b7589b32a8
fix(feishu): support SecretRef-style env credentials in account resolver ( #30903 )
...
Merged via squash.
Prepared head SHA: d3d0a18f17
2026-03-03 19:22:50 -06:00
21e8d88c1d
build: fix ineffective dynamic imports with lazy boundaries ( #33690 )
...
Merged via squash.
Prepared head SHA: 38b3c23d6f
2026-03-03 20:14:41 -05:00
a4850b1b8f
fix(plugins): lazily initialize runtime and split plugin-sdk startup imports ( #28620 )
...
Merged via squash.
Prepared head SHA: 8bd7d6c13b
2026-03-03 19:58:48 -05:00
4b17d6d882
feat(gateway): add Permissions-Policy header to default security headers ( #30186 )
...
Merged via squash.
Prepared head SHA: 0dac89283f
2026-03-03 16:25:39 -08:00
0d97101665
Agents: preserve bootstrap warning dedupe across followup runs
2026-03-03 18:56:11 -05:00
d95cf256e7
Security audit: suggest valid gateway.nodes.denyCommands entries ( #29713 )
...
Merged via squash.
Prepared head SHA: db23298f98
2026-03-03 15:47:57 -08:00
e8cb0484ce
fix(security): strip partial API token from status labels ( #33262 )
...
Merged via squash.
Prepared head SHA: 5fe81704e6
2026-03-03 15:11:49 -08:00
b1a735829d
docs: fix Mintlify-incompatible links in security docs ( #27698 )
...
Merged via squash.
Prepared head SHA: 6078cd94ba
2026-03-03 14:51:28 -08:00
2a733a8444
fix(ios): harden watch messaging activation concurrency ( #33306 )
...
Merged via squash.
Prepared head SHA: d40f8c4afb
2026-03-03 22:38:54 +00:00
4c6dec84a6
Telegram/device-pair: auto-arm one-shot notify on /pair qr with manual fallback ( #33299 )
...
Merged via squash.
Prepared head SHA: 0986691fd4
2026-03-03 22:36:45 +00:00
a36ccf4156
fix(ios): start incremental speech at soft boundaries ( #33305 )
...
Merged via squash.
Prepared head SHA: d1acf72317
2026-03-03 22:36:40 +00:00
22e33ddda9
fix(ios): guard talk TTS callbacks to active utterance ( #33304 )
...
Merged via squash.
Prepared head SHA: dd88886e41
2026-03-03 22:34:09 +00:00
a8dd9ffea1
security: add X-Content-Type-Options nosniff header to media route ( #30356 )
...
Merged via squash.
Prepared head SHA: b14f9ad7ca
2026-03-03 13:35:46 -08:00
bcd58c26d3
fix(logging ): use local timezone for console log timestamps ( #25970 )
...
Merged via squash.
Prepared head SHA: 30123265b7
2026-03-04 00:31:41 +03:00
e4b4486a96
Agent: unify bootstrap truncation warning handling ( #32769 )
...
Merged via squash.
Prepared head SHA: 5d6d4ddfa6
2026-03-03 16:28:38 -05:00
3ad3a90db3
fix(gateway): include disk-scanned agent IDs in listConfiguredAgentIds ( #32831 )
...
Merged via squash.
Prepared head SHA: 2aa58f6afd
2026-03-03 21:19:18 +00:00
b02a07655d
fix: harden pr review artifact validation
2026-03-03 21:14:37 +00:00
a9969e641a
docs: fix secretref marker rendering in credential surface
2026-03-03 15:08:41 -06:00
ff96e41c38
fix(discord): align DiscordAccountConfig.token type with SecretInput ( #32490 )
...
Merged via squash.
Prepared head SHA: 233aa032f1
2026-03-03 14:59:57 -06:00
44162e7ba5
docs(contributing): require before/after screenshots for UI PRs ( #32206 )
...
Merged via squash.
Prepared head SHA: d7f0914873
2026-03-03 23:45:19 +03:00
2cd3be896d
docs(security): document Docker UFW hardening via DOCKER-USER ( #27613 )
...
Merged via squash.
Prepared head SHA: 31ddd43326
2026-03-03 12:28:35 -08:00
490670128b
fix(docs): avoid MDX regex markers in secretref page
2026-03-03 14:00:09 -06:00
70c6bc8581
fix(docs): use MDX-safe secretref markers
2026-03-03 13:54:03 -06:00
65816657c2
feat(discord): add allowBots mention gating
2026-03-03 12:47:25 -06:00
b0bcea03db
fix: drop discord opus dependency
2026-03-03 12:23:19 -06:00
16ebbd24b5
fix(discord): reset thread sessions on archive
2026-03-03 11:32:59 -06:00
b8b1eeb052
fix(discord): harden slash command routing
2026-03-03 11:32:05 -06:00
0eef7a367d
fix(discord): honor agent media roots in replies
2026-03-03 11:29:58 -06:00
548b15d8e0
fix(discord): skip bot messages before debounce
2026-03-03 11:29:58 -06:00
05446d6b6b
docs: document discord ignoreOtherMentions
2026-03-03 11:26:20 -06:00
e28ff1215c
fix: discord auto presence health signal ( #33277 ) (thanks @thewilloftheshadow) ( #33277 )
2026-03-03 11:20:59 -06:00
3d998828b9
fix: stabilize Telegram draft boundaries and suppress NO_REPLY lead leaks ( #33169 )
...
* fix: stabilize telegram draft stream message boundaries
* fix: suppress NO_REPLY lead-fragment leaks
* fix: keep underscore guard for non-NO_REPLY prefixes
* fix: skip assistant-start rotation only after real lane rotation
* fix: preserve finalized state when pre-rotation does not force
* fix: reset finalized preview state on message-start boundary
* fix: document Telegram draft boundary + NO_REPLY reliability updates (#33169 ) (thanks @obviyus)
2026-03-03 22:49:33 +05:30
a7a9a3d3c8
fix: allowlist Discord CDN hostnames for SSRF media ( #33275 ) (thanks @thewilloftheshadow) ( #33275 )
2026-03-03 11:17:27 -06:00
bf7061092a
iOS Security Stack 4/5: TTS PCM->MP3 Fallback ( #30885 ) ( #33032 )
...
Merged via /review-pr -> /prepare-pr -> /merge-pr.
Prepared head SHA: f77e3d7644
2026-03-03 16:33:55 +00:00
d493861c16
fix: discord mention handling ( #33224 ) (thanks @thewilloftheshadow) ( #33224 )
2026-03-03 10:32:22 -06:00
a3112d6c5f
iOS Security Stack 3/5: Runtime Security Guards ( #33031 )
...
Merged via /review-pr -> /prepare-pr -> /merge-pr.
Prepared head SHA: 9917165401
2026-03-03 16:30:27 +00:00
6df57d9633
iOS Security Stack 2/5: Concurrency Locks ( #33241 )
...
Merged via /review-pr -> /prepare-pr -> /merge-pr.
Prepared head SHA: b99ad804fb
2026-03-03 16:28:27 +00:00
3ee8528b17
test(discord): align bound-thread target kind
2026-03-03 10:22:52 -06:00
3b3738e41e
fix(discord): use fetch for voice upload slots
2026-03-03 10:22:28 -06:00
66d06beec6
fix(discord): stop typing after silent runs
2026-03-03 10:22:27 -06:00
5d16d45b20
fix(discord): default presence online when unconfigured
2026-03-03 10:22:27 -06:00
6593a57607
fix: improve discord chunk delivery ( #33226 ) (thanks @thewilloftheshadow) ( #33226 )
2026-03-03 10:17:33 -06:00
ec0eb9f8c3
iOS Security Stack 1/5: Keychain Migrations + Tests ( #33029 )
...
Merged via /review-pr -> /prepare-pr -> /merge-pr.
Prepared head SHA: da2f8f6141
2026-03-03 16:15:20 +00:00
606cd0d591
feat(tool-truncation): use head+tail strategy to preserve errors during truncation ( #20076 )
...
Merged via squash.
Prepared head SHA: 6edebf22b1
2026-03-03 08:11:14 -08:00
d89e1e40f9
docs(loop-detection): fix config keys to match schema ( #33182 )
...
Merged via squash.
Prepared head SHA: 612ecc00d3
2026-03-03 11:02:30 -05:00
ca307c3fdf
fix: harden Discord channel resolution ( #33142 ) (thanks @thewilloftheshadow) ( #33142 )
2026-03-03 09:31:26 -06:00
4abf398a17
fix: Discord acp inline actions + bound-thread filter ( #33136 ) (thanks @thewilloftheshadow) ( #33136 )
2026-03-03 09:30:21 -06:00
8e2e4b2ed5
fix: ignore discord wildcard audit keys ( #33125 ) (thanks @thewilloftheshadow) ( #33125 )
2026-03-03 09:28:30 -06:00
c8b45a4c5c
Compaction/Safeguard: preserve recent turns verbatim ( #25554 )
...
Merged via squash.
Prepared head SHA: 7fb33c411c
2026-03-03 07:00:49 -08:00
171f305c3d
chore: note about pagination
2026-03-03 08:35:29 -06:00
LiaoyuanNing
Gustavo Madeira Santana
Igal Tabachnik
habakan
liquidhorizon88-bot
Cui Chen
Clawdoo
Mariano
Mariano
13otKmdr
wangchunyue
Sid
Shakker
joshavant
scoootscooob
Robin Waslander
dorukardahan
Shadow
Shadow
Ayaan Zaidi
Jason L. West, Sr.
Mylszd
Rodrigo Uroz