Commit Graph

37458 Commits

Author SHA1 Message Date
xingzhou
babc287afe fix(slack): time out stalled external file uploads (#103442)
* fix(slack): time out stalled external file uploads

* fix(slack): scope external upload timeout

* fix(slack): restrict external upload transport

* fix(slack): restrict external upload transport

* fix(slack): preserve external upload retry safety

* test(slack): use compatible guarded fetch runtime

* test(plugin-sdk): update public export baseline

* fix(slack): harden external upload delivery

* refactor(slack): isolate upload completion

Keep ordinary Enterprise Grid traffic on the Bolt listener client. Use a team-scoped no-retry client only for one-shot external upload completion, while preserving the bounded raw-upload timeout and safe durable replay classification.

* fix(slack): refresh upload release metadata

* chore(slack): leave release notes release-owned

* fix(slack): classify failed uploads before completion

* fix(slack): keep upload completion untimed

* test(plugin-sdk): refresh public export baseline

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-10 23:52:35 +01:00
Bek
91ac7ca700 fix(tasks): repair legacy delivery statuses (#103946)
* fix(tasks): repair legacy delivery statuses

* docs(changelog): note task state migration repair

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-10 23:49:22 +01:00
Peter Steinberger
a0354e5243 fix(onboarding): make fresh AI setup reliable and transparent (#103962)
* fix(onboarding): harden inference setup

* fix(mac): preserve setup request cancellation

* test(crestodian): align setup audit expectation

* test(crestodian): cover approval persistence warning

* fix(crestodian): preserve setup credentials and success

* chore(pr): leave changelog to release flow

* fix(onboarding): repair native CI gates
2026-07-10 23:44:53 +01:00
qingminlong
4f1f7c6fb0 fix(nodes): resolve Unicode browser node names when configured by display name (#103548)
* fix-nodes-unicode-browser-node-names

* fix(nodes): preserve compact browser node selectors

* fix(nodes): normalize unicode node names canonically

* fix(nodes): scope compact browser selectors

* fix(nodes): preserve meaningful unicode marks

* chore: leave changelog updates to release automation

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-10 23:32:28 +01:00
SunnyShu
90250dcc9a fix(auth): repair stale orders and token health rollups (#98105)
* fix(auth): preserve token health after OAuth migration

After a user migrates from OAuth to a token/setup-token credential, the
gateway model-auth rollup reported the provider as missing, producing a
false "model auth expired" warning.

Rename aggregateOAuthStatus → aggregateRefreshableAuthStatus and
extract aggregateProfileStatus helper. OAuth remains authoritative when
present; token credentials are the fallback when no effective OAuth
profile exists. Empty effectiveProfiles stays authoritative (missing).
Token fallback applies regardless of expectsOAuth flag.

Fixes #97996

Co-authored-by: SunnyShu0925 <SunnyShu0925@users.noreply.github.com>

* test(auth): use fake token fixture

* fix(doctor): repair stale auth profile orders

* fix(doctor): inspect retained auth profile stores

* fix(doctor): harden retained auth store proof

---------

Co-authored-by: SunnyShu0925 <SunnyShu0925@users.noreply.github.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-10 23:11:01 +01:00
Peter Steinberger
3f402f2c48 fix(telegram): suppress replies superseded during adoption (#103965)
* fix(telegram): preserve supersession through async adoption

* fix(auto-reply): stop superseded queued turns after adoption

* test(telegram): use dispatcher delivery return type
2026-07-10 23:10:05 +01:00
xingzhou
6f6c802ea5 fix(infra): keep restart log tails UTF-16 safe (#103757) 2026-07-10 22:50:25 +01:00
Peter Steinberger
c3cd3a15d1 fix(nodes): correct system.which examples (#103960) 2026-07-10 22:45:54 +01:00
Peter Steinberger
d92d5774f5 fix(node): report Mac exec policy defaults (#103945) 2026-07-10 22:07:44 +01:00
pick-cat
997a564c28 fix(agents): apply stale-run liveness check to aborted subagent orphan recovery (#90817)
* fix(agents): apply stale-run liveness to aborted subagent orphan recovery

Skip stale unended subagent runs during orphan recovery and registry
restore, even when they carry abortedLastRun. Previously, restart-aborted
runs were exempt from the stale-unended age check, allowing hours-old
aborted child sessions to be resurrected after long downtime.

Fixes #90766

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

* fix(agents): finalize stale aborted runs instead of only skipping them

Previously the stale-run check in recoverOrphanedSubagentSessions only
incremented the skipped counter. Stale active runs were left unended
because scheduleOrphanRecovery only retries failedRuns, not skipped runs.

Now stale runs are finalized via finalizeInterruptedSubagentRun so they
don't remain orphaned in the registry.

Ref: #90766 review feedback

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

* fix(agents): await stale-run finalization in orphan recovery

Await finalizeInterruptedSubagentRun for stale aborted runs and report
failedRuns when finalization does not update the registry, so the
scheduler retry path can recover from finalization failures.

Co-authored-by: Cursor <cursoragent@cursor.com>

* test(agents): faithful restart-path proof for stale orphan recovery

Drive the real recoverOrphanedSubagentSessions against the real subagent
registry, the real isStaleUnendedSubagentRun policy, and a real on-disk
session store, mocking only the outbound gateway transport and transcript
reader. Proves finalizeInterruptedSubagentRun actually ends the stale
aborted run in the registry (endedAt set, outcome error) instead of
resuming it, while a fresh aborted run still resumes.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* chore: amend author email

* fix(agents): scope orphan finalization to run generation

* fix(agents): preserve stale restart recovery ownership

* test(agents): isolate restart recovery scheduling

* fix(agents): make stale restart finalization durable

* fix(agents): keep stale retries generation-scoped

* test(agents): await restart recovery scheduling

* fix(agents): verify interrupted finalization

* fix(agents): defer interrupted finalization during restart

* fix(agents): preserve lifecycle type narrowing

* style(agents): use nonmutating recovery ordering

* chore: keep release note in PR body

---------

Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com>
Co-authored-by: Cursor <cursoragent@cursor.com>
Co-authored-by: Pick-cat <266665499+Pick-cat@users.noreply.github.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-10 21:56:57 +01:00
Peter Steinberger
b81cc598bf fix(cli): run remote node commands through bundled MCP (#103936)
* fix(cli): expose node exec to bundled MCP

* fix(cli): preserve MCP exec run context

* fix(gateway): honor sender policy for CLI node exec

* fix(cli): bind canonical sender policy identity

* fix(gateway): bind CLI node exec policy context

* fix(cli): type policy provenance inputs

* fix(cli): preserve elevated node exec policy

* fix(cli): preserve spawned policy provenance

* chore: keep release note in PR
2026-07-10 21:51:34 +01:00
Peter Steinberger
9b1c36d23c fix: prevent exec approval revocation races (#103515)
* fix(security): serialize exec approval mutations

* fix(security): preserve additive approval writes

* test(cli): expect normalized approval shape

* fix(security): preserve exec approval compatibility

* test(security): exercise locked approval initialization

* test(security): mock serialized approval helpers

* test(exec): derive enforced command path from plan

* fix(gateway): always return approval CAS conflicts

* fix(macos): serialize exec approvals writes

* fix(security): repair approval build errors

* fix(security): serialize exec approval mutations

* fix(security): fail closed on approval persistence errors

* test(security): cover detached approval persistence failures

* fix(security): harden exec approval state

* style(macos): format exec approval sources

* fix(security): complete exec approval hardening

Co-authored-by: Coy Geek <65363919+coygeek@users.noreply.github.com>

* fix(macos): preserve approved login-shell semantics

* fix(macos): keep login shell approvals one-shot

* fix(security): linearize exec authorization

Co-authored-by: Coy Geek <65363919+coygeek@users.noreply.github.com>

* fix(security): preserve durable approval basis

Co-authored-by: Coy Geek <65363919+coygeek@users.noreply.github.com>

* fix(security): bind exec grants to current policy

Co-authored-by: Coy Geek <65363919+coygeek@users.noreply.github.com>

* test(security): fix exec revocation fixtures

* test(security): align gateway approval fixtures

* fix(macos): return approval decisions

* chore(i18n): sync native approval strings

* test(security): align approval hardening fixtures

* test(node): authorize completed event fixture

* test(security): fix approval decision fixtures

* test(security): await durable approval visibility

* fix(exec): preserve concurrent approval grants

* fix(exec): address exact-head CI failures

* fix(exec): preserve concurrent approval promotions

* fix(exec): make Swift shutdown state explicit

* test(macos): handle approval read failures

* fix(macos): harden approval socket paths

* fix(macos): preserve exact shell payload bytes

* test(macos): make approval fixtures explicit

* test(macos): fix approval suite compilation

* fix(macos): bound approval socket JSONL reads

* chore: move exec approval note to release process

* chore: move exec approval note to release process

---------

Co-authored-by: Coy Geek <65363919+coygeek@users.noreply.github.com>
2026-07-10 21:35:05 +01:00
Peter Steinberger
941bbec619 fix(cli): keep owner tools in local agent runs (#103922)
* fix(cli): preserve owner tools for local agent runs

* chore: leave changelog to release automation
2026-07-10 21:31:32 +01:00
Vincent Koc
99e1a6081b fix(gateway): restore suspension validation (#103925) 2026-07-10 13:20:45 -07:00
Josh Avant
5dffe21a12 fix(agents): preserve provider replay signatures (#103628) 2026-07-10 15:13:50 -05:00
Peter Steinberger
1bcc4c5e70 feat(gateway): add cooperative host suspension (#103618)
* feat(gateway): add cooperative suspension preparation

* style: satisfy suspension lint checks

* test(gateway): reset work admission between shared suites

* fix(gateway): reject upgrades during suspension

* fix(gateway): preserve admitted work during suspension

* test(gateway): isolate suspension and restart state

* fix(gateway): close suspension false-ready gaps

* refactor(protocol): slim suspension declaration graph

* refactor(plugin-sdk): sever protocol registry edges

* fix(gateway): preserve admitted restart follow-ups

* fix(gateway): make suspension recovery fail closed

* fix(protocol): keep validation formatter re-export only

* test(gateway): simplify deferred fixture type

* style(gateway): clarify suspension entry name

* fix(gateway): retain detached work admission
2026-07-10 20:24:53 +01:00
Peter Steinberger
e1934d968e fix(nodes): stop advertising a disabled browser proxy (#103894)
* fix(nodes): hide disabled browser proxy capability

* chore: defer node fix changelog to release

* chore: ratchet plugin SDK surface budget
2026-07-10 20:06:53 +01:00
pick-cat
fd5b121510 fix(terminal): strip no-argument C1 CSI sequences in sanitization (#103707)
* fix(terminal): strip no-argument C1 CSI sequences in sanitization

* test(agents): align shell-utils incomplete ANSI assertion with C1 CSI sanitization

* fix(terminal): parse CSI sequences without leaking output

* fix(terminal): preserve stripAnsi callback contract

* fix(terminal): sanitize Codex approval previews

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-10 19:57:14 +01:00
Peter Steinberger
92f3c35ee9 fix(cron): keep Unicode list columns aligned (#103889)
* refactor(cron): size table cells by display width

* docs(changelog): credit cron table fix

* fix(cron): sanitize Unicode table cells

* test(cron): cover fitting ZWJ table cells

* refactor(cron): format table cells consistently
2026-07-10 19:46:26 +01:00
Peter Steinberger
7a38f140a2 fix(node): approved local commands no longer fail identity validation (#103886)
* fix(node): preserve approval replay identity

* docs(node): explain replay identity boundary

* fix(node): reuse persisted replay identity

* chore(release): leave changelog to release automation
2026-07-10 19:31:11 +01:00
Vincent Koc
b56bad33f2 fix(logging): redact Telegram tokens across chunk boundaries (#103861) 2026-07-10 11:20:46 -07:00
Peter Steinberger
8f8934163b feat(ui): worktrees page owners and creation, structured snapshot failures, preserved-checkout cleanup (#103526)
* feat(ui): worktrees page owners and creation, structured snapshot failures, preserved-checkout cleanup

- Worktrees settings page gains an Owner column (manual/Workboard/session
  with a link into the owning chat) and a New worktree form with repo
  default, optional name, and a worktrees.branches-backed base picker
- non-forced worktrees.remove snapshot failures are a structured
  { removed: false, snapshotError } result (typed WorktreeSnapshotError in
  the service) instead of error-string sniffing in the UI
- deleting a session whose dirty/unpushed checkout was preserved now
  reports worktreePreserved through the session capability and offers an
  explicit force removal instead of silently orphaning the checkout

Part of #103431

* fix(ui): report preserved checkouts from batch session deletes

deleteMany now aggregates worktreePreserved results, and the Sessions
page surfaces one notice pointing at Settings -> Worktrees instead of
silently orphaning dirty checkouts during bulk deletion.

Part of #103431

* fix(ui): reconcile generated locale artifacts after rebase
2026-07-10 19:16:36 +01:00
joshavant
5b20013399 docs(security): clarify computer act authorization 2026-07-10 13:06:53 -05:00
mushuiyu886
5bb5e4fb0a fix(cron): preserve UTF-16 table boundaries (#103616)
* fix(cron): preserve table Unicode boundaries

* refactor(cron): size table cells by display width

* docs(changelog): credit cron table fix

* fix(cron): sanitize Unicode table cells

* fix(cron): keep table truncation UTF-16 safe

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-10 18:57:15 +01:00
Peter Steinberger
fd2a2411b9 feat(ui): sessions sidebar redesign with agent sections, smart groups, and draft sessions (#103498)
* feat(ui): sessions sidebar redesign with agent sections, smart groups, and draft sessions

- agents become collapsible top-level sidebar sections; expanding an agent
  browses its sessions without navigating, replacing the hidden scope select
- built-in smart groups: one section per channel (rows keep their chat
  titles), a Work section for worktree/exec-node sessions with a
  repo/branch/node subtitle, custom groups, and Chats
- session names never show raw keys or peer ids; DM fallbacks shorten ids,
  dashboard sessions read 'New session', unnamed work sessions read as
  their checkout
- one + opens the new-session draft dialog: agent, exec host (paired
  system.run nodes), folder, worktree toggle with base-branch picker
  (worktrees.branches) and optional name; the first message creates the
  session and starts the run in one sessions.create call
- custom group catalog/order moves to the gateway (sessions.groups.*) with
  a one-time localStorage migration; rename/delete update members
  server-side instead of client-side paging

Part of #103431

* fix(ui): resolve dragged sessions across browsed agent sections

Dropping a row dragged out of a non-active agent section now finds the
session in the per-agent row cache instead of only the active scope, so
the category patch is applied instead of silently doing nothing.

Part of #103431

* fix(ui): propagate group catalog changes to open clients

sessions.groups.put/rename/delete now always broadcast a groups-change
event, and the session capability reloads the gateway-owned catalog when
one arrives, so another browser's group create/reorder/rename/delete no
longer leaves this client on a stale snapshot for the rest of the
connection.

Part of #103431

* docs: restore new session dialog section after rebase

* fix(ui): translate new sidebar/session strings and refresh docs map

Real locale translations for the new-session dialog and sidebar keys
(the fallback gate requires zero recorded English fallbacks), plus the
regenerated docs map for the new Control UI section.

Part of #103431

* fix(ui): repair locale metadata after rebase conflict resolution

* fix(ui): merge mainline locale keys with the sidebar redesign strings

* fix(ui): refresh raw-copy baseline for mainline tool-card strings

* fix(ui): reconcile generated locale artifacts after rebase
2026-07-10 18:54:44 +01:00
Peter Steinberger
0855de48ec fix(agents): bind session rewrites to verified snapshots (#103848)
* fix(agents): bind session rewrites to verified snapshots

Co-authored-by: gucasbrg <buruguo2000@163.com>

* test: stabilize session rewrite race regression

---------

Co-authored-by: gucasbrg <buruguo2000@163.com>
2026-07-10 18:54:10 +01:00
ZOOWH
61893247ec fix(chutes): redact OAuth error response body (#103569)
* fix(chutes): redact OAuth error response body in token exchange and refresh

Replace readResponseTextLimited + raw body in error message with
extractProviderErrorDetail for bounded, redacted structured error detail.

Ref: #102953

* fix(chutes): update test assertions for extractProviderErrorDetail message format

* fix(chutes): remove unused readResponseTextLimited and CHUTES_OAUTH_ERROR_BODY_LIMIT_BYTES

* fix(chutes): normalize OAuth HTTP failures

* test(chutes): assert redaction without fixed mask

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-10 18:40:58 +01:00
Peter Steinberger
5aea34ad8c fix(webui): keep tool activity paired without model calls (#103821)
* fix(webui): make tool activity rendering deterministic

* fix(protocol): remove stale tool-title models

* fix(i18n): translate tool activity labels

* fix(i18n): translate tool activity labels
2026-07-10 18:21:08 +01:00
Peter Steinberger
5166967ace fix(plugins): harden official ClawHub provenance (#103836)
Co-authored-by: Jimmy Puckett <jimmy.puckett@spinen.com>
2026-07-10 18:07:17 +01:00
cavit99
5e250aac74 fix: A2A handoffs can duplicate message-tool replies (#97259)
* fix: stop A2A source-reply mirror duplicates

* fix(agents): harden A2A reply extraction

* fix(agents): preserve internal A2A source replies

* test(gateway): assert A2A mirror projection precisely

* test(agents): complete A2A payload fixtures

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-10 18:05:51 +01:00
Peter Steinberger
6154a42c0f test(audit): prove invalid date filters stop before RPC (#103833) 2026-07-10 18:03:22 +01:00
qingminlong
1d3d743b24 fix(grep): stop searches when canceled during tool startup (#103709)
* fix(grep): stop before ripgrep when aborted during setup

* fix(grep): check cancellation before ripgrep spawn

* fix(grep): make cancellation own process lifecycle

Co-authored-by: qingminlong <qing.minlong@xydigit.com>

* test(grep): use bound lifecycle assertions

Co-authored-by: qingminlong <qing.minlong@xydigit.com>

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-10 18:01:59 +01:00
qingminlong
bf02b611eb fix(sessions): reject malformed history offsets (#103594)
* fix(sessions): reject malformed history offsets

* test(sessions): prove invalid offsets stop before reads

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-10 18:00:31 +01:00
pick-cat
586df58bcc fix: allow stopping manual compaction (#90821)
* fix(compact): make queued manual compaction abortable

* fix(compact): own manual compaction lifecycle

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-10 17:59:27 +01:00
gucasbrg
2e742e3f8e fix(embedded-agent-runner): treat the run's own no-op in-place session rewrite as benign (#91797)
* fix(agents): accept byte-identical session rewrites

Co-authored-by: gucasbrg <buruguo2000@163.com>

* chore: keep changelog release-owned

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-10 17:57:25 +01:00
Peter Steinberger
5c260940bd fix: prevent CLI MCP children from widening sandbox tools (#103822)
* fix(gateway): bind CLI MCP grants to context

* chore: leave release changelog ownership intact
2026-07-10 17:44:29 +01:00
Peter Steinberger
97bbbc2271 feat(agents): derive a provider-declared default utility model when unset (#103769)
* feat(agents): derive a provider-declared default utility model when unset

When agents.defaults.utilityModel is not set, utility tasks (titles, progress
narration) now use the primary provider's declared small model
(modelCatalog.providers.<id>.defaultUtilityModel: OpenAI -> gpt-5.6-luna,
Anthropic -> claude-haiku-4-5). Auth is inherent because derivation follows
the agent's primary provider. Setting utilityModel to an empty string
disables utility routing entirely; narration turns on automatically when a
default resolves and stays off otherwise.

Formatting/lint/tests verified on Testbox (oxfmt, oxlint, plugins:inventory,
docs:map, import-cycles, check:test-types, 4 test files).

* fix(ai): drop the temperature parameter for models that reject it

The GPT-5.6 family 400s on temperature via the Responses API (live-verified:
gpt-5.6-luna/-terra reject it; gpt-5.5 and gpt-5.4-mini/nano accept it).
supportsOpenAITemperature gates all three OpenAI payload builders, with a
catalog compat override (compat.supportsTemperature) declared for the 5.6
family in the openai manifest. Without this, utility tasks (titles,
narration) would fail once gpt-5.6-luna becomes the derived default.

Gates on Testbox: oxfmt, oxlint, plugins:inventory, import-cycles,
check:test-types, 6 test files. Live proof on Testbox: gpt-5.6-luna and
claude-haiku-4-5 one-shot completions succeed with temperature requested.

* fix(agents): carry the primary model's auth profile onto the derived utility default

A primary like openai/gpt-5.5@work previously reached utility tasks via the
profiled fallback; the derived default shares the provider, so its trailing
auth profile carries over instead of silently switching to default
credentials (Codex review). Gates on Testbox: oxfmt, check:test-types, tests.

* docs: realign the manifest provider-fields table after adding defaultUtilityModel
2026-07-10 17:40:11 +01:00
Peter Steinberger
2d7472b3e4 fix(cron): emit scheduled events after durable wake changes (#103647)
* fix(cron): emit scheduled events after durable wake changes

* chore(changelog): defer cron note to release

* chore(docs): refresh plugin SDK baseline
2026-07-10 17:39:23 +01:00
Peter Steinberger
1dcbcce515 fix(docker): make workspace deps portable to Podman (#103814)
Fixes #103741. Reported and verified on amd64 Podman by @sallyom.
2026-07-10 17:33:28 +01:00
Peter Steinberger
fc2afc83da feat(webui): redesign tool-call rendering with inline diffs, group summaries, and cheap-model purpose titles (#103748)
Kind-aware tool rows (terminal-style commands with wrapper stripping and
display highlighting, file edits with inline numbered diffs and diffstat,
write previews, key-value args), aggregate group summaries with live run
status, and a new batched chat.toolTitles gateway RPC that titles complex
calls via the configured utilityModel or the OpenAI Luna default (gated to
OpenAI-primary agents, cached in the per-agent SQLite cache_entries).

Also fixes two transcript pairing bugs: result blocks now inherit call
id/name/details at merge time, and results pair with any open call in the
current tool run so parallel calls render as single rows.

Fixes #103554
2026-07-10 17:26:22 +01:00
maweibin
b7e7c27ef0 fix(agents): scope silent-error retry safety to current attempt (#97966)
* fix(agents): gate empty-error-retry on per-attempt side effects, not cumulative (#97877)

Derive currentAttemptReplayMetadata from per-attempt fields via
buildAttemptReplayMetadata so the retry gate can distinguish "this
model call had no tool side effects" from "cumulative session
replayMetadata carries prior-turn history".

Previously raw.replayMetadata was saved as currentAttemptReplayMetadata,
but attempt.ts already merges observedReplayMetadata with accumulated
session state before returning, so both fields carried the same
cumulative value — making the per-attempt check ineffective.

shouldRetrySilentErrorAssistantTurn prefers currentAttemptReplayMetadata
when available, falling back to replayMetadata for legacy harnesses.

Add regression coverage:
- 22→23 empty-error-retry tests (prior-side-effects + clean 5xx scenario)
- 111→114 incomplete-turn tests (currentAttemptReplayMetadata unit tests)

* fix(agents): harden silent retry replay gating

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-10 17:25:14 +01:00
Roy Osherove
40b3bbbba9 fix(compaction): allow compaction under aws-sdk auth with no static key (#103638)
The compaction safeguard treated a successful keyless auth resolution
(ok: true with neither apiKey nor headers) as missing credentials and
cancelled compaction. Bedrock providers using auth: "aws-sdk" sign
requests with SigV4 at send time and legitimately return no static key
or header, so every message on a session large enough to need compaction
failed with a false "could not resolve request credentials" error.

Trust the registry's ok:true success signal; it already returns ok:false
when auth genuinely cannot resolve. Add regression coverage for the
keyless SDK-managed auth path.

Co-authored-by: Roy Osherove <575051+royosherove@users.noreply.github.com>
2026-07-10 09:24:52 -07:00
qingminlong
cbfa7d4aa7 fix(audit): audit filters select wrong intervals when dates are invalid (#103433)
* fix(audit): reject invalid ISO timestamps in filters

* test(audit): cover strict date filter semantics

Co-authored-by: qingminlong <qing.minlong@xydigit.com>

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-10 17:14:26 +01:00
NianJiu
5ed8121fd1 fix(security): confine include permission remediation (#103267)
* fix(security): guard include permission scans

* fix(security): avoid include scan variable shadow

* test(security): cover allowed include audit roots

* test(security): track include audit temp dirs

* fix(security): preserve include scan boundaries

---------

Co-authored-by: NianJiuZst <180004567+NianJiuZst@users.noreply.github.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-10 17:14:08 +01:00
Wynne668
dd265e2c2a fix(skills): skill workshop apply hangs despite auto approval (#102530)
* fix: honor skill workshop auto approval without hook config

* test(skills): cover workshop config read failures

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-10 17:10:23 +01:00
Peter Steinberger
db39fe8072 fix(agents): allow Codex runtime for Codex provider (#103775) 2026-07-10 16:49:15 +01:00
xingzhou
4d004e2054 fix(logging): keep support diagnostics truncation UTF-16 safe (#103580)
* fix(logging): keep support diagnostics truncation UTF-16 safe

* docs(changelog): credit support diagnostics fix

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-10 16:43:47 +01:00
xydt-lcy
e0df20b0b3 fix(media): normalizeMediaSource should handle uppercase FILE:// URI schemes (#103490)
* fix: normalizeMediaSource should handle uppercase FILE:// URI schemes

URI schemes are case-insensitive per RFC 3986. normalizeMediaSource
only matched lowercase 'file://', so MEDIA:FILE:///tmp/generated.png
was left in assistant text instead of being extracted as a local
media attachment.

Replaced startsWith + replace with a case-insensitive regex to handle
FILE://, file://, and any mixed-case variant.

Fixes #103473

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

* fix(media): handle spaced uppercase file URLs

---------

Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-10 16:43:00 +01:00
Peter Steinberger
9b4c7c0991 test(openai): align auth contract with provider default (#103760) 2026-07-10 16:28:07 +01:00
Peter Steinberger
2d54be31ba feat(ui): detect session pull requests and pin status chips above the chat composer (#103600) 2026-07-10 16:23:28 +01:00