Commit Graph

66940 Commits

Author SHA1 Message Date
wm0018
7de325d060 fix: keep task title truncation UTF-16 safe in restart/diagnostic output (#101934)
* fix: keep task title truncation UTF-16 safe in restart/diagnostic output

Three private copies of formatTaskBlocker share the same pattern —
task.title.slice(0, 80) — which can split surrogate pairs in task
titles, producing broken U+FFFD in restart blocker diagnostics,
gateway reload logs, and CLI run-loop output.

Replace raw slice with truncateUtf16Safe in all three locations.

Relevant files:
- gateway/server-reload-handlers.ts:270
- infra/restart-coordinator.ts:73
- cli/gateway-cli/run-loop.ts:569

* refactor(tasks): centralize restart blocker formatting

* fix(tasks): keep restart formatter side-effect free

* refactor(tasks): tighten restart blocker ownership

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 07:10:25 +01:00
Vincent Koc
9bb946acc5 docs(codex): refresh harness compatibility snapshot 2026-07-08 23:07:20 -07:00
Vincent Koc
8a5ad170c0 chore(codex): bump app-server to 0.143.0 2026-07-08 23:07:20 -07:00
Vincent Koc
bf3e2f5b80 fix(codex): migrate retired approval policy 2026-07-08 23:07:20 -07:00
Vincent Koc
a780541ea6 fix(ci): preserve AI runtime build artifacts 2026-07-08 22:58:35 -07:00
NIO
a3f00d32c9 fix(telegram): keep DM topic auto-rename user message UTF-16 safe (#101781)
* fix(telegram): keep DM topic auto-rename user message UTF-16 safe

Add surrogate-boundary regression for auto-topic label input truncation.

Co-authored-by: Cursor <cursoragent@cursor.com>

* test(telegram): tighten topic label boundary proof

---------

Co-authored-by: NIO <nocodet@mail.com>
Co-authored-by: Cursor <cursoragent@cursor.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 06:44:19 +01:00
zw-xysk
cc961001f3 fix(security): keep channel-metadata and install-policy truncation surrogate-safe (#102266)
* fix(security): keep channel-metadata and install-policy truncation surrogate-safe

channel-metadata.ts and install-policy.ts both had private truncateText
functions using String.prototype.slice(0, N) on user-visible text.
channel-metadata is explicitly user-controlled untrusted content that gets
injected into LLM prompt context -- a dangling surrogate from unsafe
truncation would corrupt the prompt with invalid Unicode, affecting token
counting and potentially LLM response quality.

Replace .slice(0, ...) with truncateUtf16Safe(...) in both files so the
truncation point always falls on a complete code-point boundary.

Add test coverage for buildUntrustedChannelMetadata with emoji at both
the entry-level (400-char) and outer (800-char) truncation boundaries.

* test(security): prove UTF-16 truncation boundaries

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 06:31:06 +01:00
Peter Steinberger
5533d979d4 feat: add follow-up task suggestions (#102422)
* feat(tools): add follow-up task suggestions

* chore: leave changelog to release flow

* fix(tools): add task suggestion display metadata

* fix(tools): update task suggestion display snapshot

* docs: format task suggestion tool table

* test(gateway): expect compaction worktree workspace

* test(gateway): preserve configured compaction workspace

* fix(ui): translate task suggestions
2026-07-09 06:30:01 +01:00
wangmiao0668000666
acac359de6 fix(matrix): keep HTTP error and tool-progress truncations UTF-16 safe (#102395)
* fix(matrix): keep HTTP error and tool-progress truncations UTF-16 safe

* test(matrix): prove UTF-16 truncation boundaries

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 06:15:46 +01:00
wangmiao0668000666
28bbbe4f60 fix(google-meet): bound Calendar event lookups (#102157)
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 06:12:24 +01:00
wangmiao0668000666
624dfa6cf6 fix(google-meet): contain node host stream failures (#102105)
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 05:59:35 +01:00
wm0018
9b4cbe4758 fix(agents): keep chunkString and buildResumeMessage truncation UTF-16 safe (#102085)
* fix(agents): keep chunkString and buildResumeMessage truncation UTF-16 safe

* fix: preserve code points in agent output chunks

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 05:54:08 +01:00
Peter Steinberger
d6ec1c6cea fix(secrets): prevent capture and sentinel credential retention (#102420)
* fix(secrets): harden sentinel capture lifecycle

* chore: leave release notes to release automation
2026-07-09 05:50:28 +01:00
xydt-tanshanshan
1d4d8474da [AI] fix(memory): use truncateUtf16Safe for dreaming snippet truncation (#101946)
* [AI] fix(memory): use truncateUtf16Safe for dreaming snippet truncation

Replace .slice(0, N) with truncateUtf16Safe() at 5 call sites in
dreaming-phases.ts so complex emoji and surrogate pairs near the
truncation boundary are not split into lone surrogates.

truncateUtf16Safe is the standard SDK helper, already used in
session-cost-usage, cron, exec-approval, and node-host modules
for the same purpose.

* [AI] fix(memory): use SDK facade import for truncateUtf16Safe, add surrogate-proof test

Replace direct @openclaw/normalization-core/utf16-slice import with
openclaw/plugin-sdk/memory-core-host-engine-foundation SDK facade,
matching manager-search.ts in the same extension.

Add surrogate-proof.test.ts that runs a full dreaming ingestion sweep
with emoji at the 280-char boundary and verifies zero lone surrogates.

* [AI] fix(memory-proof): use relative imports in surrogate-proof test

* [AI] fix(memory-proof): place emoji at post-prefix 280-char boundary, assert session corpus file

* [AI] fix(memory-proof): avoid unnecessary String callback in oxlint

* [AI] fix(memory-proof): add curly braces per eslint curly rule

* [AI] feat(proof): add standalone dreaming surrogate truncation proof script

* [AI] chore(proof): remove unused SQLite-dependent proof script

* [AI] fix(proof): correct emoji boundary placement for all 5 call sites

* [AI] fix(proof): add curly braces per eslint curly rule in proof script

* [AI] fix(proof): session emoji at actual corpus 280-char boundary

* test: streamline memory dreaming UTF-16 coverage

---------

Co-authored-by: hailory <hailory@xydigit.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 05:40:22 +01:00
Dave Fano
b502554f6c Suppress failed tool progress in Discord (#92517)
* fix(discord): suppress failed tool progress

Co-authored-by: davefano-agents@teal-03-mst-m2u-wheeljack <davefano-agents@users.noreply.github.com>

* chore: leave changelog to release

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
Co-authored-by: davefano-agents@teal-03-mst-m2u-wheeljack <davefano-agents@users.noreply.github.com>
2026-07-09 05:39:59 +01:00
Peter Steinberger
e2a4973edf docs(slack): explain voice input and audio clips (#102410)
* docs(slack): document voice input support

* docs: refresh generated map

---------

Co-authored-by: Peter Steinberger <peter@steipete.me>
2026-07-08 21:28:49 -07:00
zw-xysk
ba5a212c8f fix(acp): keep session update text truncation surrogate-safe (#102378)
* fix(acp): keep session update text truncation surrogate-safe

acp-projector's truncateText function used String.prototype.slice(0, N)
on session update text that is sent to AI providers in the prompt context.
When the truncation boundary falls inside a UTF-16 surrogate pair (emoji,
CJK extended), the resulting string contains a dangling surrogate that
can corrupt the prompt.

Replace .slice(0, maxChars-1) with truncateUtf16Safe(input, maxChars-1)
so the truncation point always falls on a complete code-point boundary.

* fix: make ACP projection truncation UTF-16 safe

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 05:22:21 +01:00
ToToKr
6e4670f9c1 fix(acp): keep background-task summaries UTF-16 safe at truncation boundaries (#101976)
The bounded task label and progress summary shown for child ACP background runs used raw String.slice, which can split a surrogate pair at the 160/240-char boundaries and surface U+FFFD in requester-facing task status. Part of the UTF-16 safety sweep.
2026-07-09 05:02:21 +01:00
wm0018
9614129c2b fix(gateway): keep session title and preview text truncation UTF-16 safe (#102090)
* fix(gateway): keep session title and preview text truncation UTF-16 safe

* test(gateway): cover session UTF-16 boundaries in place

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 04:51:13 +01:00
chengzhichao-xydt
9e75ce9dd1 fix(agents): keep tool-result truncation UTF-16 safe (#102087)
* fix(agents): keep tool-result truncation UTF-16 safe

Replace raw .slice() calls in tool-result truncation with UTF-16-safe
helpers (sliceUtf16Safe/truncateUtf16Safe) so surrogate pairs are not
split when capping tool output, error-tail detection, or aggregate
elision markers.

- hasImportantTail: sliceUtf16Safe(text, -2000)
- appendBoundedTruncationSuffix: truncateUtf16Safe + sliceUtf16Safe
- truncateToolResultText head/tail/default paths: sliceUtf16Safe
- formatAggregateElisionText fallback: truncateUtf16Safe

Added regression tests for emoji at char and head+tail boundaries.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* test(agents): cover exact tool-result UTF-16 cuts

---------

Co-authored-by: chengzhichao-xydt <chengzhichao-xydt@users.noreply.github.com>
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 04:49:24 +01:00
zw-xysk
57db713ff7 fix(ui): keep clampText/truncateText surrogate-safe at emoji boundaries (#102225)
* fix(ui): keep clampText/truncateText surrogate-safe at emoji boundaries

clampText and truncateText in format.ts used String.prototype.slice(0, N)
to truncate user-visible text. When the truncation boundary falls inside
a UTF-16 surrogate pair (emoji, CJK extended, etc.), the resulting
string contains a dangling surrogate that browsers render as U+FFFD (�).

Replace .slice(0, ...) with truncateUtf16Safe(...) which skips past
incomplete surrogate pairs so the truncation point always falls on a
code-point boundary.

Affected UI surfaces: markdown rendering, command descriptions, skill
summaries, exec-approval rules, tool-stream output previews.

Add surrogate-safe truncation test cases for both functions using a
real emoji at the exact truncation boundary.

* test(ui): tighten UTF-16 truncation coverage

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 04:46:36 +01:00
VectorPeak
2cb482dd40 fix(discord): split encoded video URLs from captions (#101815)
* fix(discord): split encoded video URLs from captions

Co-authored-by: chatgpt-codex-connector[bot] <199175422+chatgpt-codex-connector[bot]@users.noreply.github.com>

* refactor(discord): scope media filename decoding

---------

Co-authored-by: chatgpt-codex-connector[bot] <199175422+chatgpt-codex-connector[bot]@users.noreply.github.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 04:41:53 +01:00
mushuiyu886
7daa090935 fix(doctor): keep scrubbed error truncation UTF-16 safe (#102066)
* fix(doctor): keep scrubbed error truncation UTF-16 safe

* test(doctor): assert exact scrubbed error output

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 04:39:15 +01:00
QiuYuang
b62c796e51 fix(agents): keep truncation surrogate-safe (#102332)
* fix(agents): keep truncation surrogate-safe

* test(agents): tighten process label truncation coverage

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 04:37:23 +01:00
冯基魁
003bb8284b fix(macos): skip unresolved dashboard auth templates (#101375)
* fix(macos): skip unresolved auth env templates

* fix(macos): align gateway auth env refs

* fix(macos): resolve dashboard refs from service env

* fix(macos): read generated gateway service env

* chore: keep release changelog owner-only

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 04:35:53 +01:00
Gio Della-Libera
735dbd2f95 feat: add signed marketplace feed config (#98316)
* feat: add signed marketplace feed config

* Clarify marketplace feed trust keys

* Preserve marketplace feed signing key type alias

* Fail closed for unwired signed marketplace feeds

* refactor: inline marketplace trust key config

---------

Co-authored-by: Gio Della-Libera <giodl@microsoft.com>
Co-authored-by: Patrick Erichsen <patrick.a.erichsen@gmail.com>
2026-07-08 20:32:14 -07:00
mushuiyu886
e90bf31829 fix(discord): keep gateway close reasons UTF-16 safe (#102246)
* fix(discord): keep gateway close reasons UTF-16 safe

* test(discord): assert exact close reason truncation

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 04:28:06 +01:00
xingzhou
1017ea5bc8 fix(discord): prevent stale gateway error listeners after restart (#101617)
* fix(discord): remove gateway error listener on dispose

* fix(discord): preserve late gateway error guard

* fix(discord): retain late gateway diagnostics

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 04:25:37 +01:00
Patrick Erichsen
1252a3da59 fix: send owner-qualified install telemetry (#102377) 2026-07-08 20:18:09 -07:00
chengzhichao-xydt
e8bd3ae26a fix(agents): keep steering metadata truncation UTF-16 safe (#101736)
* fix(agents): keep steering metadata truncation UTF-16 safe

Replace raw string slicing with truncateUtf16Safe in promptLiteral so
emoji and CJK surrogate pairs in steering queue metadata are not split
mid-pair at the 500-char MAX_METADATA_CHARS cap.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* test(agents): add emoji surrogate boundary regression for steering metadata

Drive buildMergedAgentSteeringPrompt with a task label placing an emoji
at the 500-char MAX_METADATA_CHARS boundary to prove truncateUtf16Safe
preserves the surrogate pair instead of splitting it.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* test(agents): assert steering truncation output

* test(agents): remove useless string concat in emoji boundary test

---------

Co-authored-by: Alix-007 <li.long15@xydigit.com>
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
Co-authored-by: chengzhichao-xydt <chengzhichao-xydt@users.noreply.github.com>
2026-07-09 04:12:27 +01:00
NIO
f77c2aafa0 fix(mattermost): truncate inbound preview on code-point boundary (#101630)
Co-authored-by: NIO <nocodet@mail.com>
Co-authored-by: Cursor <cursoragent@cursor.com>
2026-07-09 04:05:03 +01:00
wings1029
1825c9f890 fix: keep emoji intact at remaining text truncation boundaries (#101754)
* fix: keep emoji intact at remaining text truncation boundaries

Replace .slice(0, N) with truncateUtf16Safe() in five remaining
user-visible text truncation sites that were missed by earlier
UTF-16 safety sweeps:

- restart.ts: restart reason text (2 sites)
- chat-composer.ts: reply target text preview
- chat-thread.ts: thread text preview + message text extraction

All sites truncate user-generated content where emoji or other
supplementary-plane characters could produce lone surrogates.

Co-Authored-By: Claude <noreply@anthropic.com>

* fix: complete UTF-16-safe restart and chat boundaries

---------

Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 04:02:08 +01:00
Gio Della-Libera
30b3a7cded feat: add hosted feed envelope verifier (#98299)
* feat: add hosted feed envelope verifier

* refactor: share Ed25519 signature helpers

* fix: repair hosted feed verifier checks

* Use DSSE PAE for hosted feed envelopes

* Bound raw hosted feed signatures

* fix(feeds): verify decoded envelope payload bytes

* chore: refresh npm shrinkwrap baselines

* Revert "chore: refresh npm shrinkwrap baselines"

This reverts commit 448f05f6de.

---------

Co-authored-by: Patrick Erichsen <patrick.a.erichsen@gmail.com>
Co-authored-by: Gio Della-Libera <giodl@microsoft.com>
2026-07-08 19:27:56 -07:00
Jacob Tomlinson
9c86529e44 fix(comfy): allow private service hostnames (#99065)
* fix(comfy): allow private service hostnames

* fix(comfy): scope private hostname trust to origin

* test(comfy): use fetch-compatible response bodies

---------

Co-authored-by: joshavant <830519+joshavant@users.noreply.github.com>
2026-07-08 21:11:08 -05:00
Tobias Oort
0307deacfa feat(github-copilot): support GitHub Enterprise data-residency Copilot auth (#99221)
Adds GitHub Enterprise data-residency support to the existing bundled GitHub Copilot provider.

Maintainer proof:
- GitHub CI green on head 54010a6538
- `check-lint`, `check-additional-extension-bundled`, and `check-shrinkwrap` passed in CI
- local `pnpm lint:extensions:bundled`, `pnpm lint`, and focused GitHub Copilot Vitest passed
- AWS Crabbox proof passed
- live microsoft.ghe.com device-flow/token-exchange/model-catalog proof passed

Co-authored-by: Tobias Oort <tobias.oort@ict.nl>
Co-authored-by: Gio Della-Libera <235387111+giodl73-repo@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-07-08 18:59:41 -07:00
Peter Steinberger
f85d438164 fix(google-meet): keep Meet sessions on the agent that joined them (#102331)
* fix(google-meet): preserve routed agent across session reuse

* chore: defer google meet release note to release closeout

---------

Co-authored-by: Peter Steinberger <peter@steipete.me>
2026-07-08 18:52:04 -07:00
Vincent Koc
6630138598 chore(plugin-sdk): refresh API baseline 2026-07-08 17:51:24 -07:00
Peter Steinberger
eae3fc1a79 feat(xai): add Grok 4.5 support (#102316)
* feat(xai): add Grok 4.5 support

* chore: leave release notes to release automation
2026-07-09 01:39:03 +01:00
Vincent Koc
aad99747cd fix(onboard): omit empty provider request settings 2026-07-08 17:26:29 -07:00
Vincent Koc
d3ff48c51f test(nvidia): align guided secret metadata 2026-07-08 17:10:21 -07:00
Vincent Koc
c0d99ed26e fix(browser): preserve request lifetime on Node 24 2026-07-08 16:53:15 -07:00
Vincent Koc
eac4214ff8 fix(ci): stabilize npm shrinkwrap metadata 2026-07-08 15:55:50 -07:00
Vincent Koc
238be4b849 test(release): refresh beta3 gate expectations 2026-07-08 15:55:50 -07:00
Vincent Koc
45d0970a7d test(anthropic): cover Sonnet 5 CLI allowlist 2026-07-08 14:48:50 -07:00
Gio Della-Libera
7d82e5b658 Doctor: audit lint default selection (#100361)
Summary:
- audit Doctor lint default selection after the full lint-family backfill
- make legacy state, skills readiness, session transcripts, and session snapshots explicit-only for default lint
- document default lint vs --all/--only and keep plugin/SDK public contracts unchanged

Validation:
- Galin review: no blocking findings
- maintainer accepted the default-lint compatibility tradeoff in PR comment
- exact-head hosted gates passed for d5d88a0db1: CI#28976811444 and Workflow Sanity#28976811343
- local broad pnpm check was blocked by a shrinkwrap guard failure that reproduces on origin/main and is unrelated to this five-file Doctor diff

Co-authored-by: Gio Della-Libera <235387111+giodl73-repo@users.noreply.github.com>
2026-07-08 14:34:57 -07:00
Vincent Koc
e8c1780999 fix(ci): rewrite workspace deps for OCM installs 2026-07-08 14:33:33 -07:00
Vincent Koc
b63317d07e fix(ci): install workspace packages for Kova 2026-07-08 14:22:22 -07:00
Vincent Koc
686b6b51da test(release): refresh beta plugin expectations 2026-07-08 14:22:22 -07:00
Vincent Koc
7d0f9de907 fix(browser): preserve strict CDP discovery policy 2026-07-08 14:22:21 -07:00
Jason (Json)
5b52e2490a fix(gateway): refresh model availability from persisted auth (#102289) 2026-07-08 14:45:09 -06:00