admin/Moltbot
1
0
Fork 0
Code Issues Pull Requests Actions 6 Packages Projects Releases Wiki Activity
14,699 Commits 1 Branch 0 Tags
b35d00aaf8b68c77e9d4ef6ef4e6101acf830b7a
Commit Graph

9320 Commits

Author SHA1 Message Date
Peter Steinberger
b35d00aaf8 fix: sanitize Gemini 3.1 Google reasoning payloads 2026-02-25 01:40:14 +00:00
Peter Steinberger
039713c3e7 fix: suppress reasoning payload leakage in whatsapp replies 2026-02-25 01:36:37 +00:00
Peter Steinberger
a177b10b79 test(windows): normalize risky-path assertions 2026-02-25 01:28:47 +00:00
Peter Steinberger
e2362d352d fix(heartbeat): default target none and internalize relay prompts 2026-02-25 01:28:47 +00:00
Peter Steinberger
43f318cd9a fix(agents): reduce billing false positives on long text (#25680) 
Land PR #25680 from @lairtonlelis.
Retain explicit status/code/http 402 detection for oversized structured payloads.

Co-authored-by: Ailton <lairton@telnyx.com>
 2026-02-25 01:22:17 +00:00
Peter Steinberger
0078070680 fix(telegram): refresh global undici dispatcher for autoSelectFamily (#25682) 
Land PR #25682 from @lairtonlelis after maintainer rework:
track dispatcher updates when network decision changes to avoid stale global fetch behavior.

Co-authored-by: Ailton <lairton@telnyx.com>
 2026-02-25 01:16:03 +00:00
Peter Steinberger
bd213cf2ad fix(agents): normalize SiliconFlow Pro thinking=off payload (#25435) 
Land PR #25435 from @Zjianru.
Changelog: add 2026.2.24 fix entry with contributor credit.

Co-authored-by: codez <codezhujr@gmail.com>
 2026-02-25 01:11:34 +00:00
Peter Steinberger
2157c490af test: normalize tmp media path assertion for windows 2026-02-25 00:58:17 +00:00
Peter Steinberger
5c6b2cbc8e refactor: extract iMessage echo cache and unify suppression guards 2026-02-25 00:53:39 +00:00
Peter Steinberger
196a7dbd24 test(media): add win32 dev=0 local media regression 2026-02-25 00:47:02 +00:00
Peter Steinberger
2a11c09a8d fix: harden iMessage echo dedupe and reasoning suppression (#25897) 2026-02-25 00:46:56 +00:00
Peter Steinberger
a9ce6bd79b refactor: dedupe exec wrapper denial plan and test setup 2026-02-25 00:43:29 +00:00
Peter Steinberger
943b8f171a fix: align windows safe-open file identity checks 2026-02-25 00:42:04 +00:00
shenghui kevin
7455ceecf8 fix(windows): skip unreliable dev comparison in fs-safe openVerifiedLocalFile 
On Windows, device IDs (dev) returned by handle.stat() and fs.lstat()
may differ even for the same file, causing false-positive 'path-mismatch'
errors when reading local media files.

This fix introduces a statsMatch() helper that:
- Always compares inode (ino) values
- Skips device ID (dev) comparison on Windows where it's unreliable
- Maintains full comparison on Unix platforms

Fixes #25699
 2026-02-25 00:42:04 +00:00
Peter Steinberger
3c95f89662 refactor(exec): split system.run phases and align ts/swift validator contracts 2026-02-25 00:35:06 +00:00
Peter Steinberger
a1a6235c66 test: bridge discord voice private casts via unknown 2026-02-25 00:31:17 +00:00
Peter Steinberger
9cd50c51b0 fix(discord): harden voice DAVE receive reliability (#25861) 
Reimplements and consolidates related work:
- #24339 stale disconnect/destroyed session guards
- #25312 voice listener cleanup on stop
- #23036 restore @snazzah/davey runtime dependency

Adds Discord voice DAVE config passthrough, repeated decrypt failure
rejoin recovery, regression tests, docs, and changelog updates.

Co-authored-by: Frank Yang <frank.ekn@gmail.com>
Co-authored-by: Do Cao Hieu <admin@docaohieu.com>
 2026-02-25 00:19:50 +00:00
Vincent Koc
5509bf2c75 Gateway tests: include synthetic allowlist models in models.list 2026-02-24 19:16:02 -05:00
Vincent Koc
f7cf3d0dad Gateway tests: accept allowlisted refs absent from catalog 2026-02-24 19:16:02 -05:00
Vincent Koc
f34325ec01 Tests: cover allowlist refs missing from catalog 2026-02-24 19:16:02 -05:00
Vincent Koc
e9068e2571 Agents: trust explicit allowlist refs beyond catalog 2026-02-24 19:16:02 -05:00
Peter Steinberger
57c9a18180 fix(security): block env depth-overflow approval bypass 2026-02-25 00:14:13 +00:00
Vincent Koc
aee38c42d3 Tests: preserve OpenRouter explicit auth order under cooldown fields 2026-02-24 19:12:08 -05:00
Vincent Koc
06f0b4a193 Tests: keep OpenRouter runnable with legacy cooldown markers 2026-02-24 19:12:08 -05:00
Vincent Koc
ebc8c4b609 Tests: skip OpenRouter failure cooldown persistence 2026-02-24 19:12:08 -05:00
Vincent Koc
5de04960a0 Tests: cover OpenRouter cooldown display bypass 2026-02-24 19:12:08 -05:00
Vincent Koc
f1d5c1a31f Auth: use cooldown helper in explicit profile order 2026-02-24 19:12:08 -05:00
Vincent Koc
daa4f34ce8 Auth: bypass cooldown tracking for OpenRouter 2026-02-24 19:12:08 -05:00
Peter Steinberger
97e56cb73c fix(discord): land proxy/media/reaction/model-picker regressions 
Reimplements core Discord fixes from #25277 #25523 #25575 #25588 #25731 with expanded tests.

- thread proxy-aware fetch into inbound attachment/sticker downloads
- fetch /gateway/bot via proxy dispatcher before ws connect
- wire statusReactions emojis/timing overrides into controller
- compact model-picker custom_id keys with backward-compatible parsing

Co-authored-by: openperf <openperf@users.noreply.github.com>
Co-authored-by: chilu18 <chilu18@users.noreply.github.com>
Co-authored-by: Yipsh <Yipsh@users.noreply.github.com>
Co-authored-by: lbo728 <lbo728@users.noreply.github.com>
Co-authored-by: s1korrrr <s1korrrr@users.noreply.github.com>
 2026-02-25 00:03:30 +00:00
Peter Steinberger
55cf92578d fix(security): harden system.run companion command binding 2026-02-25 00:02:03 +00:00
Fred White
b7deb062ea fix: normalize "bedrock" provider ID to "amazon-bedrock" 
Add "bedrock" and "aws-bedrock" as aliases for the canonical
"amazon-bedrock" provider ID in normalizeProviderId().

Without this mapping, configuring a model as "bedrock/..." causes
the auth resolution fallback to miss the Bedrock-specific AWS SDK
path, since the fallback check requires normalized === "amazon-bedrock".
This primarily affects the main agent when the explicit auth override
is not preserved through config merging.

Fixes #15716
 2026-02-24 23:57:11 +00:00
suko
b3e6653503 fix(onboard): avoid false 'telegram plugin not available' block 2026-02-24 23:55:27 +00:00
Peter Steinberger
b0bb3cca8a test(types): fix ts narrowing regressions in followup and matrix queue tests 2026-02-24 23:54:51 +00:00
Mark Musson
e22a2d77ba fix(whatsapp): stop retry loop on non-retryable 440 close 2026-02-24 23:52:49 +00:00
Peter Steinberger
def993dbd8 refactor(tmp): harden temp boundary guardrails 2026-02-24 23:51:10 +00:00
Vincent Koc
cc386f4962 Telegram tests: route exact do not do that to control lane 2026-02-24 18:50:53 -05:00
Vincent Koc
83f586b93b Gateway tests: cover exact do not do that stop matching 2026-02-24 18:50:53 -05:00
Vincent Koc
91391bbe01 Auto-reply tests: assert exact do not do that behavior 2026-02-24 18:50:53 -05:00
Vincent Koc
7bb08ba945 Auto-reply: add exact stop trigger for do not do that 2026-02-24 18:50:53 -05:00
Peter Steinberger
53f9b7d4e7 fix(automation): harden announce delivery + cron coding profile (#25813 #25821 #25822) 
Co-authored-by: Shawn <shenghuikevin@shenghuideMac-mini.local>
Co-authored-by: 不做了睡大觉 <user@example.com>
Co-authored-by: Marcus Widing <widing.marcus@gmail.com>
 2026-02-24 23:49:34 +00:00
Peter Steinberger
36d1e1dcff refactor(telegram): simplify DM media auth precheck flow 2026-02-24 23:49:10 +00:00
Peter Steinberger
316fad13aa refactor(outbound): unify attachment hydration flow 2026-02-24 23:48:43 +00:00
Brian Mendonca
9924f7c84e fix(security): classify hook sessions case-insensitively 2026-02-24 23:48:09 +00:00
Brian Mendonca
48b052322b Security: sanitize inherited host exec env 2026-02-24 23:46:39 +00:00
Peter Steinberger
9514201fb9 fix(telegram): block unauthorized DM media downloads 2026-02-24 23:44:50 +00:00
Brian Mendonca
5a64f6d766 Gateway/Security: protect /api/channels plugin root 2026-02-24 23:44:32 +00:00
Peter Steinberger
453664f09d refactor(zalo): split monitor access and webhook logic 2026-02-24 23:40:51 +00:00
Peter Steinberger
58309fd8d9 refactor(matrix,tests): extract helpers and inject send-queue timing 2026-02-24 23:37:50 +00:00
Peter Steinberger
a2529c25ff test(matrix,discord,sandbox): expand breakage regression coverage 2026-02-24 23:37:50 +00:00
Peter Steinberger
13a1c46396 fix(web-search): reduce provider auto-detect log noise 2026-02-24 23:32:29 +00:00