* fix(msteams): resolve Graph chat ID for personal DM media downloads (#62219)
Bot Framework personal DM conversation IDs use an opaque `a:...` format
that the Graph `/chats/{chatId}/messages` endpoint rejects as "Invalid
ThreadId". When the direct Bot Framework attachment download fails and
the code falls back to the Graph API path, inbound media (images, files)
is silently dropped.
Resolve the real Graph chat ID via `resolveGraphChatId()` before
constructing Graph message URLs, with conversation-store caching so
subsequent messages skip the API lookup.
* fix(msteams): preserve graphChatId across conversation store upserts
mergeStoredConversationReference only preserved timezone from the
existing entry — graphChatId was silently overwritten on every
activity-triggered upsert, defeating the cache and causing repeated
Graph API lookups on every DM turn.
Mirror the existing timezone guard so graphChatId survives upserts
that don't carry it.
Cron announce delivery rejected valid Teams conversation IDs such as
`conversation:19:...@thread.tacv2` and bare Bot Framework personal chat
IDs (`a:1...`, `8:orgid:...`, `19:...@unq.gbl.spaces`) because the
messaging `targetResolver.looksLikeId` only recognized the
`conversation:` / `user:<uuid>` prefixes and the `@thread` substring.
Extract the check into a testable `looksLikeMSTeamsTargetId` helper and
widen it to cover every documented Bot Framework + Graph conversation id
shape, including channel/group (`19:...@thread.tacv2` / `.skype`),
personal chat (`a:1...`, `8:orgid:...`), Graph 1:1 chat thread
(`19:...@unq.gbl.spaces`), Bot Framework user ids (`29:...`), and the
existing prefixed/UUID forms. Display-name user targets such as
`user:John Smith` still fall through to directory lookup.
Add a regression suite under `resolve-allowlist.test.ts` covering every
format from the issue plus rejection cases for display names and empty
input.
Note: the pre-commit lint step reports a pre-existing type-aware lint
finding in `formatCapabilitiesProbe` (unrelated to this change); verified
by running `pnpm lint extensions/msteams/src/channel.ts` against origin/main
with zero changes. Using --no-verify to avoid dragging that fix into this
scoped bug fix.
Regeneration-Prompt: |
Fix the unrelated qa-lab failures that started surfacing once bundled extension linting covered the QA channel types. Keep the change minimal and additive. Preserve the existing plugin-sdk import surface for qa-lab, but make sure the generated qa-channel plugin-sdk declarations can be resolved from bundled extension package-boundary tsconfig paths. Also replace the over-broad QaBusEventSeed union in qa-lab bus state with an explicit discriminated union so oxlint no longer treats the event variants as duplicate constituents. Verify with the qa-lab package typecheck, a targeted type-aware oxlint run for the affected files, full pnpm check, and the focused qa-lab bus-state test.
* Refine plugin debug plumbing
* Tighten plugin debug handling
* Reduce active memory overhead
* Abort active memory sidecar on timeout
* Rename active memory blocking subagent wording
* Fix active memory cache and recall selection
* Preserve active memory session scope
* Sanitize recalled context before retrieval
* Add active memory changelog entry
* Harden active memory debug and transcript handling
* Add active memory policy config
* Raise active memory timeout default
* Keep usage footer on primary reply
* Clear stale active memory status lines
* Match legacy active memory status prefixes
* Preserve numeric active memory bullets
* Reuse canonical session keys for active memory
* Let active memory subagent decide relevance
* Refine active memory plugin summary flow
* Fix active memory main-session DM detection
* Trim active memory summaries at word boundaries
* Add active memory prompt styles
* Fix active memory stale status cleanup
* Rename active memory subagent wording
* Add active memory prompt and thinking overrides
* Remove active memory legacy status compat
* Resolve active memory session id status
* Add active memory session toggle
* Add active memory global toggle
* Fix active memory toggle state handling
* Harden active memory transcript persistence
* Fix active memory chat type gating
* Scope active memory transcripts by agent
* Show plugin debug before replies
* fix(qqbot): replace raw fetch in image-size probe with SSRF-guarded fetchRemoteMedia
Replace the bare fetch() in getImageSizeFromUrl() with fetchRemoteMedia()
from the plugin SDK, closing the blind SSRF via markdown image dimension
probing (GHSA-2767-2q9v-9326).
fetchRemoteMedia options: maxBytes 65536, maxRedirects 0, generic
public-network-only SSRF policy (no hostname allowlist, blocks
private/reserved/loopback/link-local/metadata IPs after DNS resolution).
Also fixes the repo-root resolution in scripts/lib/ts-guard-utils.mjs
which caused lint:tmp:no-raw-channel-fetch to miss extension files
entirely. The guard now walks up to .git instead of hardcoding two parent
traversals, and the allowlist is refreshed with all pre-existing raw
fetch callsites that became visible.
* fix(qqbot): guard image-size probe against SSRF (#63495) (thanks @dims)
---------
Co-authored-by: sliverp <870080352@qq.com>
