Open
Conversation
…ram bot revamp Introduces the new pi-ai based agent loop with multi-provider LLM fallback (Gemini → OpenAI → Anthropic), 7 reminder tools, voice message transcription (Mistral Voxtral + OpenAI Whisper), and restructured Telegram webhook handling with callback query support for reminders and family pairing. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Stripe integration: /subscribe and /unsubscribe commands, webhook handling for checkout and cancellation - Hetzner sandbox provisioning: auto-create/destroy CX23 VMs with SSH keypair generation - 7 sandbox tools for pro users: bash, read, write, edit, glob, grep, todo - Tool approval flow via Telegram inline buttons with Redis-based polling - Async fire-and-forget webhook handlers to prevent Telegram re-sends during approval waits - New DB tables: subscriptions, sandboxes, tool_approvals - Bull queue jobs for sandbox provisioning lifecycle
…rsistence - Split messages exceeding Telegram's 4096 char limit at newline boundaries - Add postgres healthcheck that resets password on startup to fix recurring auth failures
…memory, MCP/custom tools, and Telegram markdown renderer - Agentic tasks: every interaction is a persistent task with message history, scheduled tasks via cron + Bull delayed jobs with chain scheduling, deadline support (end_at), self-termination tool, workspace directories for cross-run context - User memory system: soul, global, and daily memory tools for cross-conversation persistence - User extensions: custom tools from sandbox, skills injection, MCP server connections - Message routing: reply-to detection, LLM classification for task routing - Telegram: markdown-to-HTML converter with fallback, Twilio phone calls - Entry point abstraction for multi-platform support
…markdown renderer
Backend: - Phone OTP auth: /phone-otp/send and /phone-otp/verify endpoints - Web chat API: /web-chat/send, /web-chat/tasks, /web-chat/tasks/:id, /web-chat/inbox - Web auth middleware (Bearer token + X-Fingerprint header) - Web entry point in entryPoints.js with Redis inbox for broadcasts - Web platform section in agent system prompt - Extract cleanPhoneNumber to shared logic/phone.js - Add sendSMS to Twilio service Frontend (a1-app): - Vite + React 18 + Tailwind CSS - Phone OTP login with 6-digit code input - Chat interface with sidebar task list, markdown rendering - Same design system as locus/writer (Satoshi/Inter fonts, RemixIcon, #00b4d5 brand) - Dockerfile and docker-compose service on port 9100
- Add AES-256-GCM encryption for SSH keys at rest with migration endpoint - Add Telegram webhook secret token verification - Add OTP rate limiting (express-rate-limit) and enable HttpOnly cookies - Fix path traversal in sandbox tools (normalize + blocklist) - Fix shell injection in sandbox grep (escape metacharacters) - Sanitize glob patterns and validate custom tool script paths - Fix IDOR: use authenticated user.id in notes, files, and a1 routes - Fix callback query sender verification in Telegram webhooks - Add SameSite + Secure cookie flags in locus web app - Add iframe sandbox attribute on TipTapEmbed - Use crypto.randomUUID for fingerprint generation - iOS: migrate credentials from UserDefaults to Keychain - iOS: disable allowFileAccessFromFileURLs in WebViews - iOS: remove debug prints that leaked tokens Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Restyle entire frontend to monochrome Vercel/Anthropic aesthetic (black, white, grays) - Add multi-column Finder-style file browser for sandbox filesystem - Add backend sandbox-fs API routes (list, read, raw, download via SSH) - Support file preview (text, markdown, images, audio) and directory download as tar.gz
The scheduled task runner in jobs.js was loading the sandbox with a raw SQL query, returning the encrypted SSH private key. The manual path (telegram.js) uses getSandbox() which decrypts the key. This caused SSH connections to silently fail, so scheduled tasks ran without any sandbox tools. Now uses getSandbox() consistently.
The httpOnly cookie flag from security hardening prevented JavaScript from reading the auth cookie, breaking AppWrapper guards and YJS auth. Replaced cookie-based guards with Redux isLoggedIn state and reverted httpOnly since the cookie value is needed client-side for YJS WebSocket.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.