feat: enhanced GitHub Copilot integration — SDK provider, CLI backend, and thinking signature fix#3
feat: enhanced GitHub Copilot integration — SDK provider, CLI backend, and thinking signature fix#3tag-assistant wants to merge 1058 commits intomainfrom
Conversation
|
The formal models extracted constants ( This check is informational (not blocking merges yet). If this change is intentional, follow up by updating the formal models repo or regenerating the extracted artifacts there. |
1 similar comment
|
The formal models extracted constants ( This check is informational (not blocking merges yet). If this change is intentional, follow up by updating the formal models repo or regenerating the extracted artifacts there. |
4aaa458 to
9fbc0c8
Compare
|
The formal models extracted constants ( This check is informational (not blocking merges yet). If this change is intentional, follow up by updating the formal models repo or regenerating the extracted artifacts there. |
1 similar comment
|
The formal models extracted constants ( This check is informational (not blocking merges yet). If this change is intentional, follow up by updating the formal models repo or regenerating the extracted artifacts there. |
d16dea2 to
cbe9567
Compare
|
The formal models extracted constants ( This check is informational (not blocking merges yet). If this change is intentional, follow up by updating the formal models repo or regenerating the extracted artifacts there. |
cbe9567 to
ad16ae1
Compare
|
The formal models extracted constants ( This check is informational (not blocking merges yet). If this change is intentional, follow up by updating the formal models repo or regenerating the extracted artifacts there. |
11 similar comments
|
The formal models extracted constants ( This check is informational (not blocking merges yet). If this change is intentional, follow up by updating the formal models repo or regenerating the extracted artifacts there. |
|
The formal models extracted constants ( This check is informational (not blocking merges yet). If this change is intentional, follow up by updating the formal models repo or regenerating the extracted artifacts there. |
|
The formal models extracted constants ( This check is informational (not blocking merges yet). If this change is intentional, follow up by updating the formal models repo or regenerating the extracted artifacts there. |
|
The formal models extracted constants ( This check is informational (not blocking merges yet). If this change is intentional, follow up by updating the formal models repo or regenerating the extracted artifacts there. |
|
The formal models extracted constants ( This check is informational (not blocking merges yet). If this change is intentional, follow up by updating the formal models repo or regenerating the extracted artifacts there. |
|
The formal models extracted constants ( This check is informational (not blocking merges yet). If this change is intentional, follow up by updating the formal models repo or regenerating the extracted artifacts there. |
|
The formal models extracted constants ( This check is informational (not blocking merges yet). If this change is intentional, follow up by updating the formal models repo or regenerating the extracted artifacts there. |
|
The formal models extracted constants ( This check is informational (not blocking merges yet). If this change is intentional, follow up by updating the formal models repo or regenerating the extracted artifacts there. |
|
The formal models extracted constants ( This check is informational (not blocking merges yet). If this change is intentional, follow up by updating the formal models repo or regenerating the extracted artifacts there. |
|
The formal models extracted constants ( This check is informational (not blocking merges yet). If this change is intentional, follow up by updating the formal models repo or regenerating the extracted artifacts there. |
|
The formal models extracted constants ( This check is informational (not blocking merges yet). If this change is intentional, follow up by updating the formal models repo or regenerating the extracted artifacts there. |
1d942f7 to
890432a
Compare
|
The formal models extracted constants ( This check is informational (not blocking merges yet). If this change is intentional, follow up by updating the formal models repo or regenerating the extracted artifacts there. |
|
The formal models extracted constants ( This check is informational (not blocking merges yet). If this change is intentional, follow up by updating the formal models repo or regenerating the extracted artifacts there. |
Windows path.relative() produces backslashes (e.g., memory\2026-02-16.md)
which fail to match RegExp patterns using forward slashes.
Normalize relative paths to forward slashes before RegExp matching
using rel.split(path.sep).join('/').
Fixes 4 test failures on Windows CI.
Implement comprehensive environment variable sanitization before Docker container creation to prevent credential theft via post-exploitation environment access. Security Impact: - Blocks 39+ sensitive credential patterns (API keys, tokens, passwords) - Prevents exfiltration of ANTHROPIC_API_KEY, OPENAI_API_KEY, etc. - Fail-secure validation with audit logging Changes: - Add sanitize-env-vars.ts with blocklist/allowlist validation - Integrate sanitization into docker.ts (lines 273-294) - Add validateEnvVars() to security validation - Comprehensive test suite (62 tests, 100% pass rate) Test Results: 62/62 passing Code Review: 9.5/10 approved Severity: HIGH (CWE-200, CVSS 7.5) Signed-off-by: Aether AI Agent <github@tryaether.ai>
…nded When a depth-2 subagent (Birdie) completes and its parent (Newton) is a depth-1 subagent, the announce should go to Newton, not bypass to the grandparent (Jaris). Previously, isSubagentSessionRunActive(Newton) returned false because Newton's agent turn completed after spawning Birdie. This triggered the fallback to grandparent even though Newton's SESSION was still alive and waiting for child results. Now we only fallback to grandparent if the parent SESSION is actually deleted (no sessionId in session store). If the parent session exists, we inject into it even if the current run has ended — this starts a new agent turn to process the child result. Fixes openclaw#18037 Test Plan: - Added regression test: routes to parent when run ended but session alive - Added regression test: falls back to grandparent only when session deleted
Discord's formatAllowFrom now strips these prefixes before matching, aligning with normalizeDiscordAllowList behavior used in DM admission. Before: commands.allowFrom: ["user:123"] → no match (senderCandidates: ["123", "discord:123"]) After: commands.allowFrom: ["user:123"] → "123" → matches sender "123" Fixes openclaw#17937
…tsApp messages default to enabling link previews for URLs. This adds\nsupport for overriding this behavior per-message via the \nparameter (e.g. from tool options), consistent with Telegram.\n\nFix: Updated internal WhatsApp Web API layers to pass option\ndown to Baileys ." This reverts commit 1bef2fc.
This reverts commit d24340d.
…ompletions sessions
45b5082 to
1fed689
Compare
|
The formal models extracted constants ( This check is informational (not blocking merges yet). If this change is intentional, follow up by updating the formal models repo or regenerating the extracted artifacts there. |
Summary
openai-completionsAPI.Change Type (select all)
Scope (select all touched areas)
Linked Issue/PR
Commits
User-visible / Behavior Changes
github-copilotavailable for model configuration with SDK-based authcopilotCLI backend available for terminal usagestripCompletionsReasoningFieldSignaturestranscript policy flag — enabled automatically for non-native providers usingopenai-completionsSecurity Impact (required)
Evidence
68 tests passing across 6 test files. Live-tested all models: Claude Opus 4.6 ✅, 4.6 Fast ✅, 4.6 1M ✅, GPT-5.3 Codex ✅
Human Verification (required)
Compatibility / Migration
github-copilotprovider configFailure Recovery (if this breaks)
github-copilotprovider from config, switch to another providerRisks and Mitigations