b880118d2d
feat: add TinyFish as bundled browser automation plugin ( #58645 )
...
* feat: add TinyFish as bundled browser automation plugin
Add a default-off bundled `tinyfish` plugin with one tool
(`tinyfish_automation`) for hosted browser automation of complex public
web workflows. Follows the existing plugin architecture pattern.
- Plugin entry, manifest with contracts, config schema, SecretRef support
- SSE stream parser with COMPLETE-terminal, SSRF guards, credential rejection
- Bundled skill with escalation guidance (web_fetch -> web_search -> tinyfish -> browser)
- Docs page, labeler rule, glossary entry, changelog entry
- 21 tests covering request serialization, auth, security, streaming, and error paths
Closes #41300
* plugins: address review feedback and regenerate baselines
- Split API_INTEGRATION into TINYFISH_API_INTEGRATION and CLIENT_SOURCE
for semantic clarity (Greptile P2)
- Wrap post-finally parseEventBlock in try/catch so trailing malformed
data does not mask "stream ended before COMPLETE" error (Greptile P2)
- Regenerate config-baseline and plugin-sdk-api-baseline for new plugin
---------
Co-authored-by: Simantak Dabhade <simantak@mac.local>
2026-04-02 01:46:05 -04:00
52a018680d
fix(plugins): guard runtime facade activation ( #59412 )
...
* fix(plugins): guard runtime facade activation
* refactor(plugin-sdk): localize facade load policy
* fix(plugin-sdk): narrow facade activation guards
* fix(browser): keep cleanup helpers outside activation guard
* style(browser): apply formatter follow-ups
* chore(changelog): note plugin activation guard regressions
* fix(discord): keep cleanup thread unbinds outside activation guard
* fix(browser): fallback when trash exits non-zero
2026-04-02 14:37:12 +09:00
ed6012eb5b
fix(agents): honor cacheRetention for custom anthropic providers ( #59049 )
...
* fix(agents): honor cacheRetention for custom anthropic providers
* docs(changelog): add cache retention entry
* Update CHANGELOG.md
* test(agents): add direct cache retention assertions
2026-04-02 14:34:01 +09:00
1707493be4
refactor(providers): add internal request config seam ( #59454 )
2026-04-02 14:28:25 +09:00
f69570f820
Exec approvals: fix policy source attribution ( #59367 )
...
Merged via squash.
Prepared head SHA: 974945a9f0
2026-04-02 01:28:14 -04:00
0e8e986c95
perf(memory): narrow telegram bot deps skill/runtime imports
2026-04-02 14:16:13 +09:00
1a037ff6cd
refactor(providers): centralize request attribution policy ( #59433 )
...
* refactor(providers): centralize request attribution policy
* style(providers): normalize request policy formatting
* style(providers): normalize request policy formatting
* style(providers): normalize request policy formatting
* docs(changelog): note provider request policy fix
* fix(providers): tighten request policy gates
2026-04-02 14:10:53 +09:00
b9c74fc884
fix(image-tool): resolve relative paths against workspaceDir ( #57222 )
...
Relative paths like "inbox/receipt.png" were resolved against
process.cwd() instead of the agent's workspaceDir, causing the
allowlist check to fail with "Local media path is not under an
allowed directory". This matches how the read tool already behaves.
Fixes #57215
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-02 00:41:09 -04:00
cae1d9bc6d
fix(whatsapp): add HTML/XML/CSS to MIME map + fallback for unknown media types ( #51562 )
...
Merged via squash.
Prepared head SHA: 83f2eabd49
2026-04-02 00:25:12 -03:00
534f0a644b
fix(plugins): keep browser facade helpers cold
2026-04-02 11:44:49 +09:00
51edd30bea
fix: restore local loopback role upgrades ( #59092 ) (thanks @openperf)
...
* fix(gateway ): allow silent role upgrades for local loopback clients
When a local loopback client connects with a role not covered by
existing device tokens, listEffectivePairedDeviceRoles incorrectly
returns an empty role set for devices whose tokens map is an empty
object. This triggers a role-upgrade pairing request that
shouldAllowSilentLocalPairing rejects because it does not recognise
the role-upgrade reason.
Fix listEffectivePairedDeviceRoles to fall back to legacy role fields
when the tokens map has no entries, and extend
shouldAllowSilentLocalPairing to accept role-upgrade for local
clients.
Fixes #59045
* fix: restore local loopback role upgrades (#59092 ) (thanks @openperf)
---------
Co-authored-by: Ayaan Zaidi <hi@obviy.us>
2026-04-02 08:13:45 +05:30
a7e3c0b0e1
feat(slack): add scoped prompts and mrkdwn hints ( #59100 )
...
* feat(slack): add scoped prompts and mrkdwn hints
* refactor(slack): drop dm prompt override
* refactor(slack): drop exposed prompt config
* chore(changelog): note slack mrkdwn fix
2026-04-02 11:23:43 +09:00
7771c69caf
fix(plugins): enforce activation before shipped imports ( #59136 )
...
* fix(plugins): enforce activation before shipped imports
* fix(plugins): remove more ambient bundled loads
* fix(plugins): tighten scoped loader matching
* fix(plugins): remove channel-id scoped loader matches
* refactor(plugin-sdk): relocate ambient provider helpers
* fix(plugin-sdk): preserve unicode ADC credential paths
* fix(plugins): restore safe setup fallback
2026-04-02 11:18:49 +09:00
ba735d0158
Exec approvals: unify effective policy reporting and actions ( #59283 )
...
Merged via squash.
Prepared head SHA: d579b97a93
2026-04-01 22:02:39 -04:00
32fa5c3be5
fix(agents): resolve compaction wait before channel flush ( #59308 )
...
Merged via squash.
Prepared head SHA: bf17502df8
2026-04-01 21:40:23 -04:00
c22233d96c
Revert "refactor(plugins): remove before_install hook"
2026-04-01 19:57:07 -05:00
560ea25294
Matrix: restore ordered progress delivery with explicit streaming modes ( #59266 )
...
Merged via squash.
Prepared head SHA: 523623b7e1
2026-04-01 19:35:03 -04:00
91a7505af6
fix(tests): serialize shared channel audit state cases
2026-04-01 19:12:05 -04:00
c87c8e66bf
Refactor channel approval capability seams ( #58634 )
...
Merged via squash.
Prepared head SHA: c9ad4e4706
2026-04-01 17:10:25 -04:00
d9a7ffe003
failover: classify AbortError / stream-abort messages as timeout ( #58315 ) ( #58324 )
...
Merged via squash.
Prepared head SHA: d8412f27e6
2026-04-02 00:02:31 +03:00
75ab5bce6b
fix(bluebubbles): add enrichGroupParticipantsFromContacts to core Zod schema ( #56889 )
...
* fix(bluebubbles): add enrichGroupParticipantsFromContacts to core Zod schema
The field was added to the extension config schema in #54984 but not
synced to the core strict Zod validator, causing config validation to
reject the key at startup with 'Unrecognized key'.
* test(config): add BlueBubbles schema regression coverage
* fix(bluebubbles): accept enrichGroupParticipantsFromContacts config
---------
Co-authored-by: Chris Zhang <chris@ChrisdeMac-mini.local>
Co-authored-by: Altay <altay@uinaf.dev>
2026-04-01 23:55:58 +03:00
71346940ad
refactor: add provider replay runtime hook surfaces ( #59143 )
...
Merged via squash.
Prepared head SHA: 56b41e87a5
2026-04-01 13:45:41 -07:00
ca76e2fedc
fix(cron-tool): add typed properties to job/patch schemas ( #55043 )
...
Merged via squash.
Prepared head SHA: 979bb0e8b7
2026-04-01 23:41:19 +03:00
7cb323d84f
feat(plugins): add before_agent_reply hook (claiming pattern) ( #20067 )
...
Merged via squash.
Prepared head SHA: e40dfbdfb9
2026-04-01 13:31:11 -07:00
017bc5261c
fix(gateway): prefer bootstrap auth over tailscale ( #59232 )
...
* fix(gateway): prefer bootstrap auth over tailscale
* fix(gateway): prefer bootstrap auth over tailscale (#59232 ) (thanks @ngutman)
2026-04-01 23:20:10 +03:00
5cf254a5f7
fix: honor authHeader provider config by injecting Authorization Bear… ( #54390 )
...
Merged via squash.
Prepared head SHA: 9889615571
2026-04-01 13:18:37 -07:00
90eb5b073f
fix: pass session identity to plugin commands ( #59044 )
...
Merged via squash.
Prepared head SHA: 0f7a23f139
2026-04-01 13:07:17 -07:00
711c9e7249
fix(gateway): emit before_reset on session reset ( #53872 )
...
Merged via squash.
Prepared head SHA: a47894ef16
2026-04-01 12:46:53 -07:00
1f99c87a44
feat: add `agents.defaults.compaction.notifyUser` config option (default: false) [ Fix #54249 ] ( #54251 )
...
Merged via squash.
Prepared head SHA: 6fd4cdb7c3
2026-04-01 12:29:17 -07:00
5b73108e58
fix: /context detail severely underestimates token count ( #28391 )
...
Merged via squash.
Prepared head SHA: 5ea6a074f3
2026-04-01 12:11:08 -07:00
1c83e2eec7
fix: scope session create aliases to requested agent ( #58207 )
...
Merged via squash.
Prepared head SHA: 9462848777
2026-04-01 11:39:31 -07:00
8abba663c5
chore: bump version to 2026.4.2
2026-04-01 19:39:27 +01:00
d076153fc9
fix(config): coerce numeric Discord IDs to strings instead of rejecting ( #45125 )
...
Merged via squash.
Prepared head SHA: 099ba514a1
2026-04-01 21:07:28 +03:00
5190b3b3fa
fix: avoid locally caught ACP session init exception ( #55136 ) (thanks @doguabaris)
2026-04-01 19:46:22 +02:00
da64a978e5
chore: prepare 2026.4.1 release
2026-04-01 17:57:10 +01:00
ec426ac356
perf(test): narrow slack string normalization imports
2026-04-02 00:29:50 +09:00
0453d355fd
perf(test): narrow discord monitor runtime seams
2026-04-01 23:47:22 +09:00
76c4ecd651
perf(test): narrow sdk seams for channel hotspots
2026-04-01 23:14:48 +09:00
8988894ff7
build: prepare 2026.4.1-beta.1 release
2026-04-01 15:09:19 +01:00
da9ffad368
fix(channels): restore target parsing barrel seam
2026-04-01 22:46:10 +09:00
00218ac8a4
fix(auth): persist codex oauth refresh tokens
2026-04-01 14:25:33 +01:00
14a779ee8d
revert: sandbox: block sensitive external bind sources ( #59016 )
...
This reverts commit 8db20c1965
2026-04-01 14:01:05 +01:00
131f6dac37
refactor: unify failover signal classification
2026-04-01 21:50:58 +09:00
25e2934809
refactor: route session target matching through plugin parsers
2026-04-01 13:42:57 +01:00
33fbd9b770
refactor: dedupe auth profile store normalization
2026-04-01 13:37:37 +01:00
ab3c646bb1
fix: preserve telegram exec approval topic routing
2026-04-01 13:34:50 +01:00
ac68321d4d
fix(auth-profiles ): ensure credential key and token are strings to prevent crash
...
Fixes #58861
2026-04-01 21:33:10 +09:00
cd4b03c568
fix: unify structured provider failover classification ( #58856 ) (thanks @aaron-he-zhu)
2026-04-01 21:31:18 +09:00
c96ee42300
fix(agents): normalize provider errors for better failover
...
Add provider-specific error patterns for AWS Bedrock, Ollama, Mistral,
Cohere, DeepSeek, Together AI, and Cloudflare Workers AI. These providers
return errors in non-standard formats that the generic classifiers miss,
causing incorrect failover behavior (e.g., context overflow misclassified
as format error, ThrottlingException not recognized as rate limit).
Wire provider patterns into isContextOverflowError() and
classifyFailoverReason() as catch-all layers after generic classifiers.
2026-04-01 21:31:18 +09:00
74b9f22a42
fix: add Telegram error suppression controls ( #51914 ) (thanks @chinar-amrutkar)
...
* feat(telegram): add error policy for suppressing repetitive error messages
Introduces per-account error policy configuration that can suppress
repetitive error messages (e.g., 429 rate limit, ECONNRESET) to
prevent noisy error floods in Telegram channels.
Closes #34498
* fix(telegram): track error cooldown per message
* fix(telegram): prune expired error cooldowns
* fix: add Telegram error suppression controls (#51914 ) (thanks @chinar-amrutkar)
---------
Co-authored-by: chinar-amrutkar <chinar-amrutkar@users.noreply.github.com>
Co-authored-by: Ayaan Zaidi <hi@obviy.us>
2026-04-01 17:52:28 +05:30
Simantak Dabhade
Vincent Koc
Gustavo Madeira Santana
Priyansh Gupta
bobbyt74
wangchunyue
joshavant
Logan Ye
zqchris
Josh Lehman
Bruno Lorente
Joshua Lelon Mitchell
Nimrod Gutman
9ra55
VACInc
Oguri Cap
Luke
Peter Steinberger
Moliendo
Doğu Abaris
Jacob Tomlinson
openperf
Aaron Zhu
Chinar Amrutkar