Promote v0.13.0 to production#577
Merged
Merged
Conversation
* fix(discord): attach full thread context on follow-ups like Slack Rebuild undelivered Discord thread history into active-run and snapshot- resume prompts with <thread_context> and <replying_to>, and keep launch history from re-injecting on later turns. * fix(discord): keep prior attachments in follow-up thread context Claim attachment-only Discord messages on continuations, process their images/documents into the queued follow-up, and surface filenames in thread_context so later turns can still see referenced media. * fix(discord): claim attachments on the latest Roomote reply Keep Roomote text in <replying_to>, but still claim attachment-bearing bot replies (including the newest one) so follow-ups can see that media. --------- Co-authored-by: Matt Rubens <2600+mrubens@users.noreply.github.com>
* feat: add native widget theme contract * refactor: isolate widget theme bridge * fix: guide widgets away from overflow * fix: make widget guidance product agnostic
…ipt (#561) Co-authored-by: Matt Rubens <2600+mrubens@users.noreply.github.com>
* Fail stalled worker bootstraps promptly * Restart failed worker bootstraps once * Address bootstrap recovery review feedback * Format bootstrap recovery test * Retry immediate Modal worker exits --------- Co-authored-by: Matt Rubens <2600+mrubens@users.noreply.github.com>
…ng the original (#564) * fix: reuse original task on repeated GitHub issue @mentions Route a second @roomote comment on the same GitHub issue into the existing issue-linked task instead of starting a sibling standard task. * chore: add changeset for GitHub issue task reuse * fix: wait for booting issue task before starting a sibling Retry second GitHub issue @mentions when the original task is still booting (409 no active sandbox), matching PR follow-up wait behavior. * fix: retry issue follow-ups on sandbox-still-booting 409 Treat the RPC booting 409 the same as missing-sandbox so second issue @mentions keep retrying the original task instead of spawning a sibling. --------- Co-authored-by: Matt Rubens <2600+mrubens@users.noreply.github.com>
Give teams/telegram/discord the same parent-owned single-closeout guidance Slack already has so agents stop re-posting duplicate PR delivery messages. Co-authored-by: Matt Rubens <2600+mrubens@users.noreply.github.com>
* feat: add Issue Fixer background automation Add a scheduled Issue Fixer automation that scans open GitHub issues on environment-backed repos and launches focused implement-changes follow-ups, with settings UI, jobs, skill, and docs. * feat: make Issue Fixer webhook-driven like code review Run Issue Fixer immediately on issues.opened/reopened for environment- backed GitHub repos, use an on/off toggle instead of a daily/weekly schedule, and drop the hourly batch scan path. * feat: triage GitHub issues with plan-only immediate webhooks Rename to Triage GitHub Issues, place it under Review Code, launch on issue open/reopen to post a plan comment only, and fix CI schedule-only and webhook router tests. * fix: launch one Triage GitHub Issues task per issue without debounce Remove Redis debounce so each opened/reopened issue gets its own task. * refactor: drop Slack suggestion surface for Triage GitHub Issues Remove scheduled-summary Slack copy and destinations: plans post on the GitHub issue. Clean product skill wording and suggestion-source plumbing. * docs: move Triage GitHub Issues under PR automations Document it next to Review Code and drop it from the manager-automation table so docs match the product: plan comments on GitHub, no Manager Channel. * refactor: make Triage GitHub Issues webhook-only with clarifying questions Remove Run now and the duplicate manual prompt. Prompt/skill now ask for relevant clarifying information on the GitHub issue when the plan is blocked. * docs: ask clarifying questions in Triage GitHub Issues skill Align the packaged skill with the webhook prompt: request missing acceptance criteria or scope on the issue when needed. --------- Co-authored-by: Matt Rubens <2600+mrubens@users.noreply.github.com>
) * improve: match Discord unmentioned replies to Slack gating Apply Slack/Teams-style eligibility and interjection rules so natural follow-ups in Discord task threads stop requiring drive-by side chat to be treated as agent turns. * refactor: share unmentioned thread-reply core across Slack, Discord, Teams Extract eligibility and interjection-window evaluation into a single pure helper so the three providers stay behavior-aligned without duplicating the decision loop. --------- Co-authored-by: Matt Rubens <2600+mrubens@users.noreply.github.com>
* feat: add OpenAI-compatible inference provider Add a first-class OpenAI-compatible endpoint provider so operators can connect any OpenAI API server without guessing LiteLLM, Ollama, or vLLM. * fix: stop openai-compatible leaking OPENAI_API_KEY Keep OpenAI-compatible providers on dedicated env vars only, and update the fixture expecting the new non-secret base URL. --------- Co-authored-by: Matt Rubens <2600+mrubens@users.noreply.github.com>
#569) * improve: refresh Triage GitHub Issues comment formats Use clearer clarifying-question and proposed-plan issue comments, with less gh CLI ceremony in the prompt and skill. * fix: use configured GitHub app slug in triage issue mentions Inject resolveConfiguredGitHubAppSlug into Triage GitHub Issues comment templates instead of hard-coding @roomote. --------- Co-authored-by: Matt Rubens <2600+mrubens@users.noreply.github.com>
#570) * [Improve] Frame third-party text in agent prompts as untrusted content GitHub issue bodies, PR discussion context, and automation work-item source context now land in agent prompts inside escaped delimiter blocks alongside a shared untrusted-content policy, so quoted external text is treated as data rather than instructions. The review-code skill gains matching constraints for reviewing externally authored pull requests. * Wrap automation work-item descriptive fields in untrusted-content blocks Addresses review feedback: the work-item title is now escaped inline and the brief and investigation context land inside escaped delimiter blocks. The execution prompt stays unwrapped because it is the automation's instruction channel; the provenance boundary for it belongs to the scan run that distills external sources into the work item. * Scope scan-authored execution prompts and harden the issue triage prompt Addresses the remaining review finding: automation work-item execution prompts are scan-agent output over external sources, so they no longer ride as a fully trusted instruction channel. They are delivered inside an escaped automation_execution_guidance block that the shared policy limits to the named work item, unable to expand scope or authorize new actions. Also extends the untrusted-content framing to the surfaces that arrived with the develop merge: the Triage GitHub Issues prompt now escapes the issue title, labels, author, and URL inside task_context, delimits the issue body, and carries the policy; repeat-mention issue follow-up messages get the same mention-request framing as the initial mention. --------- Co-authored-by: Matt Rubens <2600+mrubens@users.noreply.github.com>
* fix(discord): DM account-link instructions from guild channels Keep full setup copy out of public channels when an unlinked user pings Roomote: open a DM with the full link prompt and acknowledge briefly in the channel. Fall back to public instructions when DMs are blocked. * fix(discord): only public-fallback account-link on blocked DMs Rethrow retryable Discord DM failures so the Gateway keeps the event instead of leaking full setup instructions into the guild channel. * fix(discord): require 50007 before account-link public fallback Only Discord's cannot-send-messages code treats DMs as blocked. Bare 403s like Missing Access no longer dump full setup instructions in guild channels. * Dedupe account-link DMs across entry paths and share the slot helpers Review feedback: the mention-flow link prompt sent a fresh DM on every unlinked ping while the auto-start nudge next door already had a Redis dedupe. Both paths now share one claim/release slot (24h TTL per user) in account-link.ts, so repeated pings acknowledge the existing DM, a Gateway retry after a partial failure cannot double-send, and any entry path suppresses the others' duplicates. The mention flow fails open when Redis is unavailable (a possible duplicate DM beats silence); the best-effort nudge keeps failing closed. Also composes the fallback instruction into the full link message so the copy cannot drift, documents the intentional silence on permanent non-50007 DM failures, covers the unlinked guild slash-command path with a test, and adds the missing changeset. * fix(discord): wait for in-flight account-link DMs before ack Split the per-user DM slot into pending vs sent so concurrent mention acks never treat a claimed but undelivered DM as sent. Wait briefly for settlement, then retry or 503 instead of a false channel acknowledgement. * Expire pending link-DM claims quickly so a crashed claimant self-heals The pending slot carried the full 24h dedupe TTL, so a claimant that crashed between claim and mark/release would wedge the slot for a day: every later unlinked ping would wait out the in-flight window and bounce back to the Gateway with no user-visible reply. Pending claims now expire after 120 seconds; only a confirmed delivery holds the slot for the full window. --------- Co-authored-by: Matt Rubens <2600+mrubens@users.noreply.github.com>
Stop endpoint credential saves from rejecting the primary base URL when it is also present for display, use a URL keyboard for endpoint fields, and remove the doubled optional API key label. Co-authored-by: Matt Rubens <2600+mrubens@users.noreply.github.com>
) * feat: allow multiple named OpenAI-compatible provider connections Operators can add several OpenAI-compatible endpoints, each with a connection name, namespaced env vars, and distinct model-id prefixes. * fix: clean up lint issues after multi-provider change * fix: linearize OpenAI-compatible connection name normalization Avoid CodeQL polynomial-regex warnings, cap connection name length, keep bare endpoint edits working without a name, and only show the catalog template in Add Provider for another OpenAI-compatible connection. * improve: simplify OpenAI-compatible connection name helper copy --------- Co-authored-by: Matt Rubens <2600+mrubens@users.noreply.github.com>
…575) Co-authored-by: Matt Rubens <2600+mrubens@users.noreply.github.com>
Co-authored-by: Matt Rubens <2600+mrubens@users.noreply.github.com>
Contributor
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Promote v0.13.0
Frozen at
5ec38bdc67f381802c55e2fabc322ef3de1bb972— the commit where0.13.0was versioned. Commits merged todevelopafter that point ship in the next release.v0.13.0and triggers the existing GHCRv*image publish (latestchannel).release/v0.13.0branch can be deleted after this PR merges.Changelog
0.13.0 (2026-07-19)
Minor changes
Patch changes