Commit Graph

37179 Commits

Author SHA1 Message Date
Ayaan Zaidi
e4949996d1 fix(agents): apply provider-class idle ceilings to explicit run budgets 2026-07-09 14:26:05 +05:30
Ayaan Zaidi
048f2096d2 fix(agents): keep provider-class idle tiers under agent budgets and cron 2026-07-09 14:26:05 +05:30
Ayaan Zaidi
28e53b6817 fix(config): allow timeoutSeconds 0 and bound local stream creation 2026-07-09 14:26:05 +05:30
Ayaan Zaidi
215be4e4ee fix(agents): keep finite LLM idle watchdog under unlimited run budgets 2026-07-09 14:26:05 +05:30
Ayaan Zaidi
c2789b52a7 fix(agents): respect the blocked-tool floor in stale takeover and steer gates 2026-07-09 14:26:05 +05:30
Ayaan Zaidi
480b5cbc67 fix(agents): expire live-handle stuck recovery as run_stalled 2026-07-09 14:26:05 +05:30
Ayaan Zaidi
eedeb1eccb fix(agents): fall stale_run steer refusals through to direct delivery 2026-07-09 14:26:05 +05:30
Ayaan Zaidi
969efdac4f fix(agents): make run liveness evidence-based 2026-07-09 14:26:05 +05:30
Ayaan Zaidi
953f1c7d0c fix(auto-reply): stamp activity per event and deprecate recovery exports 2026-07-09 14:26:05 +05:30
Ayaan Zaidi
f178553df6 refactor(auto-reply): drop injection activity stamp and orphaned recovery exports 2026-07-09 14:26:05 +05:30
Ayaan Zaidi
4cbe49ba88 fix(auto-reply): set run_stalled before backend cancel in stale expiry 2026-07-09 14:26:05 +05:30
Ayaan Zaidi
ad32cc3607 fix(auto-reply): stamp CLI activity once at the lifecycle bridge seam 2026-07-09 14:26:05 +05:30
Ayaan Zaidi
19803a147f fix(auto-reply): bound terminal reply-run settle and reclaim stale lanes 2026-07-09 14:26:05 +05:30
Ted Li
f984209f54 fix: keep Gemini thinking disabled after clamp (#101832)
* fix: keep Gemini thinking disabled after clamp

* fix: preserve clamped Gemini thinking in wrapper

* test(ai): cover generic Gemini clamp to off

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 09:54:52 +01:00
Supsumintong
574f131554 fix(web-fetch): report exact-limit response bodies as complete, not truncated [AI-assisted] (#102389)
* fix(web-fetch): report exact-limit response bodies as complete, not truncated

* fix(web-fetch): skip zero-byte chunks when confirming overflow past the byte cap

* fix(web-fetch): keep uncertain capped bodies truncated

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 09:51:46 +01:00
qingminlong
5a3422ea8d fix(schema): resolve large local refs in schema arrays (#102195)
* fix(schema): resolve large local refs in schema arrays

* fix(schema): type large local ref fixture

* style(schema): format large local ref regression

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 09:51:30 +01:00
Peter Steinberger
8a7242461c fix(nodes): restore Mac app allowlist execution (#102536)
* fix(nodes): restore macOS app allowlist execution

* chore: keep node fix out of release changelog
2026-07-09 09:36:36 +01:00
lsr911
49a5b6a235 fix(compaction): use truncateUtf16Safe for post-compaction context text (#102515)
* fix(compaction): use truncateUtf16Safe for post-compaction context text

Replace naive .slice(0, maxContextChars) with truncateUtf16Safe()
to prevent surrogate pair splitting in post-compaction context
summaries sent to the model.

Co-Authored-By: Claude <noreply@anthropic.com>

* test(compaction): prove context UTF-16 boundary

---------

Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 09:32:05 +01:00
lsr911
8c608ae674 fix(gateway): use truncateUtf16Safe for config path display truncation (#102513)
* fix(gateway): use truncateUtf16Safe for config path display truncation

Replace naive .slice(0, 117) with truncateUtf16Safe() to prevent
surrogate pair splitting in config path sanitization output.

Co-Authored-By: Claude <noreply@anthropic.com>

* test(gateway): prove config path UTF-16 boundary

---------

Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 09:29:57 +01:00
lsr911
720aeb1547 fix(config): use truncateUtf16Safe for allowed-values hint text (#102512)
* fix(config): use truncateUtf16Safe for allowed-values hint text

Replace naive .slice(0, N) with truncateUtf16Safe() to prevent
surrogate pair splitting in config validation hint messages
shown to users.

Co-Authored-By: Claude <noreply@anthropic.com>

* test(config): prove UTF-16 allowed-value hint boundary

---------

Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 09:28:25 +01:00
lsr911
d0c49a7ad4 fix(mcp-runtime): use truncateUtf16Safe for MCP metadata text truncation (#102500)
* fix(mcp-runtime): use truncateUtf16Safe for MCP metadata text truncation

Replace naive .slice(0, N) with truncateUtf16Safe() to prevent
surrogate pair splitting in MCP tool metadata descriptions shown
to users through the bundle MCP runtime catalog.

Co-Authored-By: Claude <noreply@anthropic.com>

* test(mcp-runtime): cover UTF-16 metadata boundary

* style(mcp-runtime): keep imports grouped

---------

Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 09:24:40 +01:00
mushuiyu886
240d350c7f fix(gateway): finish plugin HTTP responses after post-header failures (#102125)
* fix(gateway): finish plugin HTTP responses after post-header failures

* test(gateway): satisfy plugin HTTP regression lint

* fix(gateway): skip ending destroyed plugin responses

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 09:22:32 +01:00
chengzhichao-xydt
51bb5f6847 fix(agents): keep provider error detail truncation UTF-16 safe (#102496)
* fix(agents): keep provider error detail truncation UTF-16 safe

Replace the raw detail.slice(0, limit - 1) in truncateErrorDetail with
truncateUtf16Safe so provider error previews do not emit lone surrogates
when an emoji falls on the truncation boundary.

Adds a regression test that places an emoji at the default truncation
boundary and asserts the formatted detail contains no lone surrogates.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* test(agents): prove provider error UTF-16 boundary

---------

Co-authored-by: chengzhichao-xydt <chengzhichao-xydt@users.noreply.github.com>
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 08:44:29 +01:00
xydt-tanshanshan
f0d4d4f2fc fix(talk): use truncateUtf16Safe for LLM-prompt-facing text truncation (#102477)
* fix(talk): use truncateUtf16Safe for snippet text truncation

fast-context-runtime.ts normalizeSnippet and heartbeat-events-filter.ts
buildExecEventPrompt used raw .slice(0, N), which can produce lone
surrogates when truncation boundaries cross emoji surrogate pairs.

* test(talk): cover UTF-16 snippet boundary

---------

Co-authored-by: hailory <hailory@xydigit.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
Co-authored-by: Peter Steinberger <peter@steipete.me>
2026-07-09 08:39:38 +01:00
wings1029
e5aefd5656 fix(gateway): keep live chat assistant buffer tail truncation UTF-16 safe (#102484)
* fix(gateway): keep live chat assistant buffer tail truncation UTF-16 safe

* test(gateway): cover UTF-16 tail cap through merge path

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 08:37:50 +01:00
Peter Steinberger
3b418bdef6 perf(test): avoid repeated model manifest scans 2026-07-09 03:34:37 -04:00
qingminlong
b40e5b974f fix(cli): clarify nodes invoke params errors (#101838) 2026-07-09 08:33:47 +01:00
Ayaan Zaidi
f246fa3901 test(agents): fix cross-file mock and module-state leakage in auth-profiles suite 2026-07-09 12:59:54 +05:30
wings1029
f0cc5e500f fix(auto-reply,infra): keep startup context and heartbeat event text UTF-16 safe (#102483)
* fix(auto-reply,infra): keep startup context and heartbeat event text UTF-16 safe

* test: strengthen UTF-16 truncation coverage

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 08:23:00 +01:00
Vincent Koc
04b64ffc19 test(release): align live model priority indices 2026-07-09 00:17:55 -07:00
Peter Steinberger
c20ce00d19 perf(test): restore cleanup-safe TUI PTY concurrency 2026-07-09 03:05:07 -04:00
zw-xysk
a6d45c46de fix(gateway): keep chat history display text truncation surrogate-safe (#102470)
* fix(gateway): keep chat history display text truncation surrogate-safe

truncateChatHistoryText uses slice(0, N) to truncate chat history text
for the Control UI. When the truncation boundary falls inside a UTF-16
surrogate pair (emoji, CJK extended), the resulting string contains a
dangling surrogate that browsers render as U+FFFD (�).

Replace slice(0, maxChars) with truncateUtf16Safe(text, maxChars) so
the truncation point always falls on a complete code-point boundary.

* test(gateway): cover chat display UTF-16 boundary

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 08:04:34 +01:00
lsr911
4fa3118049 fix(native-hook-relay): use truncateUtf16Safe for hook display text truncation (#102467)
* fix(tool-policy-audit): use truncateUtf16Safe for audit field truncation

Replace naive .slice(0, MAX) with truncateUtf16Safe() to prevent
surrogate pair splitting in tool policy audit log output.

Co-Authored-By: Claude <noreply@anthropic.com>

* fix(native-hook-relay): use truncateUtf16Safe for hook display text truncation

Replace naive .slice(0, N) truncation with truncateUtf16Safe() in:
- truncateText() helper (covers 4 call sites for tool display text)
- Inline hook result truncation (...[truncated] suffix)

Prevents surrogate pair splitting in native hook relay display
output (tool names, commands, descriptions shown to users).

Co-Authored-By: Claude <noreply@anthropic.com>

* test(agents): cover hook relay UTF-16 boundaries

---------

Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 08:03:19 +01:00
lsr911
472e5167d3 fix(tool-policy-audit): use truncateUtf16Safe for audit field truncation (#102464)
* fix(tool-policy-audit): use truncateUtf16Safe for audit field truncation

Replace naive .slice(0, MAX) with truncateUtf16Safe() to prevent
surrogate pair splitting in tool policy audit log output.

Co-Authored-By: Claude <noreply@anthropic.com>

* test(agents): cover audit UTF-16 boundary

---------

Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 08:02:16 +01:00
chengzhichao-xydt
bc6a4bdd94 fix(agents): keep tool-result context guard truncation UTF-16 safe (#102466)
* fix(agents): keep tool-result context guard truncation UTF-16 safe

Replace the raw text.slice(0, cutPoint) in truncateTextToBudget with
truncateUtf16Safe so oversized tool results do not emit lone surrogates
when an emoji falls on the truncation boundary.

Adds a regression test that places an emoji exactly at the legacy cut
point and asserts the truncated output contains no lone surrogates.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* fix(agents): report surrogate-safe omitted count

---------

Co-authored-by: chengzhichao-xydt <chengzhichao-xydt@users.noreply.github.com>
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 07:59:08 +01:00
kevinlin-openai
245b91b83d feat(slack): support Enterprise Grid org installs (#102372)
* feat(slack): support Enterprise Grid org installs

* docs: refresh generated docs map

* fix(slack): satisfy enterprise routing CI

* fix(slack): accept org auth without app id

* docs(plugin-sdk): document channel policy hooks

* fix(slack): reuse canonical sender for enterprise replies

* test(slack): fix enterprise sender lint

---------

Co-authored-by: Kevin Lin <kevin@dendron.so>
2026-07-08 23:53:19 -07:00
qingminlong
b20b02a476 fix(tool-payload): enforce UTF-8 byte limits for serialized payloads (#102450)
* fix(tool-payload): reject oversized XML payload bytes

* fix(tools): enforce serialized payload byte limits

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 07:47:23 +01:00
Ayaan Zaidi
20f355f236 fix(agents): adopt relogged credential inside locked cas-miss recovery 2026-07-09 12:04:24 +05:30
Ayaan Zaidi
2b98aec9ef fix(agents): stop auth bookkeeping from clobbering rotated oauth credentials 2026-07-09 12:04:24 +05:30
Tianning Li
583ca34bf8 feat(stepfun): add step-3.7-flash model (#88082)
* feat(stepfun): add step-3.7-flash model and make it default

* fix(stepfun): set step-3.7-flash cacheRead cost to 0.04

* fix(stepfun): raise step-3.7-flash maxTokens to context limit

Output was artificially capped at 65536; StepFun docs set max_tokens
default to INF, bounded only by the 256K context window. Raise
step-3.7-flash maxTokens to 262144 on both stepfun and stepfun-plan,
matching contextWindow. Per models.dev anomalyco/models.dev#1903.
step-3.5-flash entries unchanged.

* fix(stepfun): zero step-plan step-3.7-flash cost for plan billing

Step Plan endpoint bills per subscription plan, not per token, matching
the sibling stepfun-plan/step-3.5-flash and step-3.5-flash-2603 entries
which already carry zero cost. Standard stepfun/step-3.7-flash keeps its
per-token rate. Per models.dev anomalyco/models.dev#1903, whose step-plan
providers omit cost entirely.

* docs(changelog): note StepFun 3.7 support

* style(stepfun): format provider table

* fix(stepfun): forward reasoning effort

* fix(stepfun): scope reasoning compat to 3.7

* test(stepfun): keep 3.5 reasoning compat unchanged

* fix(stepfun): carry off fallback through agent turns

* fix(stepfun): use documented token limit field

* fix(stepfun): match chat completions contract

* chore(stepfun): keep changelog release-owned

---------

Co-authored-by: Tianning Li <litianning@stepfun.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 07:14:46 +01:00
wm0018
7de325d060 fix: keep task title truncation UTF-16 safe in restart/diagnostic output (#101934)
* fix: keep task title truncation UTF-16 safe in restart/diagnostic output

Three private copies of formatTaskBlocker share the same pattern —
task.title.slice(0, 80) — which can split surrogate pairs in task
titles, producing broken U+FFFD in restart blocker diagnostics,
gateway reload logs, and CLI run-loop output.

Replace raw slice with truncateUtf16Safe in all three locations.

Relevant files:
- gateway/server-reload-handlers.ts:270
- infra/restart-coordinator.ts:73
- cli/gateway-cli/run-loop.ts:569

* refactor(tasks): centralize restart blocker formatting

* fix(tasks): keep restart formatter side-effect free

* refactor(tasks): tighten restart blocker ownership

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 07:10:25 +01:00
zw-xysk
cc961001f3 fix(security): keep channel-metadata and install-policy truncation surrogate-safe (#102266)
* fix(security): keep channel-metadata and install-policy truncation surrogate-safe

channel-metadata.ts and install-policy.ts both had private truncateText
functions using String.prototype.slice(0, N) on user-visible text.
channel-metadata is explicitly user-controlled untrusted content that gets
injected into LLM prompt context -- a dangling surrogate from unsafe
truncation would corrupt the prompt with invalid Unicode, affecting token
counting and potentially LLM response quality.

Replace .slice(0, ...) with truncateUtf16Safe(...) in both files so the
truncation point always falls on a complete code-point boundary.

Add test coverage for buildUntrustedChannelMetadata with emoji at both
the entry-level (400-char) and outer (800-char) truncation boundaries.

* test(security): prove UTF-16 truncation boundaries

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 06:31:06 +01:00
Peter Steinberger
5533d979d4 feat: add follow-up task suggestions (#102422)
* feat(tools): add follow-up task suggestions

* chore: leave changelog to release flow

* fix(tools): add task suggestion display metadata

* fix(tools): update task suggestion display snapshot

* docs: format task suggestion tool table

* test(gateway): expect compaction worktree workspace

* test(gateway): preserve configured compaction workspace

* fix(ui): translate task suggestions
2026-07-09 06:30:01 +01:00
wm0018
9b4cbe4758 fix(agents): keep chunkString and buildResumeMessage truncation UTF-16 safe (#102085)
* fix(agents): keep chunkString and buildResumeMessage truncation UTF-16 safe

* fix: preserve code points in agent output chunks

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 05:54:08 +01:00
Peter Steinberger
d6ec1c6cea fix(secrets): prevent capture and sentinel credential retention (#102420)
* fix(secrets): harden sentinel capture lifecycle

* chore: leave release notes to release automation
2026-07-09 05:50:28 +01:00
Dave Fano
b502554f6c Suppress failed tool progress in Discord (#92517)
* fix(discord): suppress failed tool progress

Co-authored-by: davefano-agents@teal-03-mst-m2u-wheeljack <davefano-agents@users.noreply.github.com>

* chore: leave changelog to release

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
Co-authored-by: davefano-agents@teal-03-mst-m2u-wheeljack <davefano-agents@users.noreply.github.com>
2026-07-09 05:39:59 +01:00
zw-xysk
ba5a212c8f fix(acp): keep session update text truncation surrogate-safe (#102378)
* fix(acp): keep session update text truncation surrogate-safe

acp-projector's truncateText function used String.prototype.slice(0, N)
on session update text that is sent to AI providers in the prompt context.
When the truncation boundary falls inside a UTF-16 surrogate pair (emoji,
CJK extended), the resulting string contains a dangling surrogate that
can corrupt the prompt.

Replace .slice(0, maxChars-1) with truncateUtf16Safe(input, maxChars-1)
so the truncation point always falls on a complete code-point boundary.

* fix: make ACP projection truncation UTF-16 safe

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 05:22:21 +01:00
ToToKr
6e4670f9c1 fix(acp): keep background-task summaries UTF-16 safe at truncation boundaries (#101976)
The bounded task label and progress summary shown for child ACP background runs used raw String.slice, which can split a surrogate pair at the 160/240-char boundaries and surface U+FFFD in requester-facing task status. Part of the UTF-16 safety sweep.
2026-07-09 05:02:21 +01:00
wm0018
9614129c2b fix(gateway): keep session title and preview text truncation UTF-16 safe (#102090)
* fix(gateway): keep session title and preview text truncation UTF-16 safe

* test(gateway): cover session UTF-16 boundaries in place

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 04:51:13 +01:00
chengzhichao-xydt
9e75ce9dd1 fix(agents): keep tool-result truncation UTF-16 safe (#102087)
* fix(agents): keep tool-result truncation UTF-16 safe

Replace raw .slice() calls in tool-result truncation with UTF-16-safe
helpers (sliceUtf16Safe/truncateUtf16Safe) so surrogate pairs are not
split when capping tool output, error-tail detection, or aggregate
elision markers.

- hasImportantTail: sliceUtf16Safe(text, -2000)
- appendBoundedTruncationSuffix: truncateUtf16Safe + sliceUtf16Safe
- truncateToolResultText head/tail/default paths: sliceUtf16Safe
- formatAggregateElisionText fallback: truncateUtf16Safe

Added regression tests for emoji at char and head+tail boundaries.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* test(agents): cover exact tool-result UTF-16 cuts

---------

Co-authored-by: chengzhichao-xydt <chengzhichao-xydt@users.noreply.github.com>
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 04:49:24 +01:00