Commit Graph

37163 Commits

Author SHA1 Message Date
Peter Steinberger
8a7242461c fix(nodes): restore Mac app allowlist execution (#102536)
* fix(nodes): restore macOS app allowlist execution

* chore: keep node fix out of release changelog
2026-07-09 09:36:36 +01:00
lsr911
49a5b6a235 fix(compaction): use truncateUtf16Safe for post-compaction context text (#102515)
* fix(compaction): use truncateUtf16Safe for post-compaction context text

Replace naive .slice(0, maxContextChars) with truncateUtf16Safe()
to prevent surrogate pair splitting in post-compaction context
summaries sent to the model.

Co-Authored-By: Claude <noreply@anthropic.com>

* test(compaction): prove context UTF-16 boundary

---------

Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 09:32:05 +01:00
lsr911
8c608ae674 fix(gateway): use truncateUtf16Safe for config path display truncation (#102513)
* fix(gateway): use truncateUtf16Safe for config path display truncation

Replace naive .slice(0, 117) with truncateUtf16Safe() to prevent
surrogate pair splitting in config path sanitization output.

Co-Authored-By: Claude <noreply@anthropic.com>

* test(gateway): prove config path UTF-16 boundary

---------

Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 09:29:57 +01:00
lsr911
720aeb1547 fix(config): use truncateUtf16Safe for allowed-values hint text (#102512)
* fix(config): use truncateUtf16Safe for allowed-values hint text

Replace naive .slice(0, N) with truncateUtf16Safe() to prevent
surrogate pair splitting in config validation hint messages
shown to users.

Co-Authored-By: Claude <noreply@anthropic.com>

* test(config): prove UTF-16 allowed-value hint boundary

---------

Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 09:28:25 +01:00
lsr911
d0c49a7ad4 fix(mcp-runtime): use truncateUtf16Safe for MCP metadata text truncation (#102500)
* fix(mcp-runtime): use truncateUtf16Safe for MCP metadata text truncation

Replace naive .slice(0, N) with truncateUtf16Safe() to prevent
surrogate pair splitting in MCP tool metadata descriptions shown
to users through the bundle MCP runtime catalog.

Co-Authored-By: Claude <noreply@anthropic.com>

* test(mcp-runtime): cover UTF-16 metadata boundary

* style(mcp-runtime): keep imports grouped

---------

Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 09:24:40 +01:00
mushuiyu886
240d350c7f fix(gateway): finish plugin HTTP responses after post-header failures (#102125)
* fix(gateway): finish plugin HTTP responses after post-header failures

* test(gateway): satisfy plugin HTTP regression lint

* fix(gateway): skip ending destroyed plugin responses

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 09:22:32 +01:00
chengzhichao-xydt
51bb5f6847 fix(agents): keep provider error detail truncation UTF-16 safe (#102496)
* fix(agents): keep provider error detail truncation UTF-16 safe

Replace the raw detail.slice(0, limit - 1) in truncateErrorDetail with
truncateUtf16Safe so provider error previews do not emit lone surrogates
when an emoji falls on the truncation boundary.

Adds a regression test that places an emoji at the default truncation
boundary and asserts the formatted detail contains no lone surrogates.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* test(agents): prove provider error UTF-16 boundary

---------

Co-authored-by: chengzhichao-xydt <chengzhichao-xydt@users.noreply.github.com>
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 08:44:29 +01:00
xydt-tanshanshan
f0d4d4f2fc fix(talk): use truncateUtf16Safe for LLM-prompt-facing text truncation (#102477)
* fix(talk): use truncateUtf16Safe for snippet text truncation

fast-context-runtime.ts normalizeSnippet and heartbeat-events-filter.ts
buildExecEventPrompt used raw .slice(0, N), which can produce lone
surrogates when truncation boundaries cross emoji surrogate pairs.

* test(talk): cover UTF-16 snippet boundary

---------

Co-authored-by: hailory <hailory@xydigit.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
Co-authored-by: Peter Steinberger <peter@steipete.me>
2026-07-09 08:39:38 +01:00
wings1029
e5aefd5656 fix(gateway): keep live chat assistant buffer tail truncation UTF-16 safe (#102484)
* fix(gateway): keep live chat assistant buffer tail truncation UTF-16 safe

* test(gateway): cover UTF-16 tail cap through merge path

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 08:37:50 +01:00
Peter Steinberger
3b418bdef6 perf(test): avoid repeated model manifest scans 2026-07-09 03:34:37 -04:00
qingminlong
b40e5b974f fix(cli): clarify nodes invoke params errors (#101838) 2026-07-09 08:33:47 +01:00
Ayaan Zaidi
f246fa3901 test(agents): fix cross-file mock and module-state leakage in auth-profiles suite 2026-07-09 12:59:54 +05:30
wings1029
f0cc5e500f fix(auto-reply,infra): keep startup context and heartbeat event text UTF-16 safe (#102483)
* fix(auto-reply,infra): keep startup context and heartbeat event text UTF-16 safe

* test: strengthen UTF-16 truncation coverage

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 08:23:00 +01:00
Vincent Koc
04b64ffc19 test(release): align live model priority indices 2026-07-09 00:17:55 -07:00
Peter Steinberger
c20ce00d19 perf(test): restore cleanup-safe TUI PTY concurrency 2026-07-09 03:05:07 -04:00
zw-xysk
a6d45c46de fix(gateway): keep chat history display text truncation surrogate-safe (#102470)
* fix(gateway): keep chat history display text truncation surrogate-safe

truncateChatHistoryText uses slice(0, N) to truncate chat history text
for the Control UI. When the truncation boundary falls inside a UTF-16
surrogate pair (emoji, CJK extended), the resulting string contains a
dangling surrogate that browsers render as U+FFFD (�).

Replace slice(0, maxChars) with truncateUtf16Safe(text, maxChars) so
the truncation point always falls on a complete code-point boundary.

* test(gateway): cover chat display UTF-16 boundary

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 08:04:34 +01:00
lsr911
4fa3118049 fix(native-hook-relay): use truncateUtf16Safe for hook display text truncation (#102467)
* fix(tool-policy-audit): use truncateUtf16Safe for audit field truncation

Replace naive .slice(0, MAX) with truncateUtf16Safe() to prevent
surrogate pair splitting in tool policy audit log output.

Co-Authored-By: Claude <noreply@anthropic.com>

* fix(native-hook-relay): use truncateUtf16Safe for hook display text truncation

Replace naive .slice(0, N) truncation with truncateUtf16Safe() in:
- truncateText() helper (covers 4 call sites for tool display text)
- Inline hook result truncation (...[truncated] suffix)

Prevents surrogate pair splitting in native hook relay display
output (tool names, commands, descriptions shown to users).

Co-Authored-By: Claude <noreply@anthropic.com>

* test(agents): cover hook relay UTF-16 boundaries

---------

Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 08:03:19 +01:00
lsr911
472e5167d3 fix(tool-policy-audit): use truncateUtf16Safe for audit field truncation (#102464)
* fix(tool-policy-audit): use truncateUtf16Safe for audit field truncation

Replace naive .slice(0, MAX) with truncateUtf16Safe() to prevent
surrogate pair splitting in tool policy audit log output.

Co-Authored-By: Claude <noreply@anthropic.com>

* test(agents): cover audit UTF-16 boundary

---------

Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 08:02:16 +01:00
chengzhichao-xydt
bc6a4bdd94 fix(agents): keep tool-result context guard truncation UTF-16 safe (#102466)
* fix(agents): keep tool-result context guard truncation UTF-16 safe

Replace the raw text.slice(0, cutPoint) in truncateTextToBudget with
truncateUtf16Safe so oversized tool results do not emit lone surrogates
when an emoji falls on the truncation boundary.

Adds a regression test that places an emoji exactly at the legacy cut
point and asserts the truncated output contains no lone surrogates.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* fix(agents): report surrogate-safe omitted count

---------

Co-authored-by: chengzhichao-xydt <chengzhichao-xydt@users.noreply.github.com>
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 07:59:08 +01:00
kevinlin-openai
245b91b83d feat(slack): support Enterprise Grid org installs (#102372)
* feat(slack): support Enterprise Grid org installs

* docs: refresh generated docs map

* fix(slack): satisfy enterprise routing CI

* fix(slack): accept org auth without app id

* docs(plugin-sdk): document channel policy hooks

* fix(slack): reuse canonical sender for enterprise replies

* test(slack): fix enterprise sender lint

---------

Co-authored-by: Kevin Lin <kevin@dendron.so>
2026-07-08 23:53:19 -07:00
qingminlong
b20b02a476 fix(tool-payload): enforce UTF-8 byte limits for serialized payloads (#102450)
* fix(tool-payload): reject oversized XML payload bytes

* fix(tools): enforce serialized payload byte limits

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 07:47:23 +01:00
Ayaan Zaidi
20f355f236 fix(agents): adopt relogged credential inside locked cas-miss recovery 2026-07-09 12:04:24 +05:30
Ayaan Zaidi
2b98aec9ef fix(agents): stop auth bookkeeping from clobbering rotated oauth credentials 2026-07-09 12:04:24 +05:30
Tianning Li
583ca34bf8 feat(stepfun): add step-3.7-flash model (#88082)
* feat(stepfun): add step-3.7-flash model and make it default

* fix(stepfun): set step-3.7-flash cacheRead cost to 0.04

* fix(stepfun): raise step-3.7-flash maxTokens to context limit

Output was artificially capped at 65536; StepFun docs set max_tokens
default to INF, bounded only by the 256K context window. Raise
step-3.7-flash maxTokens to 262144 on both stepfun and stepfun-plan,
matching contextWindow. Per models.dev anomalyco/models.dev#1903.
step-3.5-flash entries unchanged.

* fix(stepfun): zero step-plan step-3.7-flash cost for plan billing

Step Plan endpoint bills per subscription plan, not per token, matching
the sibling stepfun-plan/step-3.5-flash and step-3.5-flash-2603 entries
which already carry zero cost. Standard stepfun/step-3.7-flash keeps its
per-token rate. Per models.dev anomalyco/models.dev#1903, whose step-plan
providers omit cost entirely.

* docs(changelog): note StepFun 3.7 support

* style(stepfun): format provider table

* fix(stepfun): forward reasoning effort

* fix(stepfun): scope reasoning compat to 3.7

* test(stepfun): keep 3.5 reasoning compat unchanged

* fix(stepfun): carry off fallback through agent turns

* fix(stepfun): use documented token limit field

* fix(stepfun): match chat completions contract

* chore(stepfun): keep changelog release-owned

---------

Co-authored-by: Tianning Li <litianning@stepfun.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 07:14:46 +01:00
wm0018
7de325d060 fix: keep task title truncation UTF-16 safe in restart/diagnostic output (#101934)
* fix: keep task title truncation UTF-16 safe in restart/diagnostic output

Three private copies of formatTaskBlocker share the same pattern —
task.title.slice(0, 80) — which can split surrogate pairs in task
titles, producing broken U+FFFD in restart blocker diagnostics,
gateway reload logs, and CLI run-loop output.

Replace raw slice with truncateUtf16Safe in all three locations.

Relevant files:
- gateway/server-reload-handlers.ts:270
- infra/restart-coordinator.ts:73
- cli/gateway-cli/run-loop.ts:569

* refactor(tasks): centralize restart blocker formatting

* fix(tasks): keep restart formatter side-effect free

* refactor(tasks): tighten restart blocker ownership

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 07:10:25 +01:00
zw-xysk
cc961001f3 fix(security): keep channel-metadata and install-policy truncation surrogate-safe (#102266)
* fix(security): keep channel-metadata and install-policy truncation surrogate-safe

channel-metadata.ts and install-policy.ts both had private truncateText
functions using String.prototype.slice(0, N) on user-visible text.
channel-metadata is explicitly user-controlled untrusted content that gets
injected into LLM prompt context -- a dangling surrogate from unsafe
truncation would corrupt the prompt with invalid Unicode, affecting token
counting and potentially LLM response quality.

Replace .slice(0, ...) with truncateUtf16Safe(...) in both files so the
truncation point always falls on a complete code-point boundary.

Add test coverage for buildUntrustedChannelMetadata with emoji at both
the entry-level (400-char) and outer (800-char) truncation boundaries.

* test(security): prove UTF-16 truncation boundaries

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 06:31:06 +01:00
Peter Steinberger
5533d979d4 feat: add follow-up task suggestions (#102422)
* feat(tools): add follow-up task suggestions

* chore: leave changelog to release flow

* fix(tools): add task suggestion display metadata

* fix(tools): update task suggestion display snapshot

* docs: format task suggestion tool table

* test(gateway): expect compaction worktree workspace

* test(gateway): preserve configured compaction workspace

* fix(ui): translate task suggestions
2026-07-09 06:30:01 +01:00
wm0018
9b4cbe4758 fix(agents): keep chunkString and buildResumeMessage truncation UTF-16 safe (#102085)
* fix(agents): keep chunkString and buildResumeMessage truncation UTF-16 safe

* fix: preserve code points in agent output chunks

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 05:54:08 +01:00
Peter Steinberger
d6ec1c6cea fix(secrets): prevent capture and sentinel credential retention (#102420)
* fix(secrets): harden sentinel capture lifecycle

* chore: leave release notes to release automation
2026-07-09 05:50:28 +01:00
Dave Fano
b502554f6c Suppress failed tool progress in Discord (#92517)
* fix(discord): suppress failed tool progress

Co-authored-by: davefano-agents@teal-03-mst-m2u-wheeljack <davefano-agents@users.noreply.github.com>

* chore: leave changelog to release

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
Co-authored-by: davefano-agents@teal-03-mst-m2u-wheeljack <davefano-agents@users.noreply.github.com>
2026-07-09 05:39:59 +01:00
zw-xysk
ba5a212c8f fix(acp): keep session update text truncation surrogate-safe (#102378)
* fix(acp): keep session update text truncation surrogate-safe

acp-projector's truncateText function used String.prototype.slice(0, N)
on session update text that is sent to AI providers in the prompt context.
When the truncation boundary falls inside a UTF-16 surrogate pair (emoji,
CJK extended), the resulting string contains a dangling surrogate that
can corrupt the prompt.

Replace .slice(0, maxChars-1) with truncateUtf16Safe(input, maxChars-1)
so the truncation point always falls on a complete code-point boundary.

* fix: make ACP projection truncation UTF-16 safe

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 05:22:21 +01:00
ToToKr
6e4670f9c1 fix(acp): keep background-task summaries UTF-16 safe at truncation boundaries (#101976)
The bounded task label and progress summary shown for child ACP background runs used raw String.slice, which can split a surrogate pair at the 160/240-char boundaries and surface U+FFFD in requester-facing task status. Part of the UTF-16 safety sweep.
2026-07-09 05:02:21 +01:00
wm0018
9614129c2b fix(gateway): keep session title and preview text truncation UTF-16 safe (#102090)
* fix(gateway): keep session title and preview text truncation UTF-16 safe

* test(gateway): cover session UTF-16 boundaries in place

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 04:51:13 +01:00
chengzhichao-xydt
9e75ce9dd1 fix(agents): keep tool-result truncation UTF-16 safe (#102087)
* fix(agents): keep tool-result truncation UTF-16 safe

Replace raw .slice() calls in tool-result truncation with UTF-16-safe
helpers (sliceUtf16Safe/truncateUtf16Safe) so surrogate pairs are not
split when capping tool output, error-tail detection, or aggregate
elision markers.

- hasImportantTail: sliceUtf16Safe(text, -2000)
- appendBoundedTruncationSuffix: truncateUtf16Safe + sliceUtf16Safe
- truncateToolResultText head/tail/default paths: sliceUtf16Safe
- formatAggregateElisionText fallback: truncateUtf16Safe

Added regression tests for emoji at char and head+tail boundaries.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* test(agents): cover exact tool-result UTF-16 cuts

---------

Co-authored-by: chengzhichao-xydt <chengzhichao-xydt@users.noreply.github.com>
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 04:49:24 +01:00
mushuiyu886
7daa090935 fix(doctor): keep scrubbed error truncation UTF-16 safe (#102066)
* fix(doctor): keep scrubbed error truncation UTF-16 safe

* test(doctor): assert exact scrubbed error output

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 04:39:15 +01:00
QiuYuang
b62c796e51 fix(agents): keep truncation surrogate-safe (#102332)
* fix(agents): keep truncation surrogate-safe

* test(agents): tighten process label truncation coverage

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 04:37:23 +01:00
Gio Della-Libera
735dbd2f95 feat: add signed marketplace feed config (#98316)
* feat: add signed marketplace feed config

* Clarify marketplace feed trust keys

* Preserve marketplace feed signing key type alias

* Fail closed for unwired signed marketplace feeds

* refactor: inline marketplace trust key config

---------

Co-authored-by: Gio Della-Libera <giodl@microsoft.com>
Co-authored-by: Patrick Erichsen <patrick.a.erichsen@gmail.com>
2026-07-08 20:32:14 -07:00
Patrick Erichsen
1252a3da59 fix: send owner-qualified install telemetry (#102377) 2026-07-08 20:18:09 -07:00
chengzhichao-xydt
e8bd3ae26a fix(agents): keep steering metadata truncation UTF-16 safe (#101736)
* fix(agents): keep steering metadata truncation UTF-16 safe

Replace raw string slicing with truncateUtf16Safe in promptLiteral so
emoji and CJK surrogate pairs in steering queue metadata are not split
mid-pair at the 500-char MAX_METADATA_CHARS cap.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* test(agents): add emoji surrogate boundary regression for steering metadata

Drive buildMergedAgentSteeringPrompt with a task label placing an emoji
at the 500-char MAX_METADATA_CHARS boundary to prove truncateUtf16Safe
preserves the surrogate pair instead of splitting it.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* test(agents): assert steering truncation output

* test(agents): remove useless string concat in emoji boundary test

---------

Co-authored-by: Alix-007 <li.long15@xydigit.com>
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
Co-authored-by: chengzhichao-xydt <chengzhichao-xydt@users.noreply.github.com>
2026-07-09 04:12:27 +01:00
wings1029
1825c9f890 fix: keep emoji intact at remaining text truncation boundaries (#101754)
* fix: keep emoji intact at remaining text truncation boundaries

Replace .slice(0, N) with truncateUtf16Safe() in five remaining
user-visible text truncation sites that were missed by earlier
UTF-16 safety sweeps:

- restart.ts: restart reason text (2 sites)
- chat-composer.ts: reply target text preview
- chat-thread.ts: thread text preview + message text extraction

All sites truncate user-generated content where emoji or other
supplementary-plane characters could produce lone surrogates.

Co-Authored-By: Claude <noreply@anthropic.com>

* fix: complete UTF-16-safe restart and chat boundaries

---------

Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 04:02:08 +01:00
Gio Della-Libera
30b3a7cded feat: add hosted feed envelope verifier (#98299)
* feat: add hosted feed envelope verifier

* refactor: share Ed25519 signature helpers

* fix: repair hosted feed verifier checks

* Use DSSE PAE for hosted feed envelopes

* Bound raw hosted feed signatures

* fix(feeds): verify decoded envelope payload bytes

* chore: refresh npm shrinkwrap baselines

* Revert "chore: refresh npm shrinkwrap baselines"

This reverts commit 448f05f6de.

---------

Co-authored-by: Patrick Erichsen <patrick.a.erichsen@gmail.com>
Co-authored-by: Gio Della-Libera <giodl@microsoft.com>
2026-07-08 19:27:56 -07:00
Tobias Oort
0307deacfa feat(github-copilot): support GitHub Enterprise data-residency Copilot auth (#99221)
Adds GitHub Enterprise data-residency support to the existing bundled GitHub Copilot provider.

Maintainer proof:
- GitHub CI green on head 54010a6538
- `check-lint`, `check-additional-extension-bundled`, and `check-shrinkwrap` passed in CI
- local `pnpm lint:extensions:bundled`, `pnpm lint`, and focused GitHub Copilot Vitest passed
- AWS Crabbox proof passed
- live microsoft.ghe.com device-flow/token-exchange/model-catalog proof passed

Co-authored-by: Tobias Oort <tobias.oort@ict.nl>
Co-authored-by: Gio Della-Libera <235387111+giodl73-repo@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-07-08 18:59:41 -07:00
Peter Steinberger
eae3fc1a79 feat(xai): add Grok 4.5 support (#102316)
* feat(xai): add Grok 4.5 support

* chore: leave release notes to release automation
2026-07-09 01:39:03 +01:00
Vincent Koc
aad99747cd fix(onboard): omit empty provider request settings 2026-07-08 17:26:29 -07:00
Gio Della-Libera
7d82e5b658 Doctor: audit lint default selection (#100361)
Summary:
- audit Doctor lint default selection after the full lint-family backfill
- make legacy state, skills readiness, session transcripts, and session snapshots explicit-only for default lint
- document default lint vs --all/--only and keep plugin/SDK public contracts unchanged

Validation:
- Galin review: no blocking findings
- maintainer accepted the default-lint compatibility tradeoff in PR comment
- exact-head hosted gates passed for d5d88a0db1: CI#28976811444 and Workflow Sanity#28976811343
- local broad pnpm check was blocked by a shrinkwrap guard failure that reproduces on origin/main and is unrelated to this five-file Doctor diff

Co-authored-by: Gio Della-Libera <235387111+giodl73-repo@users.noreply.github.com>
2026-07-08 14:34:57 -07:00
Jason (Json)
5b52e2490a fix(gateway): refresh model availability from persisted auth (#102289) 2026-07-08 14:45:09 -06:00
Sally O'Malley
b81666ca6a Fix container image upgrade migrations before gateway readiness (#101881)
* run all 'openclaw upgrade' migrations with container image upgrades

Signed-off-by: sallyom <somalley@redhat.com>

* fix: block gateway startup on plugin repair warnings

Signed-off-by: sallyom <somalley@redhat.com>

---------

Signed-off-by: sallyom <somalley@redhat.com>
2026-07-08 14:19:05 -04:00
Gio Della-Libera
aa27ae9d9f policy: preview review-required gateway repairs (#99776)
* policy: preview review-required gateway repairs

* docs(policy): document gateway review previews

* docs(policy): document gateway review previews

* docs(policy): document gateway review previews

* docs(policy): document gateway review previews

---------

Co-authored-by: Gio Della-Libera <giodl@microsoft.com>
2026-07-08 10:44:56 -07:00
Vincent Koc
0d86f64e60 fix(ci): stabilize Go and TUI PTY shards 2026-07-08 10:28:06 -07:00
Dallin Romney
8fa83d2742 refactor(gateway): consolidate client contracts (#101012) 2026-07-08 10:56:31 -06:00