d921784718
fix: support default subagent allowlists ( #59944 ) (thanks @hclsys)
2026-04-03 19:43:17 +09:00
71f8c0344a
fix(ci): refresh schema and boundary expectations
2026-04-03 11:26:06 +01:00
fb0d82ba9f
fix(ci): refresh guardrails and config baselines
2026-04-03 11:18:40 +01:00
61f13173c2
feat(providers): add model request transport overrides ( #60200 )
...
* feat(providers): add model request transport overrides
* chore(providers): finalize request override follow-ups
* fix(providers): narrow model request overrides
2026-04-03 19:00:06 +09:00
64755c52f2
test: move extension-owned coverage out of core
2026-04-03 10:58:44 +01:00
355dc7f3a8
fix(msteams): avoid discord approval auth import cycle
2026-04-03 10:55:47 +01:00
f2d7a825b1
refactor(plugin-sdk): remove channel-specific sdk seams
2026-04-03 10:45:10 +01:00
4bfa9260ce
fix(telegram): add dangerous private-network media opt-in
2026-04-03 18:39:17 +09:00
f5c3b409ea
Config: separate core/plugin baseline entries ( #60162 )
...
* Config: separate core/plugin baseline entries
* Config: split config baseline by kind
* Config: split generated baselines by kind
* chore(build): skip generated baseline shards in local tooling
* chore(build): forbid generated docs in npm pack
2026-04-03 18:26:23 +09:00
23719dd513
feat(media): add request transport overrides ( #59848 )
...
* style(providers): normalize request policy formatting
* style(providers): normalize request policy formatting
* feat(media): add request transport overrides
* fix(secrets): resolve media request secret refs
* fix(secrets): cover shared media request refs
* fix(secrets): scope media request ref activity
* fix(media): align request ref gating
2026-04-03 17:35:26 +09:00
b66197f932
test: reduce import wrapper reload churn
2026-04-03 07:14:58 +01:00
0aa98a8e3b
fix: import CHANNEL_IDS from leaf module to avoid TDZ on init ( #48832 ) ( #60061 )
...
schema.ts and validation.ts imported CHANNEL_IDS from channels/registry.js,
which re-exports from channels/ids.js but also imports plugins/runtime.js.
When the bundler resolves this dependency graph, the re-exported CHANNEL_IDS
can be undefined at the point config/validation.ts evaluates (temporal dead
zone), causing 'CHANNEL_IDS is not iterable' on startup.
Fix: import CHANNEL_IDS directly from channels/ids.js (the leaf module with
zero heavy dependencies) and normalizeChatChannelId from channels/chat-meta.js.
Fixes #48832
Co-authored-by: Brad Groux <bradgroux@users.noreply.github.com>
2026-04-03 00:20:17 -05:00
251fa72798
fix: emit passive hooks for mention-skipped group messages ( #60018 )
...
* fix(channels): emit passive hooks for mention-skipped group messages
* fix(channels): honor signal ingest overrides
* fix(channels): honor telegram ingest fallback
* fix: emit passive hooks for mention-skipped group messages (#60018 )
2026-04-03 10:14:48 +05:30
e3674bcc04
test: streamline runtime wrapper test reloads
2026-04-03 04:41:38 +01:00
bff6025bde
test: refresh generated baselines
2026-04-03 04:54:59 +09:00
35e1605147
feat: add configurable context visibility
2026-04-03 04:34:57 +09:00
f911bbc353
refactor(plugins): separate activation from enablement ( #59844 )
...
* refactor(plugins): separate activation from enablement
* fix(cli): sanitize verbose plugin activation reasons
2026-04-03 03:22:37 +09:00
0ebb69b882
build: set release version to 2026.4.2
2026-04-02 19:09:58 +01:00
17f6626ffe
feat(approvals): auto-enable native chat approvals
2026-04-02 17:30:40 +01:00
423f7c3487
build: prep 2026.4.2-beta.1 release
2026-04-02 16:33:21 +01:00
3872a866a1
fix(xai): make x_search auth plugin-owned ( #59691 )
...
* fix(xai): make x_search auth plugin-owned
* fix(xai): restore x_search runtime migration fallback
* fix(xai): narrow legacy x_search auth migration
* fix(secrets): drop legacy x_search target registry entry
* fix(xai): no-op knob-only x_search migration fallback
2026-04-02 23:54:07 +09:00
ef86edacf7
fix: harden plugin auto-enable empty config handling
2026-04-02 15:19:53 +01:00
4f692190b4
fix(config): tolerate missing facade boundary config
2026-04-02 23:04:53 +09:00
3e4de956c0
!refactor(xai): move x_search config behind plugin boundary ( #59674 )
...
* refactor(xai): move x_search config behind plugin boundary
* chore(changelog): note x_search config migration
* fix(xai): include x_search migration helpers
2026-04-02 22:08:59 +09:00
15e6a88c67
fix(config): sync generated base schema
2026-04-02 21:04:06 +09:00
9823833383
fix(plugins): preserve activation provenance ( #59641 )
...
* fix(plugins): preserve activation provenance
* fix(gateway): preserve activation reason metadata
* fix(plugins): harden activation state policy
2026-04-02 20:57:14 +09:00
38d2faee20
!feat(plugins): add web fetch provider boundary ( #59465 )
...
* feat(plugins): add web fetch provider boundary
* feat(plugins): add web fetch provider modules
* refactor(web-fetch): remove remaining core firecrawl fetch config
* fix(web-fetch): address review follow-ups
* fix(web-fetch): harden provider runtime boundaries
* fix(web-fetch): restore firecrawl compare helper
* fix(web-fetch): restore env-based provider autodetect
* fix(web-fetch): tighten provider hardening
* fix(web-fetch): restore fetch autodetect and compat args
* chore(changelog): note firecrawl fetch config break
2026-04-02 20:25:19 +09:00
d90c8db491
fix(plugin-sdk): narrow discord and matrix core seam imports ( #59557 )
2026-04-02 17:40:06 +09:00
7771c69caf
fix(plugins): enforce activation before shipped imports ( #59136 )
...
* fix(plugins): enforce activation before shipped imports
* fix(plugins): remove more ambient bundled loads
* fix(plugins): tighten scoped loader matching
* fix(plugins): remove channel-id scoped loader matches
* refactor(plugin-sdk): relocate ambient provider helpers
* fix(plugin-sdk): preserve unicode ADC credential paths
* fix(plugins): restore safe setup fallback
2026-04-02 11:18:49 +09:00
75ab5bce6b
fix(bluebubbles): add enrichGroupParticipantsFromContacts to core Zod schema ( #56889 )
...
* fix(bluebubbles): add enrichGroupParticipantsFromContacts to core Zod schema
The field was added to the extension config schema in #54984 but not
synced to the core strict Zod validator, causing config validation to
reject the key at startup with 'Unrecognized key'.
* test(config): add BlueBubbles schema regression coverage
* fix(bluebubbles): accept enrichGroupParticipantsFromContacts config
---------
Co-authored-by: Chris Zhang <chris@ChrisdeMac-mini.local>
Co-authored-by: Altay <altay@uinaf.dev>
2026-04-01 23:55:58 +03:00
1f99c87a44
feat: add `agents.defaults.compaction.notifyUser` config option (default: false) [ Fix #54249 ] ( #54251 )
...
Merged via squash.
Prepared head SHA: 6fd4cdb7c3
2026-04-01 12:29:17 -07:00
8abba663c5
chore: bump version to 2026.4.2
2026-04-01 19:39:27 +01:00
d076153fc9
fix(config): coerce numeric Discord IDs to strings instead of rejecting ( #45125 )
...
Merged via squash.
Prepared head SHA: 099ba514a1
2026-04-01 21:07:28 +03:00
da64a978e5
chore: prepare 2026.4.1 release
2026-04-01 17:57:10 +01:00
8988894ff7
build: prepare 2026.4.1-beta.1 release
2026-04-01 15:09:19 +01:00
74b9f22a42
fix: add Telegram error suppression controls ( #51914 ) (thanks @chinar-amrutkar)
...
* feat(telegram): add error policy for suppressing repetitive error messages
Introduces per-account error policy configuration that can suppress
repetitive error messages (e.g., 429 rate limit, ECONNRESET) to
prevent noisy error floods in Telegram channels.
Closes #34498
* fix(telegram): track error cooldown per message
* fix(telegram): prune expired error cooldowns
* fix: add Telegram error suppression controls (#51914 ) (thanks @chinar-amrutkar)
---------
Co-authored-by: chinar-amrutkar <chinar-amrutkar@users.noreply.github.com>
Co-authored-by: Ayaan Zaidi <hi@obviy.us>
2026-04-01 17:52:28 +05:30
32ae841098
feat(web-search): add SearXNG as bundled web search provider plugin ( #57317 )
...
* feat(web-search): add bundled searxng plugin
* test(web-search): cover searxng config wiring
* test(web-search): include searxng in bundled provider inventory
* test(web-search): keep searxng ordering aligned
* fix(web-search): sanitize searxng result rows
---------
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-04-01 19:24:33 +09:00
1654c3a851
feat(gateway): make chat history max chars configurable ( #58900 )
...
* feat(gateway): make chat history max chars configurable
* fix(gateway): address review feedback
* docs(changelog): note configurable chat history limits
2026-04-01 21:08:37 +11:00
2d53ffdec1
fix(exec): resolve remote approval regressions ( #58792 )
...
* fix(exec): restore remote approval policy defaults
* fix(exec): handle headless cron approval conflicts
* fix(exec): make allow-always durable
* fix(exec): persist exact-command shell trust
* fix(doctor): match host exec fallback
* fix(exec): preserve blocked and inline approval state
* Doctor: surface allow-always ask bypass
* Doctor: match effective exec policy
* Exec: match node durable command text
* Exec: tighten durable approval security
* Exec: restore owner approver fallback
* Config: refresh Slack approval metadata
---------
Co-authored-by: scoootscooob <zhentongfan@gmail.com>
2026-04-01 02:07:20 -07:00
4fa11632b4
fix: escalate to model fallback after rate-limit profile rotation cap ( #58707 )
...
* fix: escalate to model fallback after rate-limit profile rotation cap
Per-model rate limits (e.g. Anthropic Sonnet-only quotas) are not
relieved by rotating auth profiles — if all profiles share the same
model quota, cycling between them loops forever without falling back
to the next model in the configured fallbacks chain.
Apply the same rotation-cap pattern introduced for overloaded_error
(#58348 ) to rate_limit errors:
- Add `rateLimitedProfileRotations` to auth.cooldowns config (default: 1)
- After N profile rotations on a rate_limit error, throw FailoverError
to trigger cross-provider model fallback
- Add `resolveRateLimitProfileRotationLimit` helper following the same
pattern as `resolveOverloadProfileRotationLimit`
Fixes #58572
* fix: cap prompt-side rate-limit failover (#58707 ) (thanks @Forgely3D)
* fix: restore latest-main gates for #58707
---------
Co-authored-by: Ember (Forgely3D) <ember@forgely.co>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-04-01 17:54:10 +09:00
e643ba2f5e
fix: preserve telegram topic routing in announce and delivery context
2026-04-01 16:13:24 +09:00
5f3737f229
fix: auto-enable minimax plugin for API key auth route ( #57127 )
...
Merged via squash.
Prepared head SHA: 5782b26738
2026-03-31 22:52:19 -07:00
ac6db066d3
feat(whatsapp): add reaction guidance levels ( #58622 )
...
* WhatsApp: add reaction guidance policy
* WhatsApp: expose reaction guidance to agents
2026-04-01 01:42:10 -03:00
ccb67bd4bf
config: regenerate base config schema baseline
2026-03-31 22:54:36 -05:00
8b6b4b18a8
feat: add agents.defaults.params for global default provider params ( #58548 )
...
Allow setting provider params (e.g. cacheRetention) once at the
agents.defaults level instead of repeating them per-model. The merge
order is now: defaults.params -> defaults.models[key].params ->
list[agentId].params.
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-31 21:09:07 -04:00
bea53d7a3f
Fix: move bootstrap session grammar into plugin-owned session-key surfaces ( #58400 )
...
Merged via squash.
Prepared head SHA: b062b18b03
2026-03-31 19:41:01 -04:00
9ea7e06460
build: bump version to 2026.4.1
2026-03-31 22:53:17 +01:00
418fa12dfa
fix: make overload failover configurable
2026-03-31 21:34:35 +01:00
2a60e34f2a
build: prepare 2026.3.31 stable release
2026-03-31 21:32:38 +01:00
ce58f55fe0
fix: require doctor migration for legacy web search config
2026-04-01 04:22:41 +09:00
Peter Steinberger
Vincent Koc
Brad Groux
Ayaan Zaidi
zqchris
Oguri Cap
Moliendo
Chinar Amrutkar
Charles Dusek
Luke
Forgely3D
yi-bot
Tars
Marcus Castro
joshavant
Lee Pender
Gustavo Madeira Santana