39b5ffdaa6
fix: route feishu doc tools by agent account context ( #27338 ) (thanks @AaronL725)
2026-02-26 12:00:45 +00:00
58c100f66f
fix(feishu): remove hook registration, fix docx getClient call
2026-02-26 12:00:45 +00:00
10d9549764
fix(feishu): fix hook types and docx client call
2026-02-26 12:00:45 +00:00
151ee6014a
fix(feishu): route doc tools by agent account
...
Previously feishu_doc always used accounts[0], so multi-account setups created docs under the first bot regardless of the calling agent.
This change resolves accountId via a before_tool_call hook (defaulting from agentAccountId) and selects the Feishu client per call.
Fixes #27321
2026-02-26 12:00:45 +00:00
8bdda7a651
fix(security): keep DM pairing allowlists out of group auth
2026-02-26 12:58:18 +01:00
d08dafb08f
fix(feishu): bitable tools use listEnabledFeishuAccounts for multi-account mode ( #27244 )
...
The bitable tool registration was reading credentials directly from
top-level feishuCfg.appId/appSecret, missing the accounts.* path used
in multi-account mode. Align with drive.ts and wiki.ts by using
listEnabledFeishuAccounts() which handles both legacy and multi-account
configurations.
2026-02-26 11:56:18 +00:00
fec3fdf7ef
test(msteams): align silent-prefix expectation with exact NO_REPLY semantics
2026-02-26 11:42:38 +00:00
caace61ba1
chore: bump versions to 2026.2.26
2026-02-26 12:11:02 +01:00
e7b600e318
chore(acpx): bump package version to 2026.2.25
2026-02-26 16:29:12 +05:30
a7d56e3554
feat: ACP thread-bound agents ( #23580 )
...
* docs: add ACP thread-bound agents plan doc
* docs: expand ACP implementation specification
* feat(acp): route ACP sessions through core dispatch and lifecycle cleanup
* feat(acp): add /acp commands and Discord spawn gate
* ACP: add acpx runtime plugin backend
* fix(subagents): defer transient lifecycle errors before announce
* Agents: harden ACP sessions_spawn and tighten spawn guidance
* Agents: require explicit ACP target for runtime spawns
* docs: expand ACP control-plane implementation plan
* ACP: harden metadata seeding and spawn guidance
* ACP: centralize runtime control-plane manager and fail-closed dispatch
* ACP: harden runtime manager and unify spawn helpers
* Commands: route ACP sessions through ACP runtime in agent command
* ACP: require persisted metadata for runtime spawns
* Sessions: preserve ACP metadata when updating entries
* Plugins: harden ACP backend registry across loaders
* ACPX: make availability probe compatible with adapters
* E2E: add manual Discord ACP plain-language smoke script
* ACPX: preserve streamed spacing across Discord delivery
* Docs: add ACP Discord streaming strategy
* ACP: harden Discord stream buffering for thread replies
* ACP: reuse shared block reply pipeline for projector
* ACP: unify streaming config and adopt coalesceIdleMs
* Docs: add temporary ACP production hardening plan
* Docs: trim temporary ACP hardening plan goals
* Docs: gate ACP thread controls by backend capabilities
* ACP: add capability-gated runtime controls and /acp operator commands
* Docs: remove temporary ACP hardening plan
* ACP: fix spawn target validation and close cache cleanup
* ACP: harden runtime dispatch and recovery paths
* ACP: split ACP command/runtime internals and centralize policy
* ACP: harden runtime lifecycle, validation, and observability
* ACP: surface runtime and backend session IDs in thread bindings
* docs: add temp plan for binding-service migration
* ACP: migrate thread binding flows to SessionBindingService
* ACP: address review feedback and preserve prompt wording
* ACPX plugin: pin runtime dependency and prefer bundled CLI
* Discord: complete binding-service migration cleanup and restore ACP plan
* Docs: add standalone ACP agents guide
* ACP: route harness intents to thread-bound ACP sessions
* ACP: fix spawn thread routing and queue-owner stall
* ACP: harden startup reconciliation and command bypass handling
* ACP: fix dispatch bypass type narrowing
* ACP: align runtime metadata to agentSessionId
* ACP: normalize session identifier handling and labels
* ACP: mark thread banner session ids provisional until first reply
* ACP: stabilize session identity mapping and startup reconciliation
* ACP: add resolved session-id notices and cwd in thread intros
* Discord: prefix thread meta notices consistently
* Discord: unify ACP/thread meta notices with gear prefix
* Discord: split thread persona naming from meta formatting
* Extensions: bump acpx plugin dependency to 0.1.9
* Agents: gate ACP prompt guidance behind acp.enabled
* Docs: remove temp experiment plan docs
* Docs: scope streaming plan to holy grail refactor
* Docs: refactor ACP agents guide for human-first flow
* Docs/Skill: add ACP feature-flag guidance and direct acpx telephone-game flow
* Docs/Skill: add OpenCode and Pi to ACP harness lists
* Docs/Skill: align ACP harness list with current acpx registry
* Dev/Test: move ACP plain-language smoke script and mark as keep
* Docs/Skill: reorder ACP harness lists with Pi first
* ACP: split control-plane manager into core/types/utils modules
* Docs: refresh ACP thread-bound agents plan
* ACP: extract dispatch lane and split manager domains
* ACP: centralize binding context and remove reverse deps
* Infra: unify system message formatting
* ACP: centralize error boundaries and session id rendering
* ACP: enforce init concurrency cap and strict meta clear
* Tests: fix ACP dispatch binding mock typing
* Tests: fix Discord thread-binding mock drift and ACP request id
* ACP: gate slash bypass and persist cleared overrides
* ACPX: await pre-abort cancel before runTurn return
* Extension: pin acpx runtime dependency to 0.1.11
* Docs: add pinned acpx install strategy for ACP extension
* Extensions/acpx: enforce strict local pinned startup
* Extensions/acpx: tighten acp-router install guidance
* ACPX: retry runtime test temp-dir cleanup
* Extensions/acpx: require proactive ACPX repair for thread spawns
* Extensions/acpx: require restart offer after acpx reinstall
* extensions/acpx: remove workspace protocol devDependency
* extensions/acpx: bump pinned acpx to 0.1.13
* extensions/acpx: sync lockfile after dependency bump
* ACPX: make runtime spawn Windows-safe
* fix: align doctor-config-flow repair tests with default-account migration (#23580 ) (thanks @osolmaz)
2026-02-26 11:00:09 +01:00
e915b4c64a
refactor: unify monitor abort lifecycle handling
2026-02-26 04:36:25 +01:00
243e28df4f
fix(line): keep startAccount pending until abort signal to prevent restart loop
...
monitorLineProvider() registers the webhook HTTP route and returns
immediately. Because startAccount() directly returned that resolved
promise, the channel supervisor interpreted it as "provider exited"
and triggered auto-restart up to 10 times.
Await a promise gated on ctx.abortSignal so startAccount stays alive
for the full provider lifecycle, matching the contract expected by the
channel supervisor.
Closes #26478
Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-26 03:20:57 +00:00
347f7b9550
fix(msteams): bind file consent invokes to conversation
2026-02-26 02:49:50 +01:00
8f8e46d898
refactor: unify reaction ingress policy guards across channels
2026-02-26 01:34:47 +01:00
5325ed90b2
refactor(nextcloud-talk): extract webhook pipeline and shared test harness
2026-02-26 00:23:36 +01:00
d512163d68
fix(security): harden nextcloud-talk webhook replay handling
2026-02-26 00:18:38 +01:00
107bda27c9
security(msteams): isolate group allowlist from pairing-store entries
2026-02-25 04:49:52 +00:00
d1bed505c5
security(irc): isolate group allowlist from DM pairing store
2026-02-25 04:48:43 +00:00
0a58328217
security(nextcloud-talk): isolate group allowlist from pairing-store entries
2026-02-25 04:47:46 +00:00
09200b3c10
security(nextcloud-talk): reject unsigned webhooks before body read
2026-02-25 04:45:59 +00:00
2652bb1d7d
Release: sync plugin versions to 2026.2.25
2026-02-25 04:19:59 +00:00
d42ef2ac62
refactor: consolidate typing lifecycle and queue policy
2026-02-25 02:16:03 +00:00
e0201c2774
fix: keep channel typing active during long inference ( #25886 , thanks @stakeswky)
...
Co-authored-by: stakeswky <stakeswky@users.noreply.github.com>
2026-02-25 02:03:27 +00:00
7dfac70185
fix(synology-chat): land @bmendonca3 fail-closed allowlist follow-up ( #25827 )
...
Carry fail-closed empty-allowlist guard clarity and changelog attribution for PR #25827 .
Co-authored-by: Brian Mendonca <brianmendonca@Brians-MacBook-Air.local>
2026-02-25 01:19:43 +00:00
8470dff619
chore(deps): update dependencies except carbon
2026-02-25 01:10:36 +00:00
b0bb3cca8a
test(types): fix ts narrowing regressions in followup and matrix queue tests
2026-02-24 23:54:51 +00:00
a3c4f56b0b
security(voice-call): detect Telnyx webhook replay
2026-02-24 23:50:30 +00:00
53f9b7d4e7
fix(automation): harden announce delivery + cron coding profile ( #25813 #25821 #25822 )
...
Co-authored-by: Shawn <shenghuikevin@shenghuideMac-mini.local>
Co-authored-by: 不做了睡大觉 <user@example.com>
Co-authored-by: Marcus Widing <widing.marcus@gmail.com>
2026-02-24 23:49:34 +00:00
453664f09d
refactor(zalo): split monitor access and webhook logic
2026-02-24 23:40:51 +00:00
58309fd8d9
refactor(matrix,tests): extract helpers and inject send-queue timing
2026-02-24 23:37:50 +00:00
a2529c25ff
test(matrix,discord,sandbox): expand breakage regression coverage
2026-02-24 23:37:50 +00:00
b4010a0b62
fix(zalo): enforce group sender policy in groups
2026-02-24 23:30:43 +00:00
9fccf60733
refactor(synology-chat): centralize DM auth and fail fast startup
2026-02-24 23:28:40 +00:00
e7a5f9f4d8
fix(channels,sandbox): land hard breakage cluster from reviewed PR bases
...
Lands reviewed fixes based on #25839 (@pewallin), #25841 (@joshjhall), and #25737/@25713 (@DennisGoldfinger/@peteragility), with additional hardening + regression tests for queue cleanup and shell script safety.
Fixes #25836
Fixes #25840
Fixes #25824
Fixes #25868
Co-authored-by: Peter Wallin <pwallin@gmail.com>
Co-authored-by: Joshua Hall <josh@yaplabs.com>
Co-authored-by: Dennis Goldfinger <dennisgoldfinger@gmail.com>
Co-authored-by: peteragility <peteragility@users.noreply.github.com>
2026-02-24 23:27:56 +00:00
0ee30361b8
fix(synology-chat): fail closed empty allowlist
2026-02-24 23:18:17 +00:00
d3da67c7a9
fix(security): lock sandbox tmp media paths to openclaw roots
2026-02-24 23:10:19 +00:00
955cc9029f
chore: sync plugin versions to 2026.2.24
2026-02-24 22:45:46 +00:00
0ded77ca7d
test(matrix): add regression tests for reasoning-only reply filtering
...
Verify that deliverMatrixReplies skips replies whose text starts with
"Reasoning:\n" or opens with <thinking>/<think>/<antthinking> tags, while
still delivering all normal replies.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-24 04:36:27 +00:00
1298bd4e1b
fix(matrix): skip reasoning-only messages in reply delivery
...
When `includeReasoning` is active (or `reasoningLevel` falls back to the
model default), the agent emits reasoning blocks as separate reply
payloads prefixed with "Reasoning:\n". Matrix has no dedicated reasoning
lane, so these internal thinking traces leak into the chat as regular
user-visible messages.
Filter out pure-reasoning payloads (those starting with "Reasoning:\n" or
a `<thinking>` tag) before delivery so internal reasoning never reaches
the Matrix room.
Fixes #24411
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-24 04:36:27 +00:00
a7518b7589
fix(feishu): pass parentPeer for topic session binding inheritance
...
(cherry picked from commit bddeb1fd95
2026-02-24 04:33:51 +00:00
dd41a78458
fix(bluebubbles): pass SSRF policy for localhost attachment downloads ( #24457 )
...
(cherry picked from commit aff64567c7
2026-02-24 04:06:57 +00:00
9d3bd50990
fix(otel): use protobuf OTLP exporters instead of JSON/HTTP
...
The diagnostics-otel extension validates that protocol is "http/protobuf"
but was importing JSON-based `-http` exporters. This caused silent failures
with backends like VictoriaMetrics that only accept protobuf-encoded OTLP.
Switch all three exporter imports (metrics, traces, logs) from
`@opentelemetry/exporter-*-otlp-http` to `@opentelemetry/exporter-*-otlp-proto`.
Fixes #24942
Co-authored-by: Cursor <cursoragent@cursor.com>
(cherry picked from commit f5c0bf0497
2026-02-24 04:04:35 +00:00
6c1ed9493c
fix: harden queue retry debounce and add regression tests
2026-02-24 03:52:49 +00:00
f5cab29ec7
fix(synology-chat): deregister stale webhook route before re-registering on restart ( #24971 )
...
When the Synology Chat plugin restarts (auto-restart or health monitor),
startAccount is called again without calling the previous stop(). The
HTTP route is still registered, so registerPluginHttpRoute returns a
no-op unregister function and logs "already registered". This triggers
another restart, creating an infinite loop.
Store the unregister function at module level keyed by account+path.
Before registering, check for and call any stale unregister from the
previous start cycle, ensuring a clean slate for route registration.
Fixes #24894
Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-24 03:33:47 +00:00
1d28da55a5
fix(voice-call): block Twilio webhook replay and stale transitions
2026-02-24 02:37:24 +00:00
161d9841dc
refactor(security): unify dangerous name matching handling
2026-02-24 01:33:08 +00:00
6a7c303dcc
test(msteams): fix allowlist name-match expectations
2026-02-24 01:26:53 +00:00
cfa44ea6b4
fix(security): make allowFrom id-only by default with dangerous name opt-in ( #24907 )
...
* fix(channels): default allowFrom to id-only; add dangerous name opt-in
* docs(security): align channel allowFrom docs with id-only default
2026-02-24 01:01:51 +00:00
0183610db3
refactor: de-duplicate channel runtime and payload helpers
2026-02-23 21:25:28 +00:00
75423a00d6
refactor: deduplicate shared helpers and test setup
2026-02-23 20:40:44 +00:00
Peter Steinberger
root
echoVic
Ayaan Zaidi
Onur Solmaz
SidQin-cyber
Brian Mendonca
Shakker
justinhuangcode
Shennan
Marcus Castro
Peter Steinberger