Commit Graph

67697 Commits

Author SHA1 Message Date
Peter Steinberger
7647d5cfbe perf(test): isolate session provider artifacts 2026-07-09 15:24:40 -04:00
abel-zer0
b47405954e fix(skills): preserve compact prompt descriptions (#88426)
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 20:23:05 +01:00
Vincent Koc
266ca5b3a2 fix(providers): publish Meta provider (#103070) 2026-07-09 12:11:56 -07:00
Peter Steinberger
11fa0cf2d5 fix(ci): honor Kova performance report contracts (#103030) 2026-07-09 20:08:25 +01:00
Shakker
8656c3b357 docs: note session workspace shortcut (#103064) 2026-07-09 19:30:37 +01:00
Shakker
fc107382b9 docs: document session workspace shortcut 2026-07-09 19:30:37 +01:00
Shakker
88f2785a0f test: cover session workspace shortcut hint 2026-07-09 19:30:37 +01:00
Shakker
fe8e0bd508 test: cover session workspace keyboard shortcut 2026-07-09 19:30:37 +01:00
Shakker
d909af51a0 test: cover session workspace toggle 2026-07-09 19:30:37 +01:00
Shakker
56a398725d feat: show session workspace shortcut 2026-07-09 19:30:37 +01:00
Shakker
60f25c31c6 feat: toggle session workspace from keyboard 2026-07-09 19:30:37 +01:00
Shakker
58f53ed326 refactor: centralize session workspace toggle 2026-07-09 19:30:37 +01:00
Gio Della-Libera
188d109eda feat: show marketplace feed trust state (#98350) 2026-07-09 11:27:04 -07:00
Vincent Koc
a9578436de fix(ci): accept valid Kova PASS records without violations (#103002) 2026-07-09 11:05:32 -07:00
Gio Della-Libera
9f248969f6 Verify signed marketplace feed refresh (#98338)
* feat: verify signed marketplace feed refresh

* test: fix signed marketplace feed CI

* Guard signed feed refresh trust state

* test(feeds): sign decoded hosted feed payloads

* fix(feeds): make signed snapshot writes monotonic

---------

Co-authored-by: Patrick Erichsen <patrick.a.erichsen@gmail.com>
Co-authored-by: Gio Della-Libera <giodl@microsoft.com>
2026-07-09 10:46:06 -07:00
Peter Steinberger
745b8c315e fix(codex-supervisor): ship CLI metadata entry (#102803)
* fix(codex-supervisor): ship CLI metadata entry

* chore: keep release notes in PR body

---------

Co-authored-by: Peter Steinberger <peter@steipete.me>
2026-07-09 10:31:47 -07:00
mushuiyu886
b714fdb3ae fix(sandbox): keep redacted session keys UTF-16 safe (#102969)
* fix(sandbox): keep redacted session keys UTF-16 safe

* test(sandbox): cover UTF-16 redaction boundaries

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 18:31:21 +01:00
Hamid Shojanazeri
08a957e0ae feat(providers): add Meta Model API - muse-spark-1.1 (#102873)
* feat(providers): add Meta Model API - muse-spark-1.1

Adds meta-model-api provider via bundled extension:
- extensions/meta-model-api/ (provider, catalog, stream, thinking, onboarding)
- docs/providers/meta-model-api.md
- core wiring: env-api-keys, zod-schema, provider-display-names, dotenv, provider-env-vars

Model: meta-model-api/muse-spark-1.1 (Responses API at https://api.ai.meta.com/v1)
Auth: MODEL_API_KEY (Bearer)
Default reasoning: high, maps --thinking off -> minimal (model rejects none)

Fix: bump live test maxTokens 200->4000 (high reasoning uses ~300 tokens for reasoning alone)

Co-authored-by: Meta

* fix(meta-model-api): clean reasoning lint

* test(meta-model-api): align live proof checks

* chore(meta-model-api): bundle provider metadata

* docs: fix Meta Model API setup wording

* docs: format Meta Model API provider page

---------

Co-authored-by: Dave Morin <dave@morin.com>
Co-authored-by: Colin <colin@solvely.net>
Co-authored-by: Josh Lehman <josh@martian.engineering>
2026-07-09 10:27:09 -07:00
mushuiyu886
b451d8b5e5 fix(workshop): keep approval target names UTF-16 safe (#102963)
* fix(workshop): keep approval target names UTF-16 safe

* test(workshop): tighten UTF-16 approval regression

* test(workshop): mirror approval budget exactly

* docs(plugins): correct approval description limit

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 18:26:08 +01:00
mushuiyu886
88acda11b8 fix(nextcloud-talk): keep error snippets UTF-16 safe (#102949)
* fix(nextcloud-talk): keep error snippets UTF-16 safe

* test(nextcloud-talk): assert exact safe error

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 18:21:26 +01:00
Peter Steinberger
8c78e1c035 fix(cli): keep session key truncation UTF-16 safe (#103010) 2026-07-09 18:17:09 +01:00
zhangqueping
921b6c1e2d fix(agent-runner-memory): use truncateUtf16Safe for memory flush error truncation (#102685)
* fix(agent-runner-memory): use truncateUtf16Safe for memory flush error truncation

Replace raw UTF-16 slices in buildMemoryFlushErrorPayload and
truncateMemoryFlushErrorMessage with truncateUtf16Safe to prevent
surrogate pair splitting in error messages shown to users.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

* test(auto-reply): cover UTF-16-safe memory errors

* test(auto-reply): tighten UTF-16 memory error coverage

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 18:13:49 +01:00
Peter Steinberger
5013f4a166 test(ui): harden device token revoke flow (#103016) 2026-07-09 18:12:14 +01:00
xingzhou
f1e7081b4d fix(active-memory): recall context breaks when recent turns contain emoji (#102877)
* fix(active-memory): keep recall query snippets utf16-safe

* test(active-memory): exercise recall hook for utf16 bounds

* test(active-memory): detect only unpaired surrogates

* fix(active-memory): bound timeout partials safely

Co-authored-by: 张贵萍0668001030 <zhang.guiping@xydigit.com>

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 18:03:34 +01:00
Josh Lehman
2367511310 docs: refresh contributing maintainer roster (#102998) 2026-07-09 10:02:23 -07:00
Peter Steinberger
cd50d4983b test(ci): serialize real TUI PTY backends (#103006) 2026-07-09 17:55:39 +01:00
Peter Steinberger
372b527da4 fix(ci): back off OCM asset retries (#102996) 2026-07-09 17:38:47 +01:00
wendy
5f77553f6c fix(heartbeat): remove static iteration cap in seekNextActivePhaseDueMs (#96684)
* fix(heartbeat): remove static iteration cap in seekNextActivePhaseDueMs

* fix(heartbeat): floor seek step at 60s to bound active-hours seek iterations

The static MAX_SEEK_ITERATIONS cap (10,080 ≈ 7 days / 1 min) was removed
in the previous fix but replaced the risk with unbounded iteration for
sub-minute intervals.  Floor the seek step at 60s via MIN_SEEK_STEP_MS
so the loop is always bounded by MAX_SEEK_HORIZON_MS / 60_000 = ~10,080
iterations regardless of the configured intervalMs.  Active-hours windows
are minute-granular, so finer steps add no precision.

* fix(heartbeat): batch seek in whole-interval multiples to preserve phase alignment

Use the smallest intervalMs multiple >= 60s as the seek step so every
candidate checked is reachable from startMs by whole intervalMs steps.
This fixes the phase-alignment regression from the previous fix where
Math.max(intervalMs, 60_000) could return off-phase slots for non-divisor
sub-minute intervals like 45s.

Added a regression test for 45s interval to verify the returned candidate
is phase-aligned.

* fix(heartbeat): check every phase candidate, bound only by 1M-iter safety cap

Drop batched seeking (intervalMs-multiple steps) because any multiplier > 1
can skip phase slots inside narrow active windows.  Instead check every
phase candidate, with a 1M-iteration safety cap that prevents event-loop
stalls from sub-ms intervals while covering the full 7-day horizon for
intervals >= 605ms.

Added regression test for 59s interval / 1min active window where batched
steps (118s) would skip from 08:59:44 past 09:00:43 to 09:01:42.

* fix(heartbeat): bound sub-second seek with batch-step + backward-walk

Replace the 1M-iteration per-candidate cap with a two-tier strategy:
- intervalMs >= 1s: per-candidate scan (naturally bounded by horizon)
- intervalMs < 1s: batch in whole-interval multiples >= 1s, with
  backward walk on inactive->active transitions to find the earliest
  phase-aligned active slot

Max iterations <= 604,800 in all cases (~10 ms for trivial predicates,
~0.6-6 s for production isWithinActiveHours with Intl.DateTimeFormat).

Added tests:
- Sub-second interval, startMs already active -> returns directly
- Sub-second interval, inactive->active transition -> backward walk
  finds earliest phase-aligned slot

* fix(heartbeat): unify seek at >= 30s batch step, max 20,160 predicate calls

Use a single batched-seek path for all intervals: step in whole-interval
multiples >= 30 s with backward walk on inactive->active transitions.

For intervalMs >= 30 s (30 s, 59 s, 60 s+): multiplier = 1, effectively
per-candidate with no batch overhead.

For intervalMs < 30 s (1 s, 500 ms, 1 ms): batched at >= 30 s, backward
walk finds the first active phase-aligned slot in the window.

Max predicate calls <= 20,160 for any interval (30 s minimum step /
7-day horizon). Production isWithinActiveHours (Intl.DateTimeFormat)
cost: ~20–200 ms worst case vs 0.6–6 s for the per-candidate approach.

* fix(heartbeat): bound active-hours seek cost

* fix(heartbeat): resolve current main

* test(heartbeat): isolate active-window regression

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 17:37:32 +01:00
Vincent Koc
afe00f6c7b fix(test): tolerate Docker heartbeat clock rollover (#102986) 2026-07-09 09:35:07 -07:00
Vincent Koc
d18e48c928 fix(ci): ignore profiling-only resource gate failures (#102894) 2026-07-09 09:22:11 -07:00
Peter Steinberger
44ee7b3fa6 test(ci): harden live tool nonce retries (#102980) 2026-07-09 17:17:09 +01:00
lin-hongkuan
148ec3282f fix: require env resolution for web provider refs (#96400)
* fix: require env resolution for web provider refs

* chore: retrigger PR checks

---------

Co-authored-by: lin-hongkuan <lin-hongkuan@users.noreply.github.com>
2026-07-09 17:10:22 +01:00
tayoun
4f9a371c95 fix(launchd): verify profile updater jobs by metadata (#97264)
* fix(launchd): verify profile updater jobs by metadata

* fix(launchd): bind updater proof to job metadata

---------

Co-authored-by: Peter Steinberger <peter@steipete.me>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 16:55:23 +01:00
Chunyue Wang
f6c16d22b4 fix(agents): isolated cron busts prompt prefix cache via per-run session id (#96686)
* fix(agents): isolated cron busts prompt prefix cache via per-run session id

Isolated cron runs carry a per-run :run:<id> session scope (#91685) rendered
verbatim into the cached system-prompt Runtime line, re-busting byte-exact
prefix caching for the tool catalog after it every run (#96677, #43148 class).
buildRuntimeLine now renders the stable base session key and drops the per-run
id the run scope duplicates; parseCronRunScopeSuffix is gated to the
isolated-cron key shape so a :run: segment in any other session key is never
truncated.

* fix(agents): preserve mixed-case cron run markers

* test(agents): cover rotated cron session identity

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 16:51:04 +01:00
Qiong
ef53c20497 fix(oauth): remove base64 obfuscation from public OAuth client IDs (#96537) 2026-07-09 16:45:03 +01:00
Peter Steinberger
491e1e5f10 fix(ci): sync Nodes raw-copy baseline (#102968) 2026-07-09 16:43:00 +01:00
Peter Steinberger
d8d369b065 feat(macos): open dashboard links in a sidebar browser (#102899)
* feat(macos): add dashboard link browser

* fix(macos): preserve browser navigation state

* fix(macos): preserve accessible external link activation

* fix(macos): preserve trusted editor handoff

* docs: refresh dashboard link map

* chore: keep dashboard release note in PR

* fix(macos): harden sidebar browser lifecycle
2026-07-09 16:40:50 +01:00
Kyle Klouzal
2e160718d4 test(gateway): harden watch regression diagnostics (#95473)
Co-authored-by: kklouzal <kklouzal@users.noreply.github.com>
2026-07-09 16:36:31 +01:00
Peter Steinberger
20816f676f feat(voice): universal talk waveform driven by real audio levels (#102901)
* feat(voice): universal talk waveform driven by real audio levels

One shared Siri-style talk animation across iOS, watchOS, macOS, and
Android (TalkWaveformView + exact Compose port), replacing per-platform
fakes: synthetic speaking pulses, constant speech-detected power, static
Android bar rows, flat realtime listening. Listening/recording follow
live mic levels on every route; agent speech follows the real playback
envelope (AVAudioPlayer metering + playback-aligned PCM envelope +
WebRTC stats); voice-note recording shows a live capture wave.

* fix(android): order waveform imports and sync native i18n inventory

* chore(i18n): resync native inventory after rebase
2026-07-09 16:33:25 +01:00
Peter Steinberger
3c048ef052 fix(browser): preserve no-display launch diagnostics (#102946)
* fix(browser): preserve no-display launch diagnostics

* chore: keep changelog release-owned
2026-07-09 16:26:18 +01:00
Peter Steinberger
d5fb4903f1 fix(browser): reject credentialed page URLs safely (#102952)
Co-authored-by: bitkyc08 <bitkyc08@gmail.com>
2026-07-09 16:23:17 +01:00
Pavan Kumar Gondhi
436ed5f308 fix: redact diagnostics config with schema hints (#102426) 2026-07-09 20:49:21 +05:30
Wynne668
baa009e26f fix(imessage): cap per-chat group-allowlist warn-once cache (#102658)
* fix(imessage): cap per-chat group-allowlist warn-once cache

Replace unbounded perChatWarned Set with createDedupeCache(maxSize=512)
to keep long-running iMessage monitor memory stable. The cache grows
with every distinct group chat the gateway sees; without a cap it can
accumulate entries indefinitely.

Co-Authored-By: Claude <noreply@anthropic.com>

* fix(imessage): prove warning cache eviction

---------

Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 16:16:03 +01:00
Peter Steinberger
14558dee87 fix: let Codex start with computer control enabled (#102944)
* fix(agents): make computer schema Codex-compatible

* docs(changelog): note Codex computer schema fix
2026-07-09 16:15:24 +01:00
buming
12ceefcb03 fix(i18n): add device/node pairing terms to zh-CN glossary (#61396)
Add explicit Simplified Chinese glossary terms for the separate device- and node-pairing workflows and preserve the four CLI commands verbatim during translation.

Thanks @zeuming.
2026-07-09 16:11:30 +01:00
Peter Steinberger
8245ae4278 test(whatsapp): freeze reconnect boundary clock (#102942) 2026-07-09 16:11:27 +01:00
Pavan Kumar Gondhi
9775f09194 fix: scope ACP search path approvals [AI] (#102416)
* fix: scope acp search path approvals

* fix: include acp search locations in approval scope

* fix: keep acp read path approval unchanged

* fix: keep acp search title text display-only

* fix: parse explicit acp search title paths
2026-07-09 20:33:18 +05:30
Peter Steinberger
36227737c5 fix(slack): preserve standalone reply anchors (#102905)
Co-authored-by: ZengWen-DT <ceng.wen@xydigit.com>
2026-07-09 15:56:52 +01:00
Peter Steinberger
a99ecff78a fix(plugins): enforce own install record lookups (#102872)
* fix(plugins): enforce own install record lookups

Co-authored-by: Alix-007 <li.long15@xydigit.com>

* test(plugins): use valid prototype-key package fixtures

---------

Co-authored-by: Alix-007 <li.long15@xydigit.com>
2026-07-09 15:54:21 +01:00
Peter Steinberger
4bf348bec8 test(ui): isolate chat pane custom-element registration (#102869)
* test(ui): isolate chat pane registration

* test(ui): document shared registry invariant

* test(ui): isolate chat page environment
2026-07-09 15:54:03 +01:00