c7510e0f1a
fix(hooks): skip full gate for docs-only commits
2026-04-01 20:02:54 +09:00
c65e152b39
fix: preserve anthropic thinking replay ( #58916 )
...
* test: add anthropic thinking replay regressions
* fix: preserve anthropic thinking blocks on replay
* fix: preserve anthropic thinking replay (#58916 )
* fix: move anthropic replay changelog entry (#58916 )
2026-04-01 16:23:47 +05:30
00a49fe8b4
docs: add gateway.webchat.chatHistoryMaxChars config reference
2026-04-01 19:25:17 +09:00
32ae841098
feat(web-search): add SearXNG as bundled web search provider plugin ( #57317 )
...
* feat(web-search): add bundled searxng plugin
* test(web-search): cover searxng config wiring
* test(web-search): include searxng in bundled provider inventory
* test(web-search): keep searxng ordering aligned
* fix(web-search): sanitize searxng result rows
---------
Co-authored-by: Vincent Koc <vincentkoc@ieee.org >
2026-04-01 19:24:33 +09:00
3f67581e50
fix: retry safe wrapped Telegram send failures ( #51895 ) (thanks @chinar-amrutkar)
...
* fix(telegram): traverse error .cause chain in formatErrorMessage and match grammY HttpError
grammY wraps network failures in HttpError with message
'Network request for ... failed!' and the original error in .cause.
formatErrorMessage only checked err.message, so shouldRetry never
fired for the most common transient failure class.
Changes:
- formatErrorMessage now traverses .cause chain, appending nested
error messages (with cycle protection)
- Added 'Network request' to TELEGRAM_RETRY_RE as belt-and-suspenders
- Added tests for .cause traversal, circular references, and grammY
HttpError retry behavior
Fixes #51525
* style: fix oxfmt formatting in retry-policy.ts
* fix: add braces to satisfy oxlint requirement
* fix(telegram): keep send retries strict
* test(telegram): cover wrapped retry paths
* fix(telegram): retry rate-limited sends safely
* fix: retry safe wrapped Telegram send failures (#51895 ) (thanks @chinar-amrutkar)
* fix: preserve wrapped Telegram rate-limit retries (#51895 ) (thanks @chinar-amrutkar)
---------
Co-authored-by: chinar-amrutkar <chinar-amrutkar@users.noreply.github.com >
Co-authored-by: Ayaan Zaidi <hi@obviy.us >
2026-04-01 15:54:29 +05:30
5c8d9da749
docs: add SearXNG web search provider page and navigation
2026-04-01 19:18:15 +09:00
f1595f59b4
fix(ci): allow plugin npm preview without publish token ( #58929 )
2026-04-01 19:16:46 +09:00
d766bfc6b2
fix(memory): preserve session indexing during full reindex ( #39732 )
...
Merged via squash.
Prepared head SHA: 0dbaf5fffbf9bd79d164e60a1b0dc02ddd93e69c
Co-authored-by: upupc <12829489+upupc@users.noreply.github.com >
Co-authored-by: altaywtf <9790196+altaywtf@users.noreply.github.com >
Reviewed-by: @altaywtf
2026-04-01 13:12:30 +03:00
1654c3a851
feat(gateway): make chat history max chars configurable ( #58900 )
...
* feat(gateway): make chat history max chars configurable
* fix(gateway): address review feedback
* docs(changelog): note configurable chat history limits
2026-04-01 21:08:37 +11:00
b2bb129e2c
docs(changelog): note chat error fallback fix
2026-04-01 20:53:35 +11:00
78b48735fa
test: restore fetch stubs in embedding suites
2026-04-01 20:53:16 +11:00
101c31f5e1
test: harden ci-sensitive unit suites
2026-04-01 20:53:16 +11:00
4e63dc0b1c
fix: hide raw provider errors from chat replies
2026-04-01 20:53:16 +11:00
fbe3ca4d7d
fix(plugins): pass dangerouslyForceUnsafeInstall through archive and … ( #58879 )
...
Merged via squash.
Prepared head SHA: 87eb27d902e03fa9ae5804e652b931464ed3d970
Co-authored-by: ryanlee-gemini <181323138+ryanlee-gemini@users.noreply.github.com >
Co-authored-by: odysseus0 <8635094+odysseus0@users.noreply.github.com >
Reviewed-by: @odysseus0
2026-04-01 02:52:01 -07:00
72af92ba4e
qqbot: require explicit allowlist for /bot-logs to prevent info disclosure ( #58895 )
...
* qqbot: harden /bot-logs authorization fallback
* fix(qqbot): harden bot logs allowlist guard
* fix(qqbot): normalize bot logs allowlist entries
2026-04-01 18:40:46 +09:00
07c60ae461
fix(agent): treat webchat exec approvals as native UI ( #58904 )
...
* fix(agent): treat webchat exec approvals as native UI
* docs(changelog): note webchat exec approval UI fix
* test(agent): cover webchat native approval guidance
2026-04-01 18:36:21 +09:00
8b2d24b62b
docs(security): clarify node pairing trust boundary
2026-04-01 18:27:23 +09:00
29784af1e2
style(gateway): normalize node reconnect formatting
2026-04-01 18:27:06 +09:00
f6317fb747
fix(gateway): stop pinning node commands to pairing state
2026-04-01 18:27:06 +09:00
fe57ee513f
test: drop stale task boundary allowlist entries
2026-04-01 10:17:47 +01:00
d005cc8b42
test: align cron abort regression with #58833
2026-04-01 10:17:47 +01:00
92f1772e93
test: allow boundary test on main
2026-04-01 10:17:47 +01:00
f559ea126d
fix: land slash command metadata parsing ( #58725 ) (thanks @Mlightsnow)
2026-04-01 10:17:47 +01:00
3b1f8e3461
fix: strip inbound metadata before slash command detection ( #58674 )
...
Slash commands like /model and /new were silently ignored when the inbound
message body included metadata prefix blocks (Conversation info, Sender info,
timestamps) injected by buildInboundUserContextPrefix. The command detection
functions (hasControlCommand, isControlCommandMessage, parseSendPolicyCommand)
now call stripInboundMetadata before normalizeCommandBody so embedded slash
commands are correctly recognized.
2026-04-01 10:17:20 +01:00
fb28b02540
fix: preserve bundled channel plugin compat ( #58873 )
...
* fix: preserve bundled channel plugin compat
* fix: preserve bundled channel plugin compat (#58873 )
* fix: scope channel plugin compat to bundled plugins (#58873 )
2026-04-01 14:42:36 +05:30
2d53ffdec1
fix(exec): resolve remote approval regressions ( #58792 )
...
* fix(exec): restore remote approval policy defaults
* fix(exec): handle headless cron approval conflicts
* fix(exec): make allow-always durable
* fix(exec): persist exact-command shell trust
* fix(doctor): match host exec fallback
* fix(exec): preserve blocked and inline approval state
* Doctor: surface allow-always ask bypass
* Doctor: match effective exec policy
* Exec: match node durable command text
* Exec: tighten durable approval security
* Exec: restore owner approver fallback
* Config: refresh Slack approval metadata
---------
Co-authored-by: scoootscooob <zhentongfan@gmail.com >
2026-04-01 02:07:20 -07:00
4ceb01f9ed
docs(gateway): document node pairing repair flow
2026-04-01 18:02:56 +09:00
db0cea5689
refactor(gateway): extract node pairing reconciliation
2026-04-01 18:02:31 +09:00
4590ac31cc
fix: note exec approval continuation in changelog ( #58860 ) (thanks @Nanako0129)
2026-04-01 17:56:55 +09:00
7f53c1ca00
test(exec): cover delayed Discord approval continuation
2026-04-01 17:56:55 +09:00
63da2c7034
fix(exec): resume agent session after approval completion
2026-04-01 17:56:55 +09:00
4fa11632b4
fix: escalate to model fallback after rate-limit profile rotation cap ( #58707 )
...
* fix: escalate to model fallback after rate-limit profile rotation cap
Per-model rate limits (e.g. Anthropic Sonnet-only quotas) are not
relieved by rotating auth profiles — if all profiles share the same
model quota, cycling between them loops forever without falling back
to the next model in the configured fallbacks chain.
Apply the same rotation-cap pattern introduced for overloaded_error
(#58348 ) to rate_limit errors:
- Add `rateLimitedProfileRotations` to auth.cooldowns config (default: 1)
- After N profile rotations on a rate_limit error, throw FailoverError
to trigger cross-provider model fallback
- Add `resolveRateLimitProfileRotationLimit` helper following the same
pattern as `resolveOverloadProfileRotationLimit`
Fixes #58572
* fix: cap prompt-side rate-limit failover (#58707 ) (thanks @Forgely3D)
* fix: restore latest-main gates for #58707
---------
Co-authored-by: Ember (Forgely3D) <ember@forgely.co >
Co-authored-by: Peter Steinberger <steipete@gmail.com >
2026-04-01 17:54:10 +09:00
8fce663861
fix(subagents): harden task-registry lifecycle writes ( #58869 )
...
* fix(subagents): harden task-registry lifecycle writes
* chore(changelog): note subagent task-registry hardening
* fix(subagents): align lifecycle terminal timestamps
* fix(subagents): sanitize lifecycle warning metadata
2026-04-01 17:50:52 +09:00
1ce410a7be
fix(sandbox): use browser image for browser runtime matching ( #58759 )
...
* fix(sandbox): compare browser runtimes against sandbox browser image
* refactor(sandbox): route docker runtime matching by config label kind
* fix(sandbox): tag browser runtime removals correctly
* test(sandbox): share docker backend test config
* fix(sandbox): normalize browser runtime image matching
---------
Co-authored-by: Vincent Koc <vincentkoc@ieee.org >
2026-04-01 17:44:52 +09:00
10750fb80e
Cron: avoid busy-wait drift for recurring main jobs ( #58872 )
2026-04-01 01:31:21 -07:00
2b67f96895
docs(anthropic): note oauth context1m fallback
2026-04-01 09:21:49 +01:00
32f392eda4
refactor(core): drop old anthropic stream wrapper file
2026-04-01 09:21:48 +01:00
59c23dee09
refactor(anthropic): move stream wrappers into plugin
2026-04-01 09:21:48 +01:00
2bc8a0d67c
refactor: add doctor cron migration helpers
2026-04-01 17:06:24 +09:00
19d0c2dd1d
refactor: remove cron legacy delivery from runtime
2026-04-01 17:06:01 +09:00
2d79c9cb16
docs: add WhatsApp reactionLevel and Feishu Drive comment actions
2026-04-01 16:56:47 +09:00
95182d51cc
fix: harden bundled plugin runtime deps
2026-04-01 08:55:00 +01:00
edfac5f2df
docs(changelog): note line runtime packaging fix
2026-04-01 13:20:50 +05:30
d4643e06bd
fix(line): resolve dist runtime contract path
2026-04-01 13:20:50 +05:30
facdeb3432
feat(tasks): add chat-native task board ( #58828 )
2026-04-01 16:48:36 +09:00
7cf8ccf9b3
fix: avoid startup gateway reload loop ( #58678 ) (thanks @yelog)
2026-04-01 16:47:55 +09:00
71f341c4b4
docs: add /tasks chat command, cleanup-aware status, and QQ Bot troubleshooting
2026-04-01 16:46:04 +09:00
f5431bc07e
docs: clarify doctor cron migration guidance
2026-04-01 16:44:10 +09:00
802bdb099e
refactor: move cron legacy delivery migration to doctor
2026-04-01 16:44:10 +09:00
31ed09bc96
fix: run bundled deps postinstall for global npm
2026-04-01 08:38:24 +01:00
Vincent Koc