Commit Graph

8336 Commits

Author SHA1 Message Date
Ash Brener
e8d3d88a9a Merge branch 'main' of github.com:moltbot/moltbot into feat/workspace-cloud-sync 2026-01-29 08:35:44 +02:00
Ayaan Zaidi
718bc3f9c8
fix: avoid silent telegram empty replies (#3796) (#3796) 2026-01-29 11:34:47 +05:30
Conroy Whitney
c20035094d
fix: use & instead of <> in XML escaping test for Windows NTFS compatibility (#3750)
NTFS does not allow < or > in filenames, causing the XML filename
escaping test to fail on Windows CI with ENOENT.

Replace file<test>.txt with file&test.txt — & is valid on all platforms
and still requires XML escaping (&amp;), preserving the test's intent.

Fixes #3748
2026-01-29 05:46:50 +00:00
kiranjd
0761652701 fix(telegram): handle empty reply array in notifyEmptyResponse
Previous fix only checked skippedEmpty > 0, but when model returns
content: [] no payloads are created at all. Now also checks
replies.length === 0 to catch this case.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-29 11:13:39 +05:30
kiranjd
a2d06e75b0 fix(telegram): notify users when agent returns empty response
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-29 11:13:39 +05:30
Ayaan Zaidi
34291321b4 chore: update clawtributors (add @HirokiKobayashi-R) 2026-01-29 10:33:25 +05:30
Ayaan Zaidi
16a5549ec0 docs: update changelog for mention patterns (#3303) (thanks @HirokiKobayashi-R) 2026-01-29 10:31:47 +05:30
HirokiKobayashi-R
22b59d24ce fix(mentions): check mentionPatterns even when explicit mention is available 2026-01-29 10:31:47 +05:30
Ayaan Zaidi
fcc53bcf1b fix: include AccountId in telegram native command context (#2942) (thanks @Chloe-VP) 2026-01-29 10:17:25 +05:30
Chloe
6132c3d014 fix(telegram): include AccountId in native command context for multi-agent routing
When running multiple Telegram bot accounts bound to different agents,
the /new command (and other slash commands) would send confirmation
messages via the wrong bot because the context was missing AccountId.

The fix adds AccountId: route.accountId to the context payload in
registerTelegramNativeCommands, matching how bot-message-context.ts
handles regular messages.

Fixes #2537
2026-01-29 10:17:25 +05:30
Ayaan Zaidi
4ac7aa4a48 fix: handle telegram video notes (#2905) (thanks @mylukin) 2026-01-29 10:07:21 +05:30
Lukin
78722d0b4f fix(telegram): add video_note support to Telegram channel
- Add msg.video_note to media extraction chain in bot/delivery.ts
- Add placeholder detection for video notes in bot-message-context.ts
- Video notes (rounded square video messages) are now processed and downloaded like regular videos

Fixes issue where video note messages were silently dropped because they weren't in the media handling logic.
2026-01-29 10:07:21 +05:30
Clawdbot
c13c39f121 fix: exclude native slash commands from onToolResult
Native slash commands (e.g. /verbose, /status) should not emit tool
summaries. Gate onToolResult behind CommandSource !== 'native' in
addition to the existing ChatType !== 'group' check.

Add test for native command exclusion.
2026-01-29 09:50:39 +05:30
Clawdbot
e1ecfb25b8 test: add tests for onToolResult in DM vs group sessions
- provides onToolResult in DM sessions (ChatType=direct)
- does not provide onToolResult in group sessions (ChatType=group)
- sends tool results via dispatcher in DM sessions

Replaces the old cross-provider test that expected onToolResult to
always be undefined.
2026-01-29 09:50:39 +05:30
Clawdbot
f27a5030d8 fix: restore verbose tool summaries in DM sessions
875b018ea removed onToolResult from dispatch-from-config.ts to prevent
tool summaries leaking into group channels. However, this also broke
verbose tool summaries in DM/private sessions where they are expected.

This restores onToolResult but gates it behind ChatType !== 'group',
so group channels remain unaffected while DM verbose works again.

mirror=false is passed to sendPayloadAsync to avoid duplicating tool
summaries in the session transcript (matching the block reply behavior).

Fixes #2665
2026-01-29 09:50:39 +05:30
Gustavo Madeira Santana
699784dbee chore: remove stray package-lock.json 2026-01-28 22:00:55 -05:00
Gustavo Madeira Santana
a44da67069 fix: local updates for PR #3600
Co-authored-by: kira-ariaki <kira-ariaki@users.noreply.github.com>
2026-01-28 22:00:11 -05:00
Kira
0fd9d3abd1 feat(memory): add explicit paths config for memory search
Add a `paths` option to `memorySearch` config, allowing users to
explicitly specify additional directories or files to include in
memory search.

Follow-up to #2961 as suggested by @gumadeiras — instead of auto-following
symlinks (which has security implications), users can now explicitly
declare additional search paths.

- Add `memorySearch.paths` config option (array of strings)
- Paths can be absolute or relative (resolved from workspace)
- Directories are recursively scanned for `.md` files
- Single `.md` files can also be specified
- Paths from defaults and agent overrides are merged
- Added 4 test cases for listMemoryFiles
2026-01-28 22:00:11 -05:00
Shakker
b717724275
fix: add security hardening for media text attachments (#3700)
* fix: Prevent XML attribute injection by escaping special characters in file name and MIME type attributes.

* fix: text attachment MIME misclassification with security hardening (#3628)

- Fix CSV/TSV inference from content heuristics
- Add UTF-16 detection and BOM handling
- Add XML attribute escaping for file output (security)
- Add MIME override logging for auditability
- Add comprehensive test coverage for edge cases

Thanks @frankekn
2026-01-29 02:39:01 +00:00
Frank Yang
cb18ce7a85
Fix text attachment MIME misclassification (#3628)
* Fix text file attachment detection

* Add file attachment extraction tests
2026-01-29 02:33:03 +00:00
Gustavo Madeira Santana
a109b7f1a9 Update self message trust policy in WhatsApp docs
Clarified that self messages from the linked WhatsApp number bypass DM policy and allowFrom checks.
2026-01-28 20:31:33 -05:00
tewatia
4f554a1e31 docs(whatsapp): clarify self-message dmPolicy bypass
Self messages from the linked WhatsApp number bypass dmPolicy and allowFrom
checks automatically. Clarified that users don't need to add their own
number to the allowlist.

Self messages from the linked WhatsApp number bypass dmPolicy checks
entirely (via isSamePhone check in access-control.ts)...
2026-01-28 20:31:33 -05:00
jonisjongithub
fdcac0ccf4
fix: correct 'Venius' typo to 'Venice' in provider docs (#3638) - thanks (@jonisjongithub) 2026-01-28 23:51:43 +00:00
Shakker
3a9cfd787d
Merge pull request #3635 from moltbot/fix-token-input-trim
fix: trim whitespace from config input fields on change
2026-01-28 23:46:14 +00:00
Shakker
1c98b9dec8 fix(ui): trim whitespace from config input fields on change 2026-01-28 23:41:33 +00:00
Shakker
67f1402703 fix: tts base url runtime read (#3341) (thanks @hclsys) 2026-01-28 23:30:29 +00:00
Tyler Yust
a7534dc223
fix(ui): gateway URL confirmation modal (based on #2880) (#3578)
* fix: adding confirmation modal to confirm gateway url change

* refactor: added modal instead of confirm prompt

* fix(ui): reconnect after confirming gateway url (#2880) (thanks @0xacb)

---------

Co-authored-by: 0xacb <amccbaptista@gmail.com>
2026-01-28 13:32:10 -08:00
Ash Brener
003032536d fix(rclone): suppress NOTICE logs unless verbose mode 2026-01-28 21:05:22 +02:00
Ash Brener
164f473d29 fix(workspace-sync): add void to floating promises in setTimeout 2026-01-28 20:01:25 +02:00
Gustavo Madeira Santana
109ac1c549 fix: banner spacing 2026-01-28 11:39:35 -05:00
Akshay
01e0d3a320
fix(cli): initialize plugins before pairing CLI registration (#3272)
The pairing CLI calls listPairingChannels() at registration time,
which requires the plugin registry to be populated. Without this,
plugin-provided channels like Matrix fail with "does not support
pairing" even though they have pairing adapters defined.

This mirrors the existing pattern used by the plugins CLI entry.

Co-authored-by: Shakker <165377636+shakkernerd@users.noreply.github.com>
2026-01-28 13:26:25 +00:00
Ash Brener
a3eaec5f41 refactor: use setTimeout chain instead of setInterval for workspace sync
- Next sync schedules AFTER current completes (natural backpressure)
- No more syncInProgress mutex needed
- Cleaner, more predictable timing
2026-01-28 15:13:43 +02:00
Ash Brener
65f135e1a3 fix: self-heal by clearing lock files after lock-related failures 2026-01-28 15:10:28 +02:00
Ash Brener
65bfb9f9d7 feat: add copySymlinks option and better default excludes for workspace sync 2026-01-28 15:01:38 +02:00
Ash Brener
38230547d6 fix: skip sync if already in progress, clear locks only on startup 2026-01-28 14:49:31 +02:00
Ash Brener
b2397f63be fix: clear rclone locks before each sync attempt 2026-01-28 14:38:01 +02:00
Shakker
da421b9ef7
Merge pull request #3316 from bguidolim/fix/mime-types-audio-video
fix(media): add missing MIME type mappings for audio/video files
2026-01-28 12:31:47 +00:00
Bruno Guidolim
57efd8e083 fix(media): add missing MIME type mappings for audio/video files
Add mappings for audio/x-m4a, audio/mp4, and video/quicktime to ensure
media files sent as documents are saved with proper extensions, enabling
automatic transcription/analysis tools to work correctly.

- audio/x-m4a → .m4a
- audio/mp4 → .m4a
- video/quicktime → .mov

Also adds comprehensive test coverage for extensionForMime().
2026-01-28 13:17:50 +01:00
Roopak Nijhara
d93f8ffc13 fix: use fileURLToPath for Windows compatibility 2026-01-28 16:42:39 +05:30
Roopak Nijhara
bffcef981d style: run pnpm format 2026-01-28 16:42:39 +05:30
Roopak Nijhara
39b7f9d581 feat(hooks): make session-memory message count configurable (#2681)
Adds `messages` config option to session-memory hook (default: 15).
Fixes filter order bug - now filters user/assistant messages first,
then slices to get exactly N messages. Previously sliced first which
could result in fewer messages when non-message entries were present.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-28 16:42:39 +05:30
Ash Brener
e802d0681e workspace-sync: clear stale rclone locks on startup 2026-01-28 13:10:01 +02:00
Ash Brener
364ac8f919 workspace-sync: auto-resync on first run 2026-01-28 12:51:38 +02:00
Ash Brener
65b2b0479b workspace-sync: add dropbox.token to zod schema 2026-01-28 12:20:05 +02:00
Ash Brener
ccbde17b9d workspace-sync: add config-driven rclone setup with dropbox.token 2026-01-28 12:10:00 +02:00
Ash Brener
3e9339c77f feat: add workspace-sync skill for agent awareness 2026-01-28 10:53:04 +02:00
Ash Brener
5bdcbc7e32 refactor: use subsystem logger in workspace-sync handler 2026-01-28 10:53:04 +02:00
Ash Brener
0d8c321d45 fix: use path.join for Windows compatibility in rclone tests 2026-01-28 10:53:04 +02:00
Ash Brener
388db68a63 style: fix formatting in workspace-sync HOOK.md 2026-01-28 10:53:04 +02:00
Ash Brener
f79e2204e7 docs: use AWS S3 as primary example in workspace-sync 2026-01-28 10:53:04 +02:00