- Add *.d.ts to oxlint ignore patterns
- Remove unused imports from test files
- Prefix unused variables with underscore
- Fix floating promises with void operator
Co-Authored-By: Claude <noreply@anthropic.com>
- Remove unused imports in test files (manager.test.ts, discord-reply.test.ts)
- Remove unused ThetaPhase import in session/types.ts
- Change unused expiresAt to _expiresAt in session/recovery.ts
- Change unused SEARCH_PROVIDERS to _SEARCH_PROVIDERS in web-search.js
- Remove unused catch parameter _error in codex-reviewer.ts
- Clean up agent-flow.test.ts and githubops.test.ts imports
Co-Authored-By: Claude <noreply@anthropic.com>
- Change unused catch parameter to _error in codex-reviewer.ts
- Remove unused ArtifactFilter import in artifacts/manager.ts
- Change unused error parameter to _error in session/recovery.ts
- Remove unused saveState import in session/manager.test.ts
- Convert unknown error to string in githubops.test.ts template literal
Co-Authored-By: Claude <noreply@anthropic.com>
- P1-6: Add threadId support to Discord reply (use threadId as target channel)
- P1-7: Handle long input (>4000 chars) with temp files
- P1-8: Capture tmux output with capture-pane instead of send-keys stdout
P0-1: Fix Agent Selection Bug (decide.ts)
- Move wildcard agent (conductor) to end of AVAILABLE_AGENTS array
- Update selectAgent() to prioritize specific intents over wildcard
- Previously, wildcard matched first, causing all intents to select conductor
P0-2: Fix Command Injection Vulnerability (codex-reviewer.ts)
- Add escapeShellString() function to sanitize user content
- Escape backslashes, quotes, $, backticks, newlines, carriage returns
- Apply escaping in execTmux() and buildCodexCommand()
- Previously, unescaped user content could execute arbitrary shell commands
Security: Prevents attackers from injecting malicious commands via
user-controlled content (code review input) that gets passed to tmux.
- Add @aws-sdk/client-dynamodb dependency
- Remove non-existent LINE integration (line-reply.ts)
- Change ResponseFormat from enum to const object for type safety
- Fix Discord API imports - use inline types instead of non-existent exports
- Add CreateTableCommand import to artifacts/manager.ts
- Add tmuxTarget property to ReviewOptions
- Remove TimeToLiveSpecification from CreateTable (TTL configured separately)
- Fix timestamp type conversion in createDiscordReply
This resolves build errors when running the clawdbot command.