 2026-07-07 00:34:46 -07:00
cxbAsDev
735b7b2f34 fix(voice-call): handle tunnel child stream errors and stop-after-exit hang (#101394)
* fix(voice-call): handle tunnel child stream errors and stop-after-exit hang

* fix(voice-call): stop children after stream failures

* style(voice-call): satisfy timer lint

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-07 08:30:02 +01:00
pick-cat
41c0540bdc fix(doctor): expose default account routing in lint (#96147)
Co-authored-by: Vincent Koc <25068+vincentkoc@users.noreply.github.com>
Co-authored-by: Pick-cat <266665499+Pick-cat@users.noreply.github.com>
2026-07-07 00:26:30 -07:00
wangmiao0668000666
048fe0850e fix(qqbot): use UTF-16-safe truncation for messaging reply and approval previews (#101421)
* fix(qqbot): use UTF-16-safe truncation for messaging reply and approval previews

* test(qqbot): focus UTF-16 approval regression

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-07 08:22:06 +01:00
cxbAsDev
08abf83a66 fix(imessage): handle CLI child stdout/stderr stream errors (#101401)
* fix(imessage): handle CLI child stdout/stderr stream errors

* fix(imessage): stop CLI children after stream failures

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-07 08:19:52 +01:00
Vincent Koc
7c55ce53e2 refactor(opencode-go): localize stream internals (#101440) 2026-07-07 00:16:14 -07:00
Alex Knight
d09469c7a6 fix: show exported tool results in trace viewers (#101371)
* fix: show exported tool results in trace viewers

* fix(diagnostics-otel): emit semconv response key and execute_tool identity so trace viewers show tool results

---------

Co-authored-by: Alex Knight <15041791+amknight@users.noreply.github.com>
2026-07-07 17:14:30 +10:00
Peter Steinberger
59bc7b0e16 perf(test): scope opencode context catalog warmup 2026-07-07 03:13:59 -04:00
Peter Steinberger
5ed8b81af7 fix(llm): project schema custom tools as functions (#101443) 2026-07-07 08:12:43 +01:00
Jason (Json)
f7e962d6e3 feat(cli): add openclaw promos to discover and claim ClawHub promotional model offers (#100236)
* feat: add openclaw promos CLI for ClawHub promotional model offers

* fix: harden promos claim auth validation and sanitize remote promo text

* fix: enforce promo window client-side and validate slug contract

* fix: shell-safe model ref contract and explicit --api-key override

* fix: hold promotion aliases to the models alias contract

* docs: document argv-credential contract and env alternative for promos claim

* fix: enforce provider plugin enablement on the credential-reuse claim path

* fix: require plugin install before credential-reuse shortcut in promos claim

* fix: run runtime plugin repair on promo defaults and harden identifier parsing

* fix: distinct message for contract-invalid promo aliases

* fix(cli): validate promotion plugin contracts

* fix(cli): recheck promotion window before claim

* feat(cli): surface ClawHub promotions in models list via the hosted feed

Passive discovery for promotional model offers. A cadence-gated (24h),
fail-silent conditional GET of ClawHub's immutable promotions feed
snapshot (If-None-Match -> 304, short 2.5s timeout, unauthenticated so
CDN caches stay unfragmented) is cached in two new shared-state-DB
tables, fully separate from update_check_state. models list renders an
'Available via promotion' group for live offers whose models are not in
the user's configured set (including the zero-row fresh-install path),
tags claimed models promo / promo ended from provenance recorded at
claim time, and prints a one-time notice per newly seen offer; promos
list and claim mark offers as seen. Machine outputs stay clean, snapshot
sequence is monotonic against stale edges, and claims still revalidate
against the live API so the kill switch always wins.

* style: satisfy lint on promotions feed additions

no-useless-fallback-in-spread on the optional request headers and
no-map-spread in claim-provenance row mapping.

* fix(cli): harden promotions feed cache

* fix(cli): honor live promotion validity
2026-07-07 01:10:42 -06:00
Jason (Json)
d8ffb1f307 fix(ui): keep microphone input settings usable on narrow screens (#101377)
Merged via squash.

Prepared head SHA: 17329d4f30
Co-authored-by: fuller-stack-dev <263060202+fuller-stack-dev@users.noreply.github.com>
Reviewed-by: @fuller-stack-dev
2026-07-07 01:06:40 -06:00
Wynne668
55fa22b482 fix(process): handle taskkill spawn errors (#101392) 2026-07-07 08:06:31 +01:00
Jason (Json)
521bf99f17 fix(ui): clear stale sidebar run state after chat final (#101293)
Merged via squash.

Prepared head SHA: 32a33eb4cd
Co-authored-by: fuller-stack-dev <263060202+fuller-stack-dev@users.noreply.github.com>
Reviewed-by: @fuller-stack-dev
2026-07-07 01:04:00 -06:00
Peter Steinberger
cb9de7d361 chore(android): update dependencies and compile with API 37 (#101356)
* build(deps): bump the android-deps group across 1 directory with 14 updates

Bumps the android-deps group with 14 updates in the /apps/android directory:

| Package | From | To |
| --- | --- | --- |
| [gradle-wrapper](https://github.com/gradle/gradle) | `9.5.1` | `9.6.1` |
| androidx.compose:compose-bom | `2026.05.01` | `2026.06.01` |
| androidx.core:core-ktx | `1.18.0` | `1.19.0` |
| androidx.lifecycle:lifecycle-runtime-ktx | `2.10.0` | `2.11.0` |
| [org.commonmark:commonmark](https://github.com/commonmark/commonmark-java) | `0.28.0` | `0.29.0` |
| [org.commonmark:commonmark-ext-autolink](https://github.com/commonmark/commonmark-java) | `0.28.0` | `0.29.0` |
| [org.commonmark:commonmark-ext-gfm-strikethrough](https://github.com/commonmark/commonmark-java) | `0.28.0` | `0.29.0` |
| [org.commonmark:commonmark-ext-gfm-tables](https://github.com/commonmark/commonmark-java) | `0.28.0` | `0.29.0` |
| [org.commonmark:commonmark-ext-task-list-items](https://github.com/commonmark/commonmark-java) | `0.28.0` | `0.29.0` |
| [org.junit.vintage:junit-vintage-engine](https://github.com/junit-team/junit-framework) | `6.1.0` | `6.1.1` |
| [io.kotest:kotest-assertions-core-jvm](https://github.com/kotest/kotest) | `6.1.11` | `6.2.1` |
| [io.kotest:kotest-runner-junit5-jvm](https://github.com/kotest/kotest) | `6.1.11` | `6.2.1` |
| [com.squareup.okhttp3:mockwebserver](https://github.com/square/okhttp) | `5.3.2` | `5.4.0` |
| [com.squareup.okhttp3:okhttp](https://github.com/square/okhttp) | `5.3.2` | `5.4.0` |



Updates `gradle-wrapper` from 9.5.1 to 9.6.1
- [Release notes](https://github.com/gradle/gradle/releases)
- [Commits](https://github.com/gradle/gradle/compare/v9.5.1...v9.6.1)

Updates `androidx.compose:compose-bom` from 2026.05.01 to 2026.06.01

Updates `androidx.core:core-ktx` from 1.18.0 to 1.19.0

Updates `androidx.lifecycle:lifecycle-runtime-ktx` from 2.10.0 to 2.11.0

Updates `org.commonmark:commonmark` from 0.28.0 to 0.29.0
- [Release notes](https://github.com/commonmark/commonmark-java/releases)
- [Changelog](https://github.com/commonmark/commonmark-java/blob/main/CHANGELOG.md)
- [Commits](https://github.com/commonmark/commonmark-java/compare/commonmark-parent-0.28.0...commonmark-parent-0.29.0)

Updates `org.commonmark:commonmark-ext-autolink` from 0.28.0 to 0.29.0
- [Release notes](https://github.com/commonmark/commonmark-java/releases)
- [Changelog](https://github.com/commonmark/commonmark-java/blob/main/CHANGELOG.md)
- [Commits](https://github.com/commonmark/commonmark-java/compare/commonmark-parent-0.28.0...commonmark-parent-0.29.0)

Updates `org.commonmark:commonmark-ext-gfm-strikethrough` from 0.28.0 to 0.29.0
- [Release notes](https://github.com/commonmark/commonmark-java/releases)
- [Changelog](https://github.com/commonmark/commonmark-java/blob/main/CHANGELOG.md)
- [Commits](https://github.com/commonmark/commonmark-java/compare/commonmark-parent-0.28.0...commonmark-parent-0.29.0)

Updates `org.commonmark:commonmark-ext-gfm-tables` from 0.28.0 to 0.29.0
- [Release notes](https://github.com/commonmark/commonmark-java/releases)
- [Changelog](https://github.com/commonmark/commonmark-java/blob/main/CHANGELOG.md)
- [Commits](https://github.com/commonmark/commonmark-java/compare/commonmark-parent-0.28.0...commonmark-parent-0.29.0)

Updates `org.commonmark:commonmark-ext-task-list-items` from 0.28.0 to 0.29.0
- [Release notes](https://github.com/commonmark/commonmark-java/releases)
- [Changelog](https://github.com/commonmark/commonmark-java/blob/main/CHANGELOG.md)
- [Commits](https://github.com/commonmark/commonmark-java/compare/commonmark-parent-0.28.0...commonmark-parent-0.29.0)

Updates `org.commonmark:commonmark-ext-autolink` from 0.28.0 to 0.29.0
- [Release notes](https://github.com/commonmark/commonmark-java/releases)
- [Changelog](https://github.com/commonmark/commonmark-java/blob/main/CHANGELOG.md)
- [Commits](https://github.com/commonmark/commonmark-java/compare/commonmark-parent-0.28.0...commonmark-parent-0.29.0)

Updates `org.commonmark:commonmark-ext-gfm-strikethrough` from 0.28.0 to 0.29.0
- [Release notes](https://github.com/commonmark/commonmark-java/releases)
- [Changelog](https://github.com/commonmark/commonmark-java/blob/main/CHANGELOG.md)
- [Commits](https://github.com/commonmark/commonmark-java/compare/commonmark-parent-0.28.0...commonmark-parent-0.29.0)

Updates `org.commonmark:commonmark-ext-gfm-tables` from 0.28.0 to 0.29.0
- [Release notes](https://github.com/commonmark/commonmark-java/releases)
- [Changelog](https://github.com/commonmark/commonmark-java/blob/main/CHANGELOG.md)
- [Commits](https://github.com/commonmark/commonmark-java/compare/commonmark-parent-0.28.0...commonmark-parent-0.29.0)

Updates `org.commonmark:commonmark-ext-task-list-items` from 0.28.0 to 0.29.0
- [Release notes](https://github.com/commonmark/commonmark-java/releases)
- [Changelog](https://github.com/commonmark/commonmark-java/blob/main/CHANGELOG.md)
- [Commits](https://github.com/commonmark/commonmark-java/compare/commonmark-parent-0.28.0...commonmark-parent-0.29.0)

Updates `org.junit.vintage:junit-vintage-engine` from 6.1.0 to 6.1.1
- [Release notes](https://github.com/junit-team/junit-framework/releases)
- [Commits](https://github.com/junit-team/junit-framework/compare/r6.1.0...r6.1.1)

Updates `io.kotest:kotest-assertions-core-jvm` from 6.1.11 to 6.2.1
- [Release notes](https://github.com/kotest/kotest/releases)
- [Commits](https://github.com/kotest/kotest/compare/6.1.11...6.2.1)

Updates `io.kotest:kotest-runner-junit5-jvm` from 6.1.11 to 6.2.1
- [Release notes](https://github.com/kotest/kotest/releases)
- [Commits](https://github.com/kotest/kotest/compare/6.1.11...6.2.1)

Updates `io.kotest:kotest-runner-junit5-jvm` from 6.1.11 to 6.2.1
- [Release notes](https://github.com/kotest/kotest/releases)
- [Commits](https://github.com/kotest/kotest/compare/6.1.11...6.2.1)

Updates `com.squareup.okhttp3:mockwebserver` from 5.3.2 to 5.4.0
- [Changelog](https://github.com/square/okhttp/blob/master/CHANGELOG.md)
- [Commits](https://github.com/square/okhttp/compare/parent-5.3.2...parent-5.4.0)

Updates `com.squareup.okhttp3:okhttp` from 5.3.2 to 5.4.0
- [Changelog](https://github.com/square/okhttp/blob/master/CHANGELOG.md)
- [Commits](https://github.com/square/okhttp/compare/parent-5.3.2...parent-5.4.0)

Updates `com.squareup.okhttp3:okhttp` from 5.3.2 to 5.4.0
- [Changelog](https://github.com/square/okhttp/blob/master/CHANGELOG.md)
- [Commits](https://github.com/square/okhttp/compare/parent-5.3.2...parent-5.4.0)

---
updated-dependencies:
- dependency-name: androidx.compose:compose-bom
  dependency-version: 2026.06.01
  dependency-type: direct:production
  dependency-group: android-deps
- dependency-name: androidx.core:core-ktx
  dependency-version: 1.19.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: android-deps
- dependency-name: androidx.lifecycle:lifecycle-runtime-ktx
  dependency-version: 2.11.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: android-deps
- dependency-name: com.squareup.okhttp3:mockwebserver
  dependency-version: 5.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: android-deps
- dependency-name: com.squareup.okhttp3:okhttp
  dependency-version: 5.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: android-deps
- dependency-name: com.squareup.okhttp3:okhttp
  dependency-version: 5.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: android-deps
- dependency-name: gradle-wrapper
  dependency-version: 9.6.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: android-deps
- dependency-name: io.kotest:kotest-assertions-core-jvm
  dependency-version: 6.2.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: android-deps
- dependency-name: io.kotest:kotest-runner-junit5-jvm
  dependency-version: 6.2.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: android-deps
- dependency-name: io.kotest:kotest-runner-junit5-jvm
  dependency-version: 6.2.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: android-deps
- dependency-name: org.commonmark:commonmark
  dependency-version: 0.29.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: android-deps
- dependency-name: org.commonmark:commonmark-ext-autolink
  dependency-version: 0.29.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: android-deps
- dependency-name: org.commonmark:commonmark-ext-autolink
  dependency-version: 0.29.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: android-deps
- dependency-name: org.commonmark:commonmark-ext-gfm-strikethrough
  dependency-version: 0.29.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: android-deps
- dependency-name: org.commonmark:commonmark-ext-gfm-strikethrough
  dependency-version: 0.29.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: android-deps
- dependency-name: org.commonmark:commonmark-ext-gfm-tables
  dependency-version: 0.29.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: android-deps
- dependency-name: org.commonmark:commonmark-ext-gfm-tables
  dependency-version: 0.29.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: android-deps
- dependency-name: org.commonmark:commonmark-ext-task-list-items
  dependency-version: 0.29.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: android-deps
- dependency-name: org.commonmark:commonmark-ext-task-list-items
  dependency-version: 0.29.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: android-deps
- dependency-name: org.junit.vintage:junit-vintage-engine
  dependency-version: 6.1.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: android-deps
...

Signed-off-by: dependabot[bot] <support@github.com>

* build(android): compile dependencies against API 37

* chore(android): refresh native i18n inventory

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-07-07 08:00:55 +01:00
Jason (Json)
c87225fb4a fix: keep owner tools available in WebChat (#101271)
* fix: keep owner tools available in WebChat

* fix: align WebChat owner policy checks
2026-07-07 01:00:24 -06:00
Jason (Json)
e024eacf17 fix(ui): preserve login across same-origin gateways (#101352)
* fix(ui): scope device auth by gateway

* fix(ui): migrate legacy device auth storage

* test(ui): cover gateway device-token isolation
2026-07-07 00:51:19 -06:00
Vincent Koc
9cf5079e56 refactor(plugins): localize provider internals (#101425) 2026-07-06 23:50:12 -07:00
Peter Steinberger
8c0b3a784a perf(test): overlap runtime cleanup proofs 2026-07-07 02:47:28 -04:00
Vincent Koc
26c0285812 fix(plugins): keep source manifest metadata fallback 2026-07-07 08:42:39 +02:00
QiuYuang
769b8260cb fix(ports): ignore malformed lsof listener pids (#98505)
* fix(ports): ignore malformed lsof listener pids

* fix(infra): strictly reject malformed lsof pid tokens

Number.parseInt truncated tokens like "111abc" to 111, silently accepting
a corrupted lsof pid record. Switch to parseStrictPositiveInteger so the
whole token must be a valid positive integer, and restore the deduped
listener test that a prior change had replaced instead of extended.

* fix(cli): strictly reject malformed lsof pid tokens

Harden the force-free lsof parser to reject digit-prefixed garbage like
p111abc instead of truncating it to pid 111, and cover the sibling parser
with a focused regression test.

* fix(infra): strictly parse stale lsof pid tokens

Harden the stale gateway cleanup parser to reject digit-prefixed garbage
like p111abc instead of truncating it to pid 111, and add a focused
regression test without dropping the existing argv verification coverage.

* fix(ports): fail closed on malformed lsof pids

---------

Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-07-07 07:40:26 +01:00
xingzhou
de152b1f65 fix(plugin-sdk): align speech runtime packaging (#89899)
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-07 07:38:41 +01:00
Truffle
5537bc9c4d fix(media): allow Bedrock SDK auth for image and PDF tools (#72092)
* fix(media): allow aws-sdk auth mode for image and audio/video paths

Media understanding tools failed for amazon-bedrock deployments using
auth.mode "aws-sdk" (BYOK via role/SSO/profile creds). Each path called
requireApiKey, which throws on the empty-key sentinel before the AWS SDK
credential chain can resolve creds at call time.

The image path (image.ts) resolves auth via getApiKeyForModel; the
audio/video paths route through resolveProviderExecutionAuth. Both now
mirror the chat path's allowMissingApiKeyModes allowance: when the
resolved key is empty and the mode is aws-sdk, execute keyless and let
the SDK resolve credentials. The image path skips setRuntimeApiKey so no
empty-string secret is persisted; audio/video return the kind:"none"
execution auth so the runner bypasses key rotation.

Closes #72031

* fix(media): cover Bedrock PDF SDK auth

* fix(pdf): register plugin completion streams

* fix(media): recognize Bedrock SDK tool auth

* chore: move release note to PR

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-07 07:37:32 +01:00
wings1029
e779abf70e fix(agent-core): handle stdout/stderr stream errors in harness exec (#101370)
* fix(agent-core): handle stdout/stderr stream errors in harness exec

Register error handlers on stdout and stderr streams in
NodeExecutionEnv.exec() to prevent uncaught exceptions when
a pipe breaks (e.g. EPIPE after child process exit).

Without these listeners, Node.js throws an uncaught exception
that crashes the entire agent-core process.

Co-Authored-By: Claude <noreply@anthropic.com>

* fix(agent-core): address review — hoist-safe mock and curly lint

- Use vi.hoisted pattern for spawnMock to fix ReferenceError in CI
- Wrap one-line if guard in braces per repo curly rule

Co-Authored-By: Claude <noreply@anthropic.com>

* chore: keep release notes in PR context

---------

Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-07 07:34:11 +01:00
Alix-007
3929c52069 fix(agents): keep structured prompt summaries UTF-16 safe (#101311)
* fix(agents): keep structured prompt summaries UTF-16 safe

* chore: align prompt summary branch with current main

* fix(agents): keep structured summaries UTF-16 safe

* chore: keep release notes in PR context

* chore: keep release notes in PR context

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
Co-authored-by: Peter Steinberger <peter@steipete.me>
2026-07-07 07:32:05 +01:00
mushuiyu886
92e25df271 fix(agents): avoid repeated item progress snapshots (#101042)
* fix(agents): avoid repeated item progress snapshots

* chore: align ACP branch with current main

* fix(agents): deduplicate ACP parent progress

* chore: keep release notes in PR context

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
Co-authored-by: Peter Steinberger <peter@steipete.me>
2026-07-07 07:31:13 +01:00
Vincent Koc
33163d4273 refactor(plugins): localize private declarations (#101406) 2026-07-06 23:26:47 -07:00
Peter Steinberger
554d772c1a refactor(codex): keyed turn routing, client-scoped rate limits, and resume subscription safety (#101376)
* feat(codex): scope app-server rate limits to the physical client

Replace the process-global rate-limit cache with a WeakMap keyed by the
physical app-server client, tracking per-limitId revisions. Rolling
account/rateLimits/updated notifications merge sparsely per the protocol
contract (credits/individualLimit/planType survive nulls), and
usage-limit errors only trust a snapshot for auth-profile blocking when
the same client observed a primary update during the failing turn's
startup. Fixes cross-client rate-limit bleed in usage-limit error
messages. A new client-runtime module installs the
account/chatgptAuthTokens/refresh handler and the rate-limit observer
once per physical client, replacing per-start inline handlers in
shared-client, run-attempt, and side-question.

* refactor(codex): split thread/resume subscription safety into thread-resume

Move the thread/resume request out of thread-lifecycle into a dedicated
thread-resume module that retires the exact physical client when resume
acceptance is indeterminate: only a structured RPC rejection proves
Codex holds no subscription, so any other failure abandons the client
instead of returning it to the shared pool. Resume responses naming a
different thread now fail closed (assertCodexThreadResumeSubscription),
and the fresh-thread fallback requires a released subscription unless
the resume was a proven RPC rejection.

* refactor(codex): replace client-factory positional DI with shared-client factory

Delete the lazy positional-argument CodexAppServerClientFactory and use
the options-object factory type exported from shared-client. Callers in
run-attempt, compact, bounded-turn, provider-capabilities, and the
web-search provider now default to getLeasedSharedCodexAppServerClient
directly; the lazy indirection was ineffective because those modules
already import shared-client statically.

* feat(codex): route app-server turn traffic through a keyed turn router

Install one turn router per physical app-server client and replace the
broad per-attempt notification/request fanout with explicit per-thread
routes. Attempt startup reserves the thread route (before thread/resume
on the resume path, so early notifications buffer instead of racing),
run-attempt activates it with receive-time, queued, and request
handlers, arms the route before turn/start, binds the accepted turn id
to flush buffered traffic in wire order, and releases the route on
cleanup. Requests for a pending turn wait for binding instead of being
auto-declined, native turn completion waits use route state instead of
scanning buffered notifications, and correlation readers now match the
canonical v2 wire shapes only (top-level threadId, nested turn.id). The
unscoped response-delta lease-count attribution and its client API are
deleted along with the retired correlation predicates.

* test(codex): reset the shared binding store between thread-lifecycle tests

SQLite bindings are keyed by session identity rather than the per-test
temp dir, so earlier tests leaked resumable threads into fresh-start
expectations. The old silent resume-failure fallback masked the leak;
subscription safety surfaces it.

* test(codex): reset the binding store between delivery-hint iterations

The loop reuses one session identity across iterations, so the previous
iteration's thread would resume against a harness that cannot serve it.
2026-07-07 07:25:15 +01:00
SunnyShu
13f8dfae86 fix(outbound): retry proven pre-connect failures (#101024)
* fix(outbound): retry proven pre-connect failures

Co-authored-by: 0668000539 <shu.zongyu@xydigit.com>

* refactor(infra): keep retry attempt metadata internal

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-07 07:23:54 +01:00
Vincent Koc
27e8ea10eb docs(talk): format realtime model table 2026-07-06 23:22:33 -07:00
Vincent Koc
9a872a22d7 docs(openai): note realtime 2.1 mini override 2026-07-06 23:22:33 -07:00
Vincent Koc
6e6d1aac4c test(openai): add focused realtime live smoke 2026-07-06 23:22:33 -07:00
Vincent Koc
f0564943a7 docs(openai): refresh realtime 2.1 examples 2026-07-06 23:22:33 -07:00
Vincent Koc
c43e020f47 feat(openai): default realtime voice to gpt-realtime-2.1 2026-07-06 23:22:33 -07:00
Dallin Romney
3175d8e742 refactor(qa): drive Matrix lifecycle through channel drivers (#101055)
* test(matrix): add substrate lifecycle contract

* fix(matrix): satisfy lifecycle dependency gates

* refactor(matrix): keep Crabline lifecycle in adapter

* refactor(qa): select Matrix lifecycle by driver lane

* refactor(matrix): keep lifecycle helpers test-only

* refactor(qa): drive Matrix lifecycle through channel drivers
2026-07-06 23:13:21 -07:00
Vincent Koc
4a9fe264e6 test(github-copilot): use real token exchange response 2026-07-07 08:07:43 +02:00
Peter Steinberger
09977a9328 perf(test): overlap restart CLI probes 2026-07-07 02:03:36 -04:00