What:
- resolve shell from PATH in bash-tools tests (avoid /bin/bash dependency)
- mock DNS for web-fetch SSRF tests (no real network)
- stub a2ui bundle in canvas-host server test when missing
Why:
- keep gateway test suite deterministic on Nix/Garnix Linux
Tests:
- not run locally (known missing deps in unit test run)
The AUTH_CHOICE_CANCELLED error was showing to users during onboarding
because the applyAuthChoice call in onboarding.ts wasn't wrapped in
error handling. This adds the same try-catch loop pattern used in
configure.gateway-auth.ts and agents.commands.add.ts to properly
handle the cancellation and re-prompt for auth method selection.
What:
- stub resolvePinnedHostname in web-fetch tests to avoid DNS flake
- close lock file handles via FileHandle.close during cleanup to avoid EBADF
Why:
- make CI deterministic without network/DNS dependence
- prevent double-close errors from GC
Tests:
- pnpm vitest run --config vitest.unit.config.ts src/agents/tools/web-tools.fetch.test.ts src/agents/session-write-lock.test.ts (failed: missing @aws-sdk/client-bedrock)
- Add retry loops in configure.gateway-auth and agents.commands.add
- Catch AUTH_CHOICE_CANCELLED error and re-prompt for auth method
- Users can now go back to auth method selection when LiteLLM setup fails
- Import AuthChoice type for proper typing
Co-Authored-By: Claude <noreply@anthropic.com>
- Change label from 'Go back to provider selection' to 'Go back to auth method selection'
- Throw AUTH_CHOICE_CANCELLED error to signal proper navigation level
- More accurate description of where user will be taken
Co-Authored-By: Claude <noreply@anthropic.com>
- Remove 'Enter model name manually' from error recovery menu
- Only allow retry with different credentials or cancel
- Ensures users fix the actual connection issue rather than bypass it
Co-Authored-By: Claude <noreply@anthropic.com>
- Clear CLI-provided API key and token options when retrying
- Forces fresh prompt instead of reusing old credentials
- Consistent behavior with base URL retry
Co-Authored-By: Claude <noreply@anthropic.com>
- Extract promptForApiKey and promptForBaseUrl as helper functions
- Use recursive retry instead of throwing errors
- Re-enter API key now retries the entire flow with new key
- Re-enter base URL now properly prompts for new URL and retries
- Both options maintain full onboarding flow instead of crashing
Co-Authored-By: Claude <noreply@anthropic.com>
- Add options to retry with different API key or base URL
- Allow manual model entry as fallback
- Option to return to provider selection instead of crashing
- Show helpful error context about why fetch might have failed
Co-Authored-By: Claude <noreply@anthropic.com>
- Remove manual context window prompt when not auto-detected
- Remove 'Enter custom model name' option from model selection
- Throw error if model fetch fails instead of prompting for manual entry
- Strip litellm/ prefix from API-returned model IDs to fix double prefix
* refactor(ui): enhance loadSessions function to accept overrides for session loading parameters
- Updated loadSessions to include optional parameters for activeMinutes, limit, includeGlobal, and includeUnknown.
- Modified refreshChat to use the new activeMinutes parameter when loading sessions.
- Removed duplicate applySettingsFromUrl call in handleConnected function.
* feat(ui): implement session refresh functionality after chat
- Added `refreshSessionsAfterChat` property to `ChatHost` and `GatewayHost` types.
- Introduced `isChatResetCommand` function to identify chat reset commands.
- Updated `handleSendChat` to set `refreshSessions` based on chat reset commands.
- Modified `handleGatewayEventUnsafe` to load sessions when chat is finalized and `refreshSessionsAfterChat` is true.
- Enhanced `refreshChat` to load sessions with `activeMinutes` set to 0 for immediate refresh.
NTFS does not allow < or > in filenames, causing the XML filename
escaping test to fail on Windows CI with ENOENT.
Replace file<test>.txt with file&test.txt — & is valid on all platforms
and still requires XML escaping (&), preserving the test's intent.
Fixes#3748
Previous fix only checked skippedEmpty > 0, but when model returns
content: [] no payloads are created at all. Now also checks
replies.length === 0 to catch this case.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
When running multiple Telegram bot accounts bound to different agents,
the /new command (and other slash commands) would send confirmation
messages via the wrong bot because the context was missing AccountId.
The fix adds AccountId: route.accountId to the context payload in
registerTelegramNativeCommands, matching how bot-message-context.ts
handles regular messages.
Fixes#2537
- Add msg.video_note to media extraction chain in bot/delivery.ts
- Add placeholder detection for video notes in bot-message-context.ts
- Video notes (rounded square video messages) are now processed and downloaded like regular videos
Fixes issue where video note messages were silently dropped because they weren't in the media handling logic.
Native slash commands (e.g. /verbose, /status) should not emit tool
summaries. Gate onToolResult behind CommandSource !== 'native' in
addition to the existing ChatType !== 'group' check.
Add test for native command exclusion.
- provides onToolResult in DM sessions (ChatType=direct)
- does not provide onToolResult in group sessions (ChatType=group)
- sends tool results via dispatcher in DM sessions
Replaces the old cross-provider test that expected onToolResult to
always be undefined.
875b018ea removed onToolResult from dispatch-from-config.ts to prevent
tool summaries leaking into group channels. However, this also broke
verbose tool summaries in DM/private sessions where they are expected.
This restores onToolResult but gates it behind ChatType !== 'group',
so group channels remain unaffected while DM verbose works again.
mirror=false is passed to sendPayloadAsync to avoid duplicating tool
summaries in the session transcript (matching the block reply behavior).
Fixes#2665
Add a `paths` option to `memorySearch` config, allowing users to
explicitly specify additional directories or files to include in
memory search.
Follow-up to #2961 as suggested by @gumadeiras — instead of auto-following
symlinks (which has security implications), users can now explicitly
declare additional search paths.
- Add `memorySearch.paths` config option (array of strings)
- Paths can be absolute or relative (resolved from workspace)
- Directories are recursively scanned for `.md` files
- Single `.md` files can also be specified
- Paths from defaults and agent overrides are merged
- Added 4 test cases for listMemoryFiles
* fix: Prevent XML attribute injection by escaping special characters in file name and MIME type attributes.
* fix: text attachment MIME misclassification with security hardening (#3628)
- Fix CSV/TSV inference from content heuristics
- Add UTF-16 detection and BOM handling
- Add XML attribute escaping for file output (security)
- Add MIME override logging for auditability
- Add comprehensive test coverage for edge cases
Thanks @frankekn
Self messages from the linked WhatsApp number bypass dmPolicy and allowFrom
checks automatically. Clarified that users don't need to add their own
number to the allowlist.
Self messages from the linked WhatsApp number bypass dmPolicy checks
entirely (via isSamePhone check in access-control.ts)...
This commit completes the LiteLLM prompt caching implementation by:
1. Applying cacheControlTtl defaults to litellm/claude-* models in addition
to anthropic/* models. Previously, only direct Anthropic models received
the default 1h cache TTL, causing LiteLLM Claude models to skip caching.
2. Setting api: "anthropic-messages" for Claude models during onboarding.
LiteLLM was using openai-completions API which doesn't support Anthropic's
cache control headers. The anthropic-messages API is required for proper
prompt caching functionality.
Result: 90% cost reduction for LiteLLM Claude usage (from $0.47 to $0.05 per
message with ~94K token conversations), matching direct Anthropic API costs.
Co-Authored-By: Claude (claude-sonnet-4-5) <noreply@anthropic.com>
- Set api: 'anthropic-messages' for claude-* models through LiteLLM
- Add LiteLLM to resolveCacheControlTtl for cache parameter passthrough
- Enables proper Anthropic cache control headers for cost savings
This fixes the missing cache support by ensuring:
1. Claude models use the correct API format (anthropic-messages)
2. Cache control TTL is resolved and passed through for LiteLLM
- Add LiteLLM + Claude model detection to isCacheTtlEligibleProvider
- Reduces cost by 90% for Claude models through LiteLLM proxy
- Add test coverage for cache eligibility detection
- Document prompt caching behavior and cost savings
Before: $0.47 per message (no caching)
After: $0.05 per message (90% cached)
Closes#2683
