{ "prompt_name": "weekly-newsletter", "category": "comms", "date": "2025-12-09", "generated_text": "# ElizaOS Weekly Newsletter\n**Week of December 1-9, 2025**\n\n## \ud83d\ude80 Executive Summary\n\n- **Security Incident Resolved**: The ElizaOS.ai website experienced a security breach where an XMR cryptocurrency miner was injected via a Next.js vulnerability. Thanks to quick collaboration between community members, the issue was addressed by updating to Next.js 16.0.7.\n\n- **Major Performance Enhancements**: The development team implemented parallel action execution and streaming functionality for text generation, significantly improving system responsiveness and enabling real-time feedback for users.\n\n- **Authentication Framework Complete**: A comprehensive JWT authentication system has been deployed, laying the foundation for the upcoming multi-tenant capabilities and access control features.\n\n## \ud83d\udcbb Development Updates\n\n### Core Infrastructure Improvements\n\n- **Parallel Action Execution**: A new implementation allows actions within a single response batch to run in parallel while maintaining state consistency between batches. This architectural change provides notable performance improvements for complex agent workflows.\n\n- **Streaming Text Generation**: New streaming support has been added for both TEXT_SMALL and TEXT_LARGE model types, providing incremental text responses as they're generated rather than waiting for complete responses.\n\n- **Server Optimization**: The server architecture underwent significant optimization to address performance bottlenecks, particularly around Socket.IO configuration and HTTP server timeouts. These changes prevent the connection issues that some users were experiencing after approximately 30 seconds of high activity.\n\n### Security & Authentication\n\n- **JWT Authentication Framework**: A complete JWT authentication system has been implemented with support for multiple verification strategies, including Ed25519, JWKS, and secret-based verification. This lays groundwork for the upcoming access control layer.\n\n- **Security Vulnerability Addressed**: The team quickly responded to a critical security incident where the elizaOS.ai website was compromised with a cryptocurrency miner. The vulnerability was related to outdated Next.js dependencies with known RCE vulnerabilities.\n\n### Dependencies & Compatibility\n\n- **Ecosystem-wide Dependency Update**: All dependencies across the monorepo have been updated to their latest compatible versions, resolving conflicting drizzle-orm versions that were causing compatibility issues.\n\n- **ElizaOS Cloud Integration**: ElizaOS Cloud has been added as the default AI provider in the CLI, with a browser-based login flow for seamless API key setup.\n\n## \ud83d\udc65 Community Spotlight\n\nCommunity members played a crucial role in both identifying and resolving issues this week:\n\n- **cjft** collaborated with **Odilitime** to fix the website security breach by creating a PR to update dependencies after **jasyn_bjorn** reported the initial 502 bad gateway error.\n\n- **sayonara** provided valuable technical support to **velsaria** by sharing a GitHub code reference demonstrating how to extend PostgreSQL databases for ElizaOS's SQL plugin.\n\n- **DorianD** contributed insightful market analysis regarding cryptocurrency trends, suggesting 2028 rather than 2026 as a more likely timeframe for the next bull run, citing broader geopolitical and economic factors.\n\n- **Jin** shared hardware recommendations for self-hosting ElizaOS, specifically mentioning success running elizaOS with gpt-oss 120b on a GMKTEC EVO-X2 system.\n\n## \ud83d\udcb0 Token Economics\n\n- **Token Price Concerns**: Community members have expressed frustration about the ElizaOS token's continuous downtrend (approximately 40% drop in a month) while other cryptocurrencies have shown recovery. The team acknowledged these concerns but emphasized focus on technological development.\n\n- **Migration Clarification**: Confusion about exchange listings has been addressed, particularly clarifying that ElizaOS was never directly listed on Kraken. The exchange is considering migration and will inform ai16z holders about any updates.\n\n- **Babylon Development**: Discussions continue around Babylon, a prediction market with agent and human integration that has accumulated 272,000 registrations but hasn't launched yet. This represents a significant upcoming ecosystem expansion.\n\n## \ud83d\udd2e Coming Soon\n\n- **Access Control Layer**: Following the JWT authentication implementation, the next phase will add access control for agents and rooms, allowing users to set visibility as public or private and properly manage ownership permissions.\n\n- **X/Twitter Account Recovery**: Plans are in place to recover the ElizaOS X (Twitter) account, which is considered important for attracting investors during future market cycles.\n\n- **Eliza Labs Roadmap**: A comprehensive roadmap for Eliza Labs projects is being prepared and will be hosted in the main elizaOS repository. A session on this roadmap is planned before the Christmas break.\n\n- **Twitter Agent Improvements**: The team is working on optimizing the Twitter agent to reduce API read consumption, addressing the current limitations faced after username/password authentication was deprecated.\n\n## \ud83d\udd17 Resources\n\n- **GitHub PRs**:\n - [JWT Authentication & User Management](https://github.com/elizaos/eliza/pull/6200)\n - [Parallel Action Execution](https://github.com/elizaos/eliza/pull/6209)\n - [Streaming Text Generation](https://github.com/elizaos/eliza/pull/6212)\n - [Server Optimization](https://github.com/elizaos/eliza/pull/6199)\n\n- **Documentation**:\n - Updated guidelines for parallel action execution will be published soon\n - New documentation for JWT authentication configuration is being prepared\n - Streaming API documentation for plugin developers is under development\n\n- **Community Support**:\n - For migration-related questions, visit the #migration-support channel\n - Technical discussions and self-hosting tips are most active in the #coders channel\n - Security concerns should be immediately reported to core team members", "source_references": [ "2025-12-09\n---\n2025-12-08.md\n---\n# elizaOS Discord - 2025-12-08\n\n**Date: December 8, 2025**\n\n## Overall Discussion Highlights\n\n### Security & Technical Issues\n- **Critical Security Incident**: The elizaOS.ai website was compromised with an XMR cryptocurrency miner injected into the code. The vulnerability was related to outdated Next.js dependencies (v15.3.1) with known RCE vulnerabilities. Odilitime and cjft collaborated to fix the issue by updating to Next.js 16.0.7 and deploying a fresh copy of the site.\n- **Twitter Agent Limitations**: Significant discussion about Twitter agent functionality issues after the deprecation of username/password authentication. The current implementation faces severe restrictions due to API read limits, with the first 50 mentions check consuming 50% of the free tier limit immediately.\n- **Database Integration**: Brief discussion about extending existing PostgreSQL databases to work with ElizaOS's SQL plugin needs, with a GitHub code reference provided as a potential implementation approach.\n\n### Project Development & Roadmap\n- **Eliza Labs Roadmap**: Kenk shared a roadmap for Eliza Labs projects, suggesting it be hosted in the main elizaOS repository.\n- **Streaming Functionality**: Stan mentioned working on streaming functionality with tests currently in progress.\n- **X Account Recovery**: Plans to recover the ElizaOS X (Twitter) account were confirmed by Odilitime, with Phenowin emphasizing its importance for attracting investors during potential future bull markets.\n- **Babylon Development**: Discussion about Babylon, a prediction market with agent and human integration that hasn't launched yet despite 272k registrations.\n\n### Market & Token Concerns\n- **Token Price Decline**: Users expressed frustration about the ElizaOS token's continuous downtrend (approximately 40% drop in a month) while other cryptocurrencies showed recovery.\n- **Market Predictions**: DorianD expressed skepticism about a 2026 bull run, suggesting 2028 as more likely, citing broader geopolitical trends affecting decentralized networks.\n- **Exchange Listing Clarification**: Confusion about Kraken listing status was addressed, clarifying that ElizaOS was never on Kraken and explaining Kraken is considering migration.\n\n### Self-Hosting & Hardware\n- **Local Deployment**: Users with extensive home server setups discussed self-hosting capabilities for running models locally with Ollama and N8N.\n- **Hardware Recommendations**: Jin recommended the Strix Halo mini PC for self-hosting LLMs, noting they successfully ran elizaOS with gpt-oss 120b on their GMKTEC EVO-X2 system.\n\n## Key Questions & Answers\n\n**Q: Why is the user/pass method for Twitter agents deprecated?** \nA: It's legally not allowed now, X's lawyers would get involved if anyone tried to maintain it. (Odilitime)\n\n**Q: Is it possible to connect an agent to Telegram or Discord through the Eliza cloud website?** \nA: No, that is not possible. (Arceon)\n\n**Q: What caused ElizaOS token to continue declining without rebounds while other currencies recover?** \nA: More people selling than buying and decreasing volume. (jasyn_bjorn and Omid Sa)\n\n**Q: What is Babylon on ElizaOS?** \nA: A prediction market with agents and human integration. (Omid Sa)\n\n**Q: Why is ElizaOS not available on Kraken?** \nA: ElizaOS was never available on Kraken; Kraken is considering migration and will inform ai16z holders. (Serikiki)\n\n**Q: When using elizaos, can I extend my existing postgresql database to store elizaos core sql plugin need?** \nA: Yes, it's possible, with a GitHub code reference provided showing implementation approach. (sayonara)\n\n**Q: What was the security issue with the elizaOS.ai website?** \nA: The site was hacked with an XMR cryptocurrency miner, likely exploiting a Next.js RCE vulnerability. (Odilitime)\n\n**Q: Will there be a bull run in 2026?** \nA: Doubt there will be a bull run in 2026, more likely in 2028. (DorianD)\n\n## Community Help & Collaboration\n\n1. **Security Incident Resolution**:\n - cjft helped Odilitime address the website security breach by creating PR #3 to update dependencies to Next.js 16.0.7\n - Odilitime identified the XMR miner injection and restored website functionality after jasyn_bjorn reported the 502 bad gateway error\n\n2. **Technical Support**:\n - sayonara provided a GitHub code reference to velsaria showing how to extend PostgreSQL databases for ElizaOS core SQL plugin\n - Serikiki clarified confusion about Kraken listing status for TJ, explaining the current situation with ai16z holders\n\n3. **Market Analysis**:\n - DorianD provided detailed analysis to Phenowin regarding cryptocurrency bull run timing, economic indicators, and Fed policy impacts on risk assets\n\n4. **Security Awareness**:\n - Arceon warned multiple users about Kenk impersonators, advising them to double-check usernames and profiles when receiving friend requests\n\n## Action Items\n\n### Technical\n- Update Next.js dependencies to version 16.0.7 to fix security vulnerabilities (cjft)\n- Add nginx settings for websocket support (Odilitime)\n- Rotate PAT (Personal Access Token) after security breach (Odilitime)\n- Restore X/Twitter account functionality for ElizaOS (Odilitime)\n- Optimize Twitter agent to reduce API read consumption (Odilitime)\n- Complete streaming functionality tests (Stan \u26a1)\n- Investigate extending PostgreSQL database for ElizaOS core SQL plugin needs (velsaria)\n- Recover the ElizaOS X account (Phenowin)\n- Complete migration from ai16z to ElizaOS (hns71)\n\n### Documentation\n- Consider moving Eliza Labs roadmap to main elizaOS repository (Kenk)\n- Provide updates in the updates channel (Omid Sa)\n- Document available plugins for market data fetching (Skelzor)\n\n### Feature\n- Implement proper network tokenomics for ElizaOS (DorianD)\n- Launch Babylon on ElizaOS (joaz0502)\n- Find alternative to DexScreener for fetching off-chain market data (Skelzor)\n- Schedule a session on the roadmap before Christmas break (Kenk)\n---\n2025-12-07.md\n---\n# elizaOS Discord - 2025-12-07\n\n## Overall Discussion Highlights\n\n### Token Migration & Support\n- Users continue to experience issues with the ai16z to ElizaOS token migration process\n- Several community members directed users with migration problems to the #migration-support and #support channels\n- Questions arose about the safety of the migrate.elizafoundation.ai site for connecting wallets\n- Some users reported their ai16z tokens not showing as eligible for migration in the portal\n\n### Platform Development\n- A GitHub pull request (#6210) was shared in the core-devs channel, though details were not discussed\n- Configuration inconsistencies were highlighted between dashboard API keys and ENV variable style configuration\n- A question about implementing custom REST API endpoints in ElizaOS projects was raised but remained unanswered\n\n### Community Concerns\n- Some users expressed frustration about token price performance compared to other cryptocurrencies\n- Questions about the project's decentralization model were raised\n- A user noted that ElizaOS is no longer available on the Kraken platform (previously ai16z was listed)\n- New developers introduced themselves, including one with Sui ecosystem and Move language experience\n\n## Key Questions & Answers\n\n**Q: Please help me understand the migration portal. I have ai16z tokens, but on the eligible portal: 0 ai16z, what am I doing wrong?** \nA: Go to #migration-support. If you need support use #support channel. (Omid Sa)\n\n**Q: How is it \"decentralized\"?** \nA: Probably by ELIZAOS holding. (Omid Sa)\n\n**Q: Is the migrate.elizafoundation.ai site safe to connect my phantom wallet to for migration of Ai16z to elizaos or should I ask for a manual migration?** \nA: You can check on the #announcements or ask the #migration-support. Follow links from the mirror article in announcements. (Manuel, Kenk)\n\n## Community Help & Collaboration\n\n1. **Migration Support**\n - Multiple community members (Omid Sa, Manuel, Kenk) helped direct users with migration issues to appropriate support channels\n - The Light acknowledged a user's confusion about configuration variables, noting the site is a work in progress but has a good layout\n\n2. **Developer Networking**\n - A full stack and blockchain developer (Bardotta) introduced themselves to the community, highlighting their experience with the Sui ecosystem and Move language\n\n## Action Items\n\n### Technical Tasks\n- Investigate implementation of custom REST API endpoints in ElizaOS projects (mentioned by velsaria)\n- Clarify the configuration process between dashboard API keys and ENV variables (mentioned by SecretRecipe)\n\n### Documentation Needs\n- Document all required environment variables for Eliza platform (mentioned by SecretRecipe)\n- Create clear migration instructions for ai16z token holders (mentioned by ROTHILD)\n\n### Feature Requests\n- Improve migration portal to better recognize eligible tokens (mentioned by ROTHILD)\n---\n2025-12-06.md\n---\n# elizaOS Discord - 2025-12-06\n\n## Overall Discussion Highlights\n\n### Migration from AI16Z to ElizaOS\n- Users expressed confusion about the migration process and token values\n- Some reported technical issues with the migration tool, including wallet connection problems and \"Max Amount Reached\" errors\n- Debate occurred about terminology (hard fork vs. migration) between community members\n- AI16Z has experienced price volatility despite being deprecated, causing confusion\n- Users were directed to the migration-help channel for assistance\n\n### ElizaCloud Development\n- The ElizaCloud website was recently updated, with one team member noting they \"leaked\" it early\n- A user inquired about the release timeline for ElizaCloud, receiving only a vague \"soon(tm)\" response\n- Core developers discussed action chaining and parallel execution of actions in a draft PR (#6209)\n- The implementation focuses on executing independent actions in parallel to save processing time\n\n### Ecosystem Announcements\n- Team member Kenk mentioned an upcoming decentralized OTC desk operated by an agent\n- Users inquired about a potential Babylon airdrop for ElizaOS holders, but no information was available yet\n- Discussion about designing products with power users in mind, suggesting most revenue will come from a small number of highly engaged users\n\n### Community Concerns\n- Warnings about potential phishing attempts in Discord, particularly targeting users during the token migration\n- Users advised to seek help in public channels rather than DMs to avoid scams\n\n## Key Questions & Answers\n\n**Q: Why is AI16Z soaring when my ElizaOS has no data and no changes?** \nA: AI16Z has dropped ~10 fold since migration started. Any moves in AI16Z now (up and down) is due to manipulation. ElizaOS is now the token associated with Eliza OS. AI16Z is not. (MDMnvest)\n\n**Q: How can I complete the migration/swap from AI16Z to ElizaOS?** \nA: Go to migration-help channel (The Light)\n\n**Q: What does \"Max Amount Reached\" mean in the migration tool?** \nA: Go to migration-help channel (Omid Sa)\n\n**Q: How to claim Babylon airdrop for ElizaOS holders?** \nA: We don't have information on that yet (Odilitime)\n\n**Q: Is Eliza open to treasury/OTC discussions?** \nA: We're launching a decentralized OTC desk that is operated by an agent soon (Kenk)\n\n**Q: What's the ETA for Elizacloud?** \nA: soon(tm) (Odilitime)\n\n**Q: How does parallel action execution deal with dependencies between tasks?** \nA: Only actions that are independent would be executed in parallel, preserving dependency chains (sayonara)\n\n**Q: Is this multiple-action-chains?** \nA: No. Think regular multistep where multiple actions can be called at each step but instead they are called parallel to save time (sayonara)\n\n## Community Help & Collaboration\n\n1. **Migration Support**\n - The Light directed TEN.DANTAYLOR to the migration-help channel when they couldn't complete the migration\n - Omid Sa guided kilani1975 to the migration-help channel when they encountered \"Max Amount Reached\" error\n - MDMnvest explained to Dominique woods that AI16Z price movements are likely manipulation and ElizaOS is now the official token\n\n2. **Security Awareness**\n - Versatyle warned users about seeking help in DMs to avoid phishing attempts\n - Odilitime redirected users to appropriate channels for support\n\n3. **Technical Clarification**\n - Sayonara explained to Odilitime how parallel action execution works with dependencies, clarifying that only independent actions would be executed in parallel\n\n## Action Items\n\n### Technical\n- Fix Discord link in ElizaCloud website that directs to wrong ElizaOS development server (Mentioned by Omid Sa)\n- Update steps and guidance scale documentation in image studio (Mentioned by Farmville)\n- Launch decentralized OTC desk operated by an agent (Mentioned by Kenk)\n- Review and provide feedback on draft PR #6209 for parallel action execution (Mentioned by sayonara)\n- Implement method for identifying independent actions that can be executed in parallel (Mentioned by sayonara)\n\n### Documentation\n- Provide information about Babylon airdrop for ElizaOS holders when available (Mentioned by aubrey)\n- Create clearer migration instructions to address user confusion (Mentioned by TEN.DANTAYLOR)\n- Document the approach for parallel action execution in multi-step processes (Mentioned by sayonara)\n\n### Feature\n- Consider power user engagement in product design as they will generate most revenue (Mentioned by DorianD)\n- Design agents to be engaging and revenue-focused for ecosystem developers using Eliza cloud or Babylon (Mentioned by DorianD)\n---\n2025-12-08.json\n---\nFile not found\n---\n2025-12-08.md\n---\nFile not found\n---\n2025-12-08.json\n---\nelizaOS\n---\nelizaOS Discord - 2025-12-08\n---\n1253563209462448241\n---\n\ud83d\udcac-discussion\n---\n# Analysis of \ud83d\udcac-discussion Discord Chat\n\n## 1. Summary\nThe discussion primarily revolves around ElizaOS token price concerns and Twitter agent functionality issues. Users expressed frustration about the token's continuous downtrend (dropping approximately 40% in a month) while other cryptocurrencies showed recovery. A key technical discussion centered on Twitter agent limitations after the deprecation of username/password authentication, which has severely restricted functionality due to API read limits. The first 50 mentions check consumes 50% of the free tier limit immediately. Odilitime mentioned they're moving to a per-request pricing model which should make agents cheaper. There was also discussion about Babylon, a prediction market with agent and human integration that hasn't launched yet despite 272k registrations. Some users with extensive home server setups (multiple GPUs, servers) discussed self-hosting capabilities for running models locally with Ollama and N8N.\n\n## 2. FAQ\nQ: Why is the user/pass method for Twitter agents deprecated? (asked by SecretRecipe) A: It's legally not allowed now, X's lawyers would get involved if anyone tried to maintain it (answered by Odilitime)\nQ: Is it possible to connect an agent to Telegram or Discord through the Eliza cloud website? (asked by AlexMtz) A: No, that is not possible (answered by Arceon)\nQ: What caused ElizaOS token to continue declining without rebounds while other currencies recover? (asked by TJ) A: More people selling than buying and decreasing volume (answered by jasyn_bjorn and Omid Sa)\nQ: What is Babylon on ElizaOS? (asked by Phantom589) A: A prediction market with agents and human integration (answered by Omid Sa)\nQ: Why is ElizaOS not available on Kraken? (asked by TJ) A: ElizaOS was never available on Kraken; Kraken is considering migration and will inform ai16z holders (answered by Serikiki)\nQ: When will the X account be available? (asked by benzercus) A: Unanswered\n\n## 3. Help Interactions\nHelper: Odilitime | Helpee: SecretRecipe | Context: Twitter agent limitations after user/pass deprecation | Resolution: Explained they're moving to per-request pricing which should make agents cheaper\nHelper: Serikiki | Helpee: TJ | Context: Confusion about Kraken listing status | Resolution: Clarified that ElizaOS was never on Kraken and explained Kraken is considering migration\nHelper: Arceon | Helpee: Multiple users | Context: Warning about Kenk impersonators | Resolution: Advised users to double-check usernames and profiles when receiving friend requests\nHelper: jasyn_bjorn | Helpee: AlexMtz | Context: Question about connecting agents to Telegram/Discord | Resolution: Directed user to the appropriate help channel\n\n## 4. Action Items\nType: Technical | Description: Restore X/Twitter account functionality for ElizaOS | Mentioned By: Odilitime\nType: Technical | Description: Optimize Twitter agent to reduce API read consumption | Mentioned By: Odilitime\nType: Feature | Description: Implement proper network tokenomics for ElizaOS | Mentioned By: DorianD\nType: Documentation | Description: Provide updates in the updates channel | Mentioned By: Omid Sa\nType: Technical | Description: Complete migration from ai16z to ElizaOS | Mentioned By: hns71\nType: Feature | Description: Launch Babylon on ElizaOS | Mentioned By: joaz0502\n---\n1300025221834739744\n---\n\ud83d\udcac-coders\n---\n# Discord Chat Analysis for \ud83d\udcac-coders\n\n## 1. Summary:\nThe chat segment contains brief discussions about ElizaOS functionality and plugin recommendations. One user inquired about extending an existing PostgreSQL database to work with ElizaOS's SQL plugin needs, receiving a response with a GitHub code reference showing how this might be implemented. Another user asked for recommendations on plugins to fetch off-chain market data, mentioning that DexScreener had been removed from the plugin directory and requesting free alternatives. The conversation was minimal with limited technical depth or concrete solutions.\n\n## 2. FAQ:\nQ: When using elizaos, can i extend my existing postgresql database (with data inside) to store elizaos core sql plugin need? (asked by velsaria) A: i think so, like this [GitHub code reference] (answered by sayonara)\nQ: What plugin would you recommend I use to fetch offchain market data? (asked by Skelzor) A: Unanswered\nQ: Like what sorta offchain market data, news? (asked by jin) A: Unanswered\n\n## 3. Help Interactions:\nHelper: sayonara | Helpee: velsaria | Context: Extending existing PostgreSQL database for ElizaOS core SQL plugin | Resolution: Provided GitHub code reference showing possible implementation approach\n\n## 4. Action Items:\nTechnical: Investigate extending PostgreSQL database for ElizaOS core SQL plugin needs | Mentioned By: velsaria\nFeature: Find alternative to DexScreener for fetching off-chain market data | Mentioned By: Skelzor\nDocumentation: Document available plugins for market data fetching | Mentioned By: Skelzor\n---\n1301363808421543988\n---\n\ud83e\udd47-partners\n---\n# Discord Chat Analysis for \ud83e\udd47-partners Channel\n\n## 1. Summary:\nThe chat segment contains minimal technical discussion, focusing instead on market predictions and the recovery of an X (Twitter) account for ElizaOS. Phenowin initiated a conversation about recovering the ElizaOS X account by 2026, emphasizing its importance for attracting investors during a potential bull market. Odilitime confirmed plans to recover the account. The conversation then shifted to cryptocurrency market predictions, with DorianD expressing skepticism about a 2026 bull run, suggesting 2028 as more likely. DorianD also shared thoughts on broader geopolitical trends affecting decentralized networks and technical limitations of Bitcoin, including the blocksize debate and 10-minute block time. The conversation concluded with DorianD's long-term vision of blockchain technology enabling AI agents that can operate without easy shutdown, combined with prediction markets to effect real-world change.\n\n## 2. FAQ:\nQ: Is it in our 2026 plans to recover our elizaos x account? (asked by Phenowin) A: Still planning on getting it back (answered by Odilitime)\nQ: Will there be a bull run in 2026? (asked by Phenowin) A: Doubt there will be a bull run in 2026 more like 2028 (answered by DorianD)\n\n## 3. Help Interactions:\nHelper: DorianD | Helpee: Phenowin | Context: Market analysis regarding cryptocurrency bull run timing | Resolution: DorianD provided analysis on economic indicators and Fed policy impacts on risk assets\n\n## 4. Action Items:\nTechnical: Recover the ElizaOS X account | Description: Regain control of the project's social media presence on X platform | Mentioned By: Phenowin\n---\n1377726087789940836\n---\ncore-devs\n---\n# Discord Chat Analysis - \"core-devs\" Channel\n\n## 1. Summary:\nThe chat primarily revolves around a security incident with the elizaOS.ai website. Odilitime discovered the site was compromised with an XMR cryptocurrency miner injected into the code. The vulnerability was likely related to outdated Next.js dependencies (version 15.3.1) with known RCE vulnerabilities. Odilitime and cjft collaborated to fix the issue by updating dependencies to Next.js 16.0.7 and deploying a fresh copy of the site. They also needed to add nginx settings for websocket support. Additionally, Kenk shared a roadmap for Eliza Labs projects, suggesting it be hosted in the main elizaOS repository. Stan mentioned working on streaming functionality with tests in progress. Jin recommended the Strix Halo mini PC for self-hosting LLMs, noting they successfully ran elizaOS with gpt-oss 120b on their GMKTEC EVO-X2 system.\n\n## 2. FAQ:\nQ: What was the security issue with the elizaOS.ai website? (asked by jasyn_bjorn) A: The site was hacked with an XMR cryptocurrency miner, likely exploiting a Next.js RCE vulnerability (answered by Odilitime)\nQ: What was the solution to fix the hacked website? (asked by cjft) A: Update Next.js to version 16.0.7 and add nginx settings for websocket support (answered by Odilitime)\nQ: Where should the Eliza Labs roadmap live? (asked by Kenk) A: Unanswered\n\n## 3. Help Interactions:\nHelper: cjft | Helpee: Odilitime | Context: Website hacked due to outdated Next.js with RCE vulnerability | Resolution: Created PR #3 to update dependencies to Next.js 16.0.7, which fixed the issue\nHelper: Odilitime | Helpee: jasyn_bjorn | Context: elizaOS.ai website down with 502 bad gateway | Resolution: Identified XMR miner injection, updated dependencies, and restored website functionality\n\n## 4. Action Items:\nType: Technical | Description: Update Next.js dependencies to version 16.0.7 to fix security vulnerabilities | Mentioned By: cjft\nType: Technical | Description: Add nginx settings for websocket support | Mentioned By: Odilitime\nType: Technical | Description: Rotate PAT (Personal Access Token) after security breach | Mentioned By: Odilitime\nType: Documentation | Description: Consider moving Eliza Labs roadmap to main elizaOS repository | Mentioned By: Kenk\nType: Technical | Description: Schedule a session on the roadmap before Christmas break | Mentioned By: Kenk\nType: Technical | Description: Complete streaming functionality tests | Mentioned By: Stan \u26a1\n---\n2025-12-08.md\n---\n# elizaOS Discord - 2025-12-08\n\n**Date: December 8, 2025**\n\n## Overall Discussion Highlights\n\n### Security & Technical Issues\n- **Critical Security Incident**: The elizaOS.ai website was compromised with an XMR cryptocurrency miner injected into the code. The vulnerability was related to outdated Next.js dependencies (v15.3.1) with known RCE vulnerabilities. Odilitime and cjft collaborated to fix the issue by updating to Next.js 16.0.7 and deploying a fresh copy of the site.\n- **Twitter Agent Limitations**: Significant discussion about Twitter agent functionality issues after the deprecation of username/password authentication. The current implementation faces severe restrictions due to API read limits, with the first 50 mentions check consuming 50% of the free tier limit immediately.\n- **Database Integration**: Brief discussion about extending existing PostgreSQL databases to work with ElizaOS's SQL plugin needs, with a GitHub code reference provided as a potential implementation approach.\n\n### Project Development & Roadmap\n- **Eliza Labs Roadmap**: Kenk shared a roadmap for Eliza Labs projects, suggesting it be hosted in the main elizaOS repository.\n- **Streaming Functionality**: Stan mentioned working on streaming functionality with tests currently in progress.\n- **X Account Recovery**: Plans to recover the ElizaOS X (Twitter) account were confirmed by Odilitime, with Phenowin emphasizing its importance for attracting investors during potential future bull markets.\n- **Babylon Development**: Discussion about Babylon, a prediction market with agent and human integration that hasn't launched yet despite 272k registrations.\n\n### Market & Token Concerns\n- **Token Price Decline**: Users expressed frustration about the ElizaOS token's continuous downtrend (approximately 40% drop in a month) while other cryptocurrencies showed recovery.\n- **Market Predictions**: DorianD expressed skepticism about a 2026 bull run, suggesting 2028 as more likely, citing broader geopolitical trends affecting decentralized networks.\n- **Exchange Listing Clarification**: Confusion about Kraken listing status was addressed, clarifying that ElizaOS was never on Kraken and explaining Kraken is considering migration.\n\n### Self-Hosting & Hardware\n- **Local Deployment**: Users with extensive home server setups discussed self-hosting capabilities for running models locally with Ollama and N8N.\n- **Hardware Recommendations**: Jin recommended the Strix Halo mini PC for self-hosting LLMs, noting they successfully ran elizaOS with gpt-oss 120b on their GMKTEC EVO-X2 system.\n\n## Key Questions & Answers\n\n**Q: Why is the user/pass method for Twitter agents deprecated?** \nA: It's legally not allowed now, X's lawyers would get involved if anyone tried to maintain it. (Odilitime)\n\n**Q: Is it possible to connect an agent to Telegram or Discord through the Eliza cloud website?** \nA: No, that is not possible. (Arceon)\n\n**Q: What caused ElizaOS token to continue declining without rebounds while other currencies recover?** \nA: More people selling than buying and decreasing volume. (jasyn_bjorn and Omid Sa)\n\n**Q: What is Babylon on ElizaOS?** \nA: A prediction market with agents and human integration. (Omid Sa)\n\n**Q: Why is ElizaOS not available on Kraken?** \nA: ElizaOS was never available on Kraken; Kraken is considering migration and will inform ai16z holders. (Serikiki)\n\n**Q: When using elizaos, can I extend my existing postgresql database to store elizaos core sql plugin need?** \nA: Yes, it's possible, with a GitHub code reference provided showing implementation approach. (sayonara)\n\n**Q: What was the security issue with the elizaOS.ai website?** \nA: The site was hacked with an XMR cryptocurrency miner, likely exploiting a Next.js RCE vulnerability. (Odilitime)\n\n**Q: Will there be a bull run in 2026?** \nA: Doubt there will be a bull run in 2026, more likely in 2028. (DorianD)\n\n## Community Help & Collaboration\n\n1. **Security Incident Resolution**:\n - cjft helped Odilitime address the website security breach by creating PR #3 to update dependencies to Next.js 16.0.7\n - Odilitime identified the XMR miner injection and restored website functionality after jasyn_bjorn reported the 502 bad gateway error\n\n2. **Technical Support**:\n - sayonara provided a GitHub code reference to velsaria showing how to extend PostgreSQL databases for ElizaOS core SQL plugin\n - Serikiki clarified confusion about Kraken listing status for TJ, explaining the current situation with ai16z holders\n\n3. **Market Analysis**:\n - DorianD provided detailed analysis to Phenowin regarding cryptocurrency bull run timing, economic indicators, and Fed policy impacts on risk assets\n\n4. **Security Awareness**:\n - Arceon warned multiple users about Kenk impersonators, advising them to double-check usernames and profiles when receiving friend requests\n\n## Action Items\n\n### Technical\n- Update Next.js dependencies to version 16.0.7 to fix security vulnerabilities (cjft)\n- Add nginx settings for websocket support (Odilitime)\n- Rotate PAT (Personal Access Token) after security breach (Odilitime)\n- Restore X/Twitter account functionality for ElizaOS (Odilitime)\n- Optimize Twitter agent to reduce API read consumption (Odilitime)\n- Complete streaming functionality tests (Stan \u26a1)\n- Investigate extending PostgreSQL database for ElizaOS core SQL plugin needs (velsaria)\n- Recover the ElizaOS X account (Phenowin)\n- Complete migration from ai16z to ElizaOS (hns71)\n\n### Documentation\n- Consider moving Eliza Labs roadmap to main elizaOS repository (Kenk)\n- Provide updates in the updates channel (Omid Sa)\n- Document available plugins for market data fetching (Skelzor)\n\n### Feature\n- Implement proper network tokenomics for ElizaOS (DorianD)\n- Launch Babylon on ElizaOS (joaz0502)\n- Find alternative to DexScreener for fetching off-chain market data (Skelzor)\n- Schedule a session on the roadmap before Christmas break (Kenk)\n---\n2025-12-09.md\n---\nFile not found\n---\n2025-11-30.md\n---\n# elizaos/eliza Weekly Report (Nov 30 - 6, 2025)\n\n## \ud83d\ude80 Highlights\nThis week was characterized by a significant push for stabilization and code quality, followed by the introduction of new foundational features. Development focused on major refactoring efforts to standardize logging and optimize the server architecture. A large number of UI/UX issues were resolved, leading to a cleaner and more reliable user experience. The week concluded with proposals for a unified serverless API and robust JWT authentication, signaling a shift towards building out the next layer of core services.\n\n## \ud83d\udee0\ufe0f Key Developments\nWork this week centered on improving the existing codebase through refactoring, bug fixes, and stabilization.\n\n- **Core Component Refactoring & Stabilization**\n - A major refactor was completed to standardize logging across the Core, CLI, and Server components, improving observability and resolving technical debt ([#6169]).\n - The server underwent a significant optimization and reorganization effort to improve its structure and performance ([#6199]).\n - A necessary rollback was performed on the `plugin-sql` package to revert problematic build configuration changes ([#6194]).\n\n- **Client UI Bug Fixes**\n - The user-facing client was improved with fixes to markdown rendering. These changes addressed excessive vertical spacing in AI-generated responses, particularly around headings and blockquotes, for better visual consistency ([#6159], [#6197]).\n\n- **New Foundational Features (In Progress)**\n - Work began on two significant backend features with new pull requests for a unified serverless API ([#6201]) and a comprehensive JWT authentication and user management system ([#6200]).\n\n## \ud83d\udc1b Issues & Triage\nIssue management focused on closing out a wide range of bugs and UI/UX improvements, while new issues point toward future platform expansion.\n\n- **Closed Issues:**\n - **UI/UX & Stability:** A large batch of issues was closed to enhance the user experience and platform stability. This included simplifying the UI by cleaning up the sidebar and removing \"Quick Presets\" ([#6174], [#6176], [#6179]), improving server reliability by addressing connection timeouts ([#6198]), and fixing a container deployment bug ([#6187]).\n - **Technical Debt & Logging:** The long-standing effort to standardize logging and clean up the CLI/server was officially closed ([#6073], [#5932]).\n - **Community Questions:** Issues regarding OpenAI-compatible API support ([#6168]) and the location of documentation ([#6122]) were closed with clarifications, demonstrating responsiveness to user queries.\n\n- **New & Active Issues:**\n - **Future Platform Expansion:** New discussions were opened around significant future capabilities, including proposals for native Voice Support ([#6196]) and a dedicated Mobile App ([#6195]).\n - **Scope Clarification:** An active discussion on Farcaster + Base app support ([#6161]) was clarified; the feature is intended for the related Otaku agent platform, not the core Eliza framework, and an initial scope for contribution was offered.\n\n## \ud83d\udcac Community & Collaboration\nThe week's activity shows a pattern of focused, collaborative effort. The large number of UI/UX and stability issues closed in a single day suggests a coordinated push to clear a backlog and polish the platform. The prompt closure of user-submitted questions about API compatibility and documentation location highlights the team's commitment to community support. Finally, the emergence of new pull requests for major architectural features and new issues proposing mobile and voice support indicates that contributors are actively thinking about the project's long-term trajectory.\n---\n2025-11-01.md\n---\n# elizaos/eliza Monthly Report (November 2025)\n\n## \ud83d\ude80 Highlights\nNovember kicked off with a dual focus on enhancing system stability and laying the groundwork for significant new capabilities. A critical bug affecting agent settings persistence was resolved, directly improving the framework's reliability. Concurrently, new development was initiated to introduce entity-level security and enhance the core runtime. The opening of several strategic issues signals a forward-looking push towards improved performance through parallel actions and background tasks, as well as new user engagement features.\n\n## \ud83d\udee0\ufe0f Key Developments\nWork this month balanced immediate fixes with the introduction of new features.\n\n- **Agent Stability Improvement**\n A significant bug was fixed that prevented agent settings from persisting across restarts, ensuring that runtime-generated configurations are now correctly retained. This change, made to the core runtime initialization logic, enhances the overall reliability of agent operations ([#6106](https://github.com/elizaos/eliza/pull/6106)).\n\n- **New Feature Initiatives**\n Development began on several new fronts with the opening of new pull requests:\n - **Security:** A proposal was made to implement entity-level row-level security, aiming to add more granular data access controls ([#6107](https://github.com/elizaos/eliza/pull/6107)).\n - **Runtime Enhancements:** Work started on adding an ElizaOS reference directly to the runtime, likely to streamline framework interactions ([#6111](https://github.com/elizaos/eliza/pull/6111)).\n\n## \ud83d\udc1b Issues & Triage\nIssue tracking this month was focused on defining the next wave of development priorities.\n\n- **Closed Issues:** No issues were closed during this period.\n\n- **New & Active Issues:** Several key issues were opened, outlining major areas for future work:\n - **Core Functionality & Performance:** Discussions were initiated around implementing \"Parallel actions\" ([#6108](https://github.com/elizaos/eliza/issues/6108)) and \"Background tasks\" ([#6109](https://github.com/elizaos/eliza/issues/6109)), indicating a focus on scaling the system's operational capacity.\n - **Security & User Engagement:** New issues were created for \"Entity-level RLS\" ([#6112](https://github.com/elizaos/eliza/issues/6112)), which complements the ongoing PR, and a \"Points / Leaderboard\" system ([#6110](https://github.com/elizaos/eliza/issues/6110)) to enhance user interaction.\n - According to the reports, none of the active issues have generated more than three comments, suggesting discussions are still in their early stages.\n\n## \ud83d\udcac Community & Collaboration\nThe provided reports indicate a period of focused, heads-down development. While new pull requests and issues were opened, the data does not show any high-volume discussions or specific collaborative events. The alignment between the new pull request for RLS ([#6107](https://github.com/elizaos/eliza/pull/6107)) and the corresponding new issue ([#6112](https://github.com/elizaos/eliza/issues/6112)) suggests coordinated planning around new features.\n---\n{\n \"interval\": {\n \"intervalStart\": \"2025-12-01T00:00:00.000Z\",\n \"intervalEnd\": \"2026-01-01T00:00:00.000Z\",\n \"intervalType\": \"month\"\n },\n \"repository\": \"elizaos/eliza\",\n \"overview\": \"From 2025-12-01 to 2026-01-01, elizaos/eliza had 12 new PRs (8 merged), 4 new issues, and 12 active contributors.\",\n \"topIssues\": [\n {\n \"id\": \"I_kwDOMT5cIs7V2Buf\",\n \"title\": \"Where did packages/docs/ go?\",\n \"author\": \"LinuxIsCool\",\n \"number\": 6122,\n \"repository\": \"elizaos/eliza\",\n \"body\": \"There was always packages/docs/ where did it get moved to?\",\n \"createdAt\": \"2025-11-04T18:08:54Z\",\n \"closedAt\": \"2025-12-01T14:35:46Z\",\n \"state\": \"CLOSED\",\n \"commentCount\": 2\n },\n {\n \"id\": \"I_kwDOMT5cIs7cPNBC\",\n \"title\": \".eliza needed or plugin-sql crashes, should autocreate\",\n \"author\": \"lalalune\",\n \"number\": 6204,\n \"repository\": \"elizaos/eliza\",\n \"body\": \"You can see here, I am building an Eliza agent from scratch\\n\\n```\\nimport { AgentRuntime, type Character, type Plugin } from \\\"@elizaos/core\\\";\\nimport { plugin } from \\\"@elizaos/plugin-sql\\\"\\nimport { openaiPlugin } from \\\"@elizaos/plugin-openai\\\"\\nimport fs from \\\"fs\\\";\\n\\n// if .eliza directory does not exist, create it\\nif (!fs.existsSync(\\\".eliza\\\")) {\\n fs.mkdirSync(\\\".eliza\\\");\\n}\\n\\nconst character: Character = {\\n name: \\\"Eliza\\\",\\n bio: \\\"You are a helpful assistant\\\",\\n};\\n\\nconst plugins: Plugin[] = [\\n plugin,\\n openaiPlugin,\\n];\\n\\nconst agent = new AgentRuntime({\\n character, // need a character to start the agent\\n plugins // bare minimum is db plugin and inference plugin\\n});\\n\\nagent.initialize().then(() => {\\n console.log(\\\"Agent initialized\\\");\\n\\n\\n});\\n```\\n\\nIn order to get it to work I have to add\\n```\\nimport fs from \\\"fs\\\";\\n\\n// if .eliza directory does not exist, create it\\nif (!fs.existsSync(\\\".eliza\\\")) {\\n fs.mkdirSync(\\\".eliza\\\");\\n}\\n```\\n\\nBut this should happen automatically\",\n \"createdAt\": \"2025-12-04T14:37:44Z\",\n \"closedAt\": \"2025-12-08T13:17:08Z\",\n \"state\": \"CLOSED\",\n \"commentCount\": 1\n },\n {\n \"id\": \"I_kwDOMT5cIs7YjZ7G\",\n \"title\": \"can i use deepseek api?\",\n \"author\": \"870171594\",\n \"number\": 6156,\n \"repository\": \"elizaos/eliza\",\n \"body\": \"**Is your feature request related to a problem? Please describe.**\\n\\n\\n\\n**Describe the solution you'd like**\\n\\n\\n\\n**Describe alternatives you've considered**\\n\\n\\n\\n**Additional context**\\n\\n\\n\",\n \"createdAt\": \"2025-11-17T12:36:09Z\",\n \"closedAt\": \"2025-12-08T13:17:30Z\",\n \"state\": \"CLOSED\",\n \"commentCount\": 0\n },\n {\n \"id\": \"I_kwDOMT5cIs7aq1FH\",\n \"title\": \"Fix \\\"Dashboard\\\" Button Pointer Event\",\n \"author\": \"borisudovicic\",\n \"number\": 6188,\n \"repository\": \"elizaos/eliza\",\n \"body\": \"\",\n \"createdAt\": \"2025-11-26T18:43:21Z\",\n \"closedAt\": \"2025-12-02T16:15:51Z\",\n \"state\": \"CLOSED\",\n \"commentCount\": 0\n },\n {\n \"id\": \"I_kwDOMT5cIs7aq01s\",\n \"title\": \"Fix Container Deployment Bug\",\n \"author\": \"borisudovicic\",\n \"number\": 6187,\n \"repository\": \"elizaos/eliza\",\n \"body\": \"Debug issue where certain container types on specific architectures are failing to deploy.\",\n \"createdAt\": \"2025-11-26T18:42:55Z\",\n \"closedAt\": \"2025-12-02T16:15:51Z\",\n \"state\": \"CLOSED\",\n \"commentCount\": 0\n }\n ],\n \"topPRs\": [\n {\n \"id\": \"PR_kwDOMT5cIs620Si3\",\n \"title\": \"feat(auth): implement JWT authentication and user management\",\n \"author\": \"standujar\",\n \"number\": 6200,\n \"body\": \"## Relates to\\r\\n\\r\\n- Data isolation / multi-entity support\\r\\n- External JWT provider integration (Privy, Auth0, Clerk, Supabase, Google, Embbeded)\\r\\n\\r\\n## Risks\\r\\n\\r\\n**Low**\\r\\n\\r\\n- Requires `ENABLE_DATA_ISOLATION=true` to activate JWT auth mode\\r\\n\\r\\n## Background\\r\\n\\r\\n### What does this PR do?\\r\\n\\r\\nImplements a complete JWT authentication system for ElizaOS with support for multiple verification strategies:\\r\\n\\r\\n1. **JWT Verifier Factory** - Priority-based verifier selection:\\r\\n - Ed25519 (highest priority) - For self-signed JWTs with Ed25519 keys\\r\\n - JWKS (medium priority) - For external providers (Auth0, Clerk, Privy, Supabase, Google)\\r\\n - Secret (lowest priority) - For simple HS256 symmetric key verification\\r\\n\\r\\n2. **Entity ID derivation from JWT `sub` claim**:\\r\\n - `entityId = stringToUuid(payload.sub)`\\r\\n - Compatible with ANY JWT provider since `sub` is a standard claim\\r\\n - No custom claims needed in external JWTs\\r\\n\\r\\n3. **Dual authentication modes**:\\r\\n - `ENABLE_DATA_ISOLATION=true` \u2192 JWT authentication required\\r\\n - `ENABLE_DATA_ISOLATION=false` \u2192 X-Entity-Id header (legacy mode)\\r\\n\\r\\n4. **Internal service bypass** - Process-local UUID secret for service-to-service calls\\r\\n\\r\\n5. **Credentials-based auth endpoints** (`/api/auth/*`) - only in custom - JWT-SECRET mode:\\r\\n - `POST /register` - User registration with bcrypt password hashing\\r\\n - `POST /login` - User login with JWT generation\\r\\n - `POST /refresh` - Token refresh\\r\\n - `GET /me` - Current user info\\r\\n\\r\\n6. **Client UI default implementation using self mode (Secret)\\r\\n\\r\\n### What kind of change is this?\\r\\n\\r\\n**Features** (non-breaking change which adds functionality)\\r\\n\\r\\n## Architecture\\r\\n\\r\\n```\\r\\n\u250c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510\\r\\n\u2502 JWT Verification Flow \u2502\\r\\n\u251c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2524\\r\\n\u2502 Request with Bearer token \u2502\\r\\n\u2502 \u2193 \u2502\\r\\n\u2502 JWTVerifierFactory.create() \u2502\\r\\n\u2502 \u2193 \u2502\\r\\n\u2502 Priority: Ed25519 > JWKS > Secret > Disabled \u2502\\r\\n\u2502 \u2193 \u2502\\r\\n\u2502 verifier.verify(token) \u2502\\r\\n\u2502 \u2193 \u2502\\r\\n\u2502 Extract payload.sub \u2502\\r\\n\u2502 \u2193 \u2502\\r\\n\u2502 entityId = stringToUuid(sub) \u2190 Derived, NOT stored in JWT \u2502\\r\\n\u2502 \u2193 \u2502\\r\\n\u2502 req.entityId = entityId \u2502\\r\\n\u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518\\r\\n```\\r\\n\\r\\n## Environment Variables\\r\\n\\r\\n| Variable | Description | Example |\\r\\n|----------|-------------|---------|\\r\\n| `ENABLE_DATA_ISOLATION` | Enable JWT auth mode | `true` |\\r\\n| `JWT_SECRET` (optional) | HS256 symmetric secret | `your-secret-key` |\\r\\n| `JWT_PUBLIC_KEY_ED25519` (optional) | Ed25519 public key (base64) | `MCowBQYDK2Vw...` |\\r\\n| `JWT_JWKS_URI` (optional) | JWKS endpoint URL | `https://auth0.com/.well-known/jwks.json` |\\r\\n| `JWT_ISSUER_WHITELIST` (optional) | Allowed issuers (comma-separated) | `https://auth0.com/,https://clerk.dev` |\\r\\n\\r\\n## Documentation changes needed?\\r\\n\\r\\nYes - Documentation should be added for:\\r\\n- Environment variable configuration\\r\\n- External provider setup (Auth0, Clerk, Privy examples)\\r\\n\\r\\n## Testing\\r\\n\\r\\n### Where should a reviewer start?\\r\\n\\r\\n1. `packages/server/src/services/jwt-verifiers/factory.ts` - Core factory logic\\r\\n2. `packages/server/src/middleware/jwtMiddleware.ts` - HTTP middleware\\r\\n3. `packages/server/src/socketio/index.ts` - SocketIO authentication\\r\\n\\r\\n### Detailed testing steps\\r\\n\\r\\n**Unit Tests:**\\r\\n```bash\\r\\ncd packages/server\\r\\nbun run test:unit\\r\\n```\\r\\n\\r\\n**Integration Tests:**\\r\\n```bash\\r\\ncd packages/server\\r\\nbun run test:integration\\r\\n```\\r\\n\\r\\n**Results:** 489 unit tests pass, 6 integration test files pass\\r\\n\\r\\n### Manual Testing\\r\\n\\r\\n1. **Test with JWT_SECRET (HS256):**\\r\\n```bash\\r\\nENABLE_DATA_ISOLATION=true JWT_SECRET=test-secret bun run dev\\r\\n```\\r\\n\\r\\n2. **Register a user:**\\r\\n```bash\\r\\ncurl -X POST http://localhost:3000/api/auth/register \\\\\\r\\n -H \\\"Content-Type: application/json\\\" \\\\\\r\\n -d '{\\\"email\\\":\\\"test@example.com\\\",\\\"username\\\":\\\"testuser\\\",\\\"password\\\":\\\"password123\\\"}'\\r\\n```\\r\\n\\r\\n3. **Use returned token:**\\r\\n```bash\\r\\ncurl http://localhost:3000/api/agents \\\\\\r\\n -H \\\"Authorization: Bearer \\\"\\r\\n```\\r\\n\\r\\n## External Provider Compatibility\\r\\n\\r\\nTested JWT formats:\\r\\n- **Auth0**: `sub: \\\"auth0|1234567890\\\"`\\r\\n- **Clerk**: `sub: \\\"user_2abcdefgh123456\\\"`\\r\\n- **Google**: `sub: \\\"1234567890\\\"` with `email`, `email_verified`\\r\\n- **Supabase**: `sub: \\\"uuid\\\"` with `role: \\\"authenticated\\\"`\\r\\n- **Privy**: `sub: \\\"did:privy:...\\\"`\\r\\n\\r\\nAll providers work because we only require the standard `sub` claim.\\r\\n\\r\\n## Next Idea Steps: Access Control Layer (ACL)\\r\\n\\r\\nThe next phase will add access control on agents and rooms: \\r\\n\\r\\nAgents:\\r\\n- Each user can create their own agents (ownerId = entityId)\\r\\n- Visibility: public or private\\r\\n- Private = only the owner can chat with it\\r\\n- Public = everyone can chat, but only the owner can modify/delete\\r\\n\\r\\nRooms:\\r\\n- Each room has an owner\\r\\nOnly the owner can:\\r\\n- Delete the room (DELETE /rooms/:id)\\r\\n- Clear message history (DELETE /rooms/:id/messages)\\r\\n- Change visibility\\r\\n\\r\\nThis will enable true multi-tenant mode where each user manages their resources in isolation.\",\n \"repository\": \"elizaos/eliza\",\n \"createdAt\": \"2025-12-03T11:55:47Z\",\n \"mergedAt\": null,\n \"additions\": 6072,\n \"deletions\": 353\n },\n {\n \"id\": \"PR_kwDOMT5cIs63dqrL\",\n \"title\": \"[DRAFT] feat(core): Implement parallel action execution in processActions\",\n \"author\": \"wtfsayo\",\n \"number\": 6209,\n \"body\": \"## Summary\\n\\nThis PR implements parallel action execution within the `processActions()` method to improve performance for multi-action responses.\\n\\n## Changes\\n\\n### Core Runtime (`packages/core/src/runtime.ts`)\\n- Execute actions within a single response batch **in parallel** using `Promise.allSettled()`\\n- All actions in a batch receive the **same initial state snapshot**\\n- State accumulates **sequentially between response batches**\\n- Merge all `ActionResult.values` after parallel batch completes\\n- Preserve fault tolerance: if one action fails, others still complete\\n\\n### Prompts (`packages/core/src/prompts.ts`)\\n- Updated `messageHandlerTemplate` to reflect parallel execution model\\n- Changed \\\"IMPORTANT ACTION ORDERING RULES\\\" to \\\"IMPORTANT ACTION EXECUTION RULES\\\"\\n- Clarified that actions listed in a single response execute in parallel\\n- Added guidance to use multi-step workflow for sequential dependencies\\n\\n### Action State Provider (`packages/plugin-bootstrap/src/providers/actionState.ts`)\\n- Updated JSDoc and description to clarify \\\"previous results\\\" refers to prior response batches, not sibling parallel actions\\n\\n### Tests\\n- Updated `runtime.test.ts` to match new state initialization behavior\\n- Updated `prompts.test.ts` to match new prompt text\\n\\n## Key Data Flow\\n\\n```\\nResponse 1: [action1, action2, action3]\\n \u251c\u2500> Execute ALL in parallel with initialState\\n \u251c\u2500> Wait for all to complete\\n \u2514\u2500> Merge results \u2192 accumulatedState\\n\\nResponse 2: [action4, action5]\\n \u251c\u2500> Execute ALL in parallel with accumulatedState from Response 1\\n \u251c\u2500> Wait for all to complete\\n \u2514\u2500> Merge results \u2192 new accumulatedState\\n```\\n\\n## Testing\\n\\n- All existing runtime tests pass\\n- All prompt tests pass\\n- All multi-step workflow tests pass\\n- Action chaining tests pass\\n\\n## Breaking Changes\\n\\nNone - backward compatible. Actions that previously assumed sequential execution within a batch will now run in parallel, but since they all receive the same state snapshot, behavior should be equivalent for independent actions.\\n\\n\\n---\\n\\n> [!NOTE]\\n> Execute actions in a response batch in parallel with a shared state snapshot, accumulate results across batches, and introduce AsyncLocalStorage-based prompt tracking with prompt/provider/test updates.\\n> \\n> - **Core (runtime.ts)**:\\n> - Parallelize `processActions` per response using `Promise.allSettled()`; each batch shares a composed state snapshot; accumulate `ActionResult.values` and plan state between batches.\\n> - Add robust action resolution (exact/fuzzy/similes), error paths for missing action/handler, and consistent action memory/logging.\\n> - Preserve legacy returns (void/boolean) as completed; treat `{ success:false }` (including minimal/error-only) as failed.\\n> - Merge working memory with size cap; cache `action_results`; update action plan immutably per step.\\n> - Introduce AsyncLocalStorage context: `ActionContextStore`, `getCurrentActionContext`, and browser fallback `createBrowserFallback` for prompt collection; include action context in `useModel` logs; skip collecting `TEXT_EMBEDDING` prompts.\\n> - **Prompts (prompts.ts)**:\\n> - Update `messageHandlerTemplate` for parallel execution model and guidance on multi-step dependencies.\\n> - **Provider (plugin-bootstrap/actionState.ts)**:\\n> - Clarify description/docs: \\\"previous results\\\" are from prior response batches; parallel actions share the same snapshot.\\n> - **Tests**:\\n> - Expand `runtime.test.ts`: parallel execution behavior, action result status semantics, prompt collection/isolation via AsyncLocalStorage, browser fallback behavior, exact vs fuzzy action matching.\\n> - Update `prompts.test.ts` for new execution rules and wording.\\n> \\n> Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit 55765fc289c965232d5d690c363f73c7ea1b81f6. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).\\n\",\n \"repository\": \"elizaos/eliza\",\n \"createdAt\": \"2025-12-06T19:03:17Z\",\n \"mergedAt\": null,\n \"additions\": 1467,\n \"deletions\": 292\n },\n {\n \"id\": \"PR_kwDOMT5cIs63rQjG\",\n \"title\": \"feat: enhance streaming support in text generation\",\n \"author\": \"standujar\",\n \"number\": 6212,\n \"body\": \"# Relates to\\r\\n\\r\\n- Streaming support for text generation models\\r\\n- CLI test runner improvements\\r\\n\\r\\n# Risks\\r\\n\\r\\n**Low**. Changes are additive and backward-compatible:\\r\\n- New streaming API is opt-in via `stream: true` parameter\\r\\n\\r\\n# Background\\r\\n\\r\\n## What does this PR do?\\r\\n\\r\\nAdds streaming support for `TEXT_SMALL` and `TEXT_LARGE` model types, allowing plugins to return text incrementally as it's generated. Also fixes several issues in the CLI test runner.\\r\\n\\r\\n**Core changes:**\\r\\n- Add `TextStreamResult` interface with `textStream` async iterable\\r\\n- Add `stream?: boolean` parameter to `GenerateTextParams`\\r\\n- Add `supportsStreaming()` type guard for model types\\r\\n- Update `runtime.useModel()` to handle streaming responses\\r\\n\\r\\n**CLI test fixes:**\\r\\n- Fix `startAgents` API signature (array of `{character, plugins}` objects)\\r\\n- Fix `TestRunner` to exclude `@elizaos/plugin-bootstrap` from plugin detection\\r\\n- Fix unit test mock function name (`getDefaultCharacter`)\\r\\n\\r\\n## What kind of change is this?\\r\\n\\r\\n- Features (non-breaking change which adds functionality)\\r\\n- Bug fixes (non-breaking change which fixes an issue)\\r\\n\\r\\n# Documentation changes needed?\\r\\n\\r\\nMy changes require a change to the project documentation:\\r\\n- Document the new streaming API for plugin developers\\r\\n- Update model type documentation with streaming support info\\r\\n\\r\\n# Testing\\r\\n\\r\\n## Where should a reviewer start?\\r\\n\\r\\n1. `packages/core/src/types/model.ts` - New streaming types\\r\\n2. `packages/core/src/runtime.ts` - Runtime streaming support\\r\\n3. `packages/cli/src/utils/test-runner.ts` - Bootstrap exclusion fix\\r\\n```\\r\\n\",\n \"repository\": \"elizaos/eliza\",\n \"createdAt\": \"2025-12-08T13:03:38Z\",\n \"mergedAt\": null,\n \"additions\": 951,\n \"deletions\": 112\n },\n {\n \"id\": \"PR_kwDOMT5cIs62WwSP\",\n \"title\": \"refactor(server): optimization and reorganization\",\n \"author\": \"standujar\",\n \"number\": 6199,\n \"body\": \"# Risks\\r\\n\\r\\n**Low to Medium**\\r\\n\\r\\n- Socket.IO configuration changes may affect existing client connections (tested with multiple browsers)\\r\\n- Code reorganization changes import paths - all imports have been updated and verified\\r\\n\\r\\n# Background\\r\\n\\r\\n## What does this PR do?\\r\\n\\r\\nThis PR addresses server performance issues (request timeouts ~30s with multiple users connections) and improves code organization following clean architecture principles.\\r\\n\\r\\n### Performance Optimizations\\r\\n\\r\\n1. **Socket.IO Configuration**\\r\\n - Configured `pingInterval` (25s) and `pingTimeout` (20s)\\r\\n - Set `connectTimeout` (10s)\\r\\n - Enforced transport order: `['websocket', 'polling']`\\r\\n\\r\\n2. **HTTP Server Timeouts**\\r\\n - Added `timeout`, `keepAliveTimeout`, `headersTimeout`, `requestTimeout`\\r\\n - Prevents hanging connections\\r\\n\\r\\n3. **Socket Disconnection Guards**\\r\\n - Added checks before emitting to sockets\\r\\n - Graceful handling of disconnected clients\\r\\n\\r\\n4. **Parallel Database Operations**\\r\\n - Used `Promise.all` for independent DB queries\\r\\n - Reduces latency for multi-query endpoints\\r\\n\\r\\n### Code Reorganization\\r\\n\\r\\nRestructured root-level files into proper directories:\\r\\n\\r\\n| Before | After |\\r\\n|--------|-------|\\r\\n| `src/bus.ts` | `src/services/message-bus.ts` |\\r\\n| `src/loader.ts` | `src/services/loader.ts` |\\r\\n| `src/upload.ts` | `src/utils/upload.ts` |\\r\\n| `src/types.ts` | `src/types/server.ts` |\\r\\n| *(new)* | `src/utils/config.ts` |\\r\\n| *(new)* | `src/services/index.ts` |\\r\\n\\r\\n- Added `ServerMiddleware` and `ServerConfig` types to `types/server.ts`\\r\\n- Created barrel exports in `services/index.ts` and updated `utils/index.ts`\\r\\n- Maintained backward compatibility via re-exports in `src/index.ts`\\r\\n\\r\\n### Test Fixes\\r\\n\\r\\n- Fixed invalid UUID usage in integration tests (replaced string casts with `stringToUuid()`)\\r\\n- Updated import paths for relocated modules\\r\\n\\r\\n## What kind of change is this?\\r\\n\\r\\n- Improvements (performance optimizations)\\r\\n- Refactoring (code reorganization)\\r\\n- Bug fixes (test UUID issues)\\r\\n\\r\\n# Documentation changes needed?\\r\\n\\r\\nNo\\r\\n\\r\\n# Testing\\r\\n\\r\\n## Where should a reviewer start?\\r\\n\\r\\n1. [src/index.ts](packages/server/src/index.ts) - Main entry point with Socket.IO and HTTP timeout configs\\r\\n2. [src/services/](packages/server/src/services/) - Reorganized service files\\r\\n\\r\\n## Detailed testing steps\\r\\n\\r\\n1. Run unit tests and integrations tests:\\r\\n ```bash\\r\\n cd packages/server && bun run test:unit && bun run test:integration\\r\\n ```\\r\\n\\r\\n2. Run build:\\r\\n ```bash\\r\\n cd packages/server && bun run build\\r\\n ```\\r\\n\\r\\n3. Manual testing:\\r\\n - Start server with PostgreSQL\\r\\n - Connect multiple browser tabs simultaneously\\r\\n - Verify no timeout errors after 30s\\r\\n - Test Socket.IO reconnection behavior\",\n \"repository\": \"elizaos/eliza\",\n \"createdAt\": \"2025-12-01T14:03:31Z\",\n \"mergedAt\": \"2025-12-01T15:58:32Z\",\n \"additions\": 608,\n \"deletions\": 439\n },\n {\n \"id\": \"PR_kwDOMT5cIs63it4P\",\n \"title\": \"feat: bump deps, fix drizzle-kit across ecosystem\",\n \"author\": \"ChristopherTrimboli\",\n \"number\": 6210,\n \"body\": \"## \ud83d\udd04 Update All Dependencies to Latest Versions\\n\\n### Problem\\n\\nFound conflicting `drizzle-orm` versions across the monorepo causing compatibility issues:\\n\\n- `drizzle-orm@0.45.0` (root)\\n- `drizzle-orm@0.44.7` (from `@elizaos/plugin-sql`)\\n- `drizzle-orm@0.38.4` (from `@elizaos/plugin-memory`)\\n- `drizzle-kit@0.31.x` which is **not compatible** with `drizzle-orm@0.44+`\\n\\n### Solution\\n\\nUpdated all packages across the monorepo to their latest compatible versions to ensure consistency and resolve dependency conflicts.\\n\\n### Key Updates\\n\\n| Package | Before | After |\\n|---------|--------|-------|\\n| `bun` | 1.2.21 | 1.3.4 |\\n| `typescript` | 5.8.x - 5.9.2 | 5.9.3 |\\n| `zod` | 3.x - 4.1.11 | 4.1.13 |\\n| `drizzle-orm` | 0.44.2 | 0.45.0 |\\n| `prettier` | 3.5.3 - 3.6.2 | 3.7.4 |\\n| `vite` | 6.x - 7.1.7 | 7.2.6 |\\n| `react` / `react-dom` | 18.3.1 | 19.1.0 |\\n| `lerna` | 9.0.0 | 9.0.3 |\\n| `turbo` | 2.5.5 | 2.6.3 |\\n\\n### Packages Updated\\n\\n- \u2705 Root `package.json`\\n- \u2705 `@elizaos/core`\\n- \u2705 `@elizaos/cli` (+ added `@elizaos/plugin-ollama`)\\n- \u2705 `@elizaos/client`\\n- \u2705 `@elizaos/server`\\n- \u2705 `@elizaos/plugin-sql`\\n- \u2705 `@elizaos/plugin-bootstrap`\\n- \u2705 `@elizaos/api-client`\\n- \u2705 `@elizaos/service-interfaces`\\n- \u2705 `@elizaos/test-utils`\\n- \u2705 `@elizaos/plugin-starter`\\n- \u2705 `@elizaos/plugin-quick-starter`\\n- \u2705 `@elizaos/plugin-dummy-services`\\n- \u2705 `@elizaos/project-starter`\\n- \u2705 `@elizaos/project-tee-starter`\\n- \u2705 `@elizaos/app`\\n- \u2705 `@elizaos/config`\\n\\n### Testing\\n\\n```bash\\nbun outdated # Returns empty - all packages up to date\\nbun install # Completes successfully\\n```\\n\\n### Notes\\n\\n- Version bumped `@elizaos/plugin-sql`, `@elizaos/server`, `@elizaos/client` to `1.6.5-alpha.22`\\n- The `whatwg-url@7.1.0` peer dependency in `plugin-bootstrap` is intentionally pinned for compatibility\",\n \"repository\": \"elizaos/eliza\",\n \"createdAt\": \"2025-12-07T17:34:35Z\",\n \"mergedAt\": \"2025-12-08T03:15:58Z\",\n \"additions\": 582,\n \"deletions\": 741\n }\n ],\n \"codeChanges\": {\n \"additions\": 2386,\n \"deletions\": 1385,\n \"files\": 84,\n \"commitCount\": 70\n },\n \"completedItems\": [\n {\n \"title\": \"fix: markdown spacing compact\",\n \"prNumber\": 6159,\n \"type\": \"bugfix\",\n \"body\": \"# Relates to\\r\\n\\r\\nFixes excessive vertical spacing in AI-generated markdown responses in the ElizaOS client UI.\\r\\n\\r\\n# Risks\\r\\n\\r\\n**Low Risk**\\r\\n\\r\\n- Only CSS changes affecting markdown content rendering\\r\\n- Uses well-supported CSS features (Chrome \",\n \"files\": [\n \"packages/client/src/components/ai-elements/response.tsx\",\n \"packages/client/src/index.css\"\n ]\n },\n {\n \"title\": \"refactor(server): optimization and reorganization\",\n \"prNumber\": 6199,\n \"type\": \"refactor\",\n \"body\": \"# Risks\\r\\n\\r\\n**Low to Medium**\\r\\n\\r\\n- Socket.IO configuration changes may affect existing client connections (tested with multiple browsers)\\r\\n- Code reorganization changes import paths - all imports have been updated and verified\\r\\n\\r\\n# Backgroun\",\n \"files\": [\n \"bun.lock\",\n \"packages/server/src/__tests__/builders/channel.builder.ts\",\n \"packages/server/src/__tests__/builders/message.builder.ts\",\n \"packages/server/src/__tests__/integration/agent-server-interaction.test.ts\",\n \"packages/server/src/__tests__/integration/database-operations.test.ts\",\n \"packages/server/src/__tests__/integration/message-bus-service.test.ts\",\n \"packages/server/src/__tests__/unit/api/crud-uuid.test.ts\",\n \"packages/server/src/__tests__/unit/api/jobs.test.ts\",\n \"packages/server/src/__tests__/unit/features/socketio-router.test.ts\",\n \"packages/server/src/__tests__/unit/services/message-bus-compatibility.test.ts\",\n \"packages/server/src/__tests__/unit/utils/loader-uuid.test.ts\",\n \"packages/server/src/__tests__/unit/utils/loader.test.ts\",\n \"packages/server/src/api/index.ts\",\n \"packages/server/src/api/messaging/channels.ts\",\n \"packages/server/src/api/messaging/core.ts\",\n \"packages/server/src/api/messaging/jobs.ts\",\n \"packages/server/src/api/messaging/messageServers.ts\",\n \"packages/server/src/api/messaging/sessions.ts\",\n \"packages/server/src/api/shared/uploads/index.ts\",\n \"packages/server/src/index.ts\",\n \"packages/server/src/services/index.ts\",\n \"packages/server/src/services/loader.ts\",\n \"packages/server/src/services/message-bus.ts\",\n \"packages/server/src/services/message.ts\",\n \"packages/server/src/socketio/index.ts\",\n \"packages/server/src/types/server.ts\",\n \"packages/server/src/utils/config.ts\",\n \"packages/server/src/utils/index.ts\",\n \"packages/server/src/utils/media-transformer.ts\",\n \"packages/server/src/utils/upload.ts\"\n ]\n },\n {\n \"title\": \"fix(client): improve markdown content spacing\",\n \"prNumber\": 6197,\n \"type\": \"bugfix\",\n \"body\": \"This PR includes two fixes for markdown content spacing in the client:\\n\\n1. Add missing heading and separator spacing to markdown-content\\n2. Reduce blockquote vertical spacing for more compact display\\n\\nThese changes improve the visual consis\",\n \"files\": [\n \"packages/client/src/index.css\"\n ]\n },\n {\n \"title\": \"feat: Unified API - serverless - nodejs\",\n \"prNumber\": 6201,\n \"type\": \"feature\",\n \"body\": \"\",\n \"files\": [\n \"bun.lock\",\n \"packages/core/src/__tests__/elizaos-sendmessage.test.ts\",\n \"packages/core/src/__tests__/elizaos.test.ts\",\n \"packages/core/src/elizaos.ts\",\n \"packages/core/src/types/elizaos.ts\"\n ]\n },\n {\n \"title\": \"fix(examples): respect user LOG_LEVEL in standalone-cli-chat\",\n \"prNumber\": 6203,\n \"type\": \"bugfix\",\n \"body\": \"\",\n \"files\": [\n \"examples/standalone-cli-chat.ts\"\n ]\n },\n {\n \"title\": \"fix(plugin-sql): migrate to messageService API and auto-create PGLite directories\",\n \"prNumber\": 6202,\n \"type\": \"bugfix\",\n \"body\": \"## Summary\\n\\nThis PR modernizes the standalone example files and improves the SQL plugin's directory handling by:\\n1. Migrating examples from the deprecated `MESSAGE_RECEIVED` event system to the new `messageService.handleMessage()` API\\n2. Ad\",\n \"files\": [\n \"examples/standalone-cli-chat.ts\",\n \"examples/standalone.ts\",\n \"packages/plugin-sql/src/__tests__/unit/directory-creation.test.ts\",\n \"packages/plugin-sql/src/index.node.ts\",\n \"packages/plugin-sql/src/index.ts\"\n ]\n },\n {\n \"title\": \"feat: Add ElizaOS Cloud as Default AI Provider in CLI\",\n \"prNumber\": 6208,\n \"type\": \"feature\",\n \"body\": \"## Add ElizaOS Cloud as Default AI Provider in CLI\\n\\n### Summary\\n- Add **ElizaOS Cloud** as the first/recommended option in `elizaos create` AI model selection\\n- Integrate browser-based login flow for seamless API key setup\\n- Fix env variabl\",\n \"files\": [\n \"bun.lock\",\n \"packages/cli/src/commands/create/actions/setup.ts\",\n \"packages/cli/src/commands/create/utils/selection.ts\",\n \"packages/cli/src/commands/deploy/utils/api-client.ts\",\n \"packages/cli/src/commands/login/README.md\",\n \"packages/cli/src/commands/login/actions/login.ts\",\n \"packages/cli/src/utils/get-config.ts\",\n \"packages/cli/tests/commands/create.test.ts\",\n \"packages/cli/tests/unit/utils/elizacloud-config.test.ts\",\n \"packages/cli/tests/unit/utils/selection.test.ts\"\n ]\n },\n {\n \"title\": \"feat: bump deps, fix drizzle-kit across ecosystem\",\n \"prNumber\": 6210,\n \"type\": \"feature\",\n \"body\": \"## \ud83d\udd04 Update All Dependencies to Latest Versions\\n\\n### Problem\\n\\nFound conflicting `drizzle-orm` versions across the monorepo causing compatibility issues:\\n\\n- `drizzle-orm@0.45.0` (root)\\n- `drizzle-orm@0.44.7` (from `@elizaos/plugin-sql`)\\n- `\",\n \"files\": [\n \".github/workflows/cli-tests.yml\",\n \".github/workflows/client-cypress-tests.yml\",\n \".github/workflows/jsdoc-automation.yml\",\n \".github/workflows/release.yaml\",\n \".github/workflows/tauri-ci.yml\",\n \".github/workflows/update-news.yml\",\n \"bun.lock\",\n \"package.json\",\n \"packages/api-client/package.json\",\n \"packages/app/package.json\",\n \"packages/cli/package.json\",\n \"packages/cli/tests/commands/agent.test.ts\",\n \"packages/cli/tests/commands/create.test.ts\",\n \"packages/cli/tests/commands/dev.test.ts\",\n \"packages/cli/tests/commands/env.test.ts\",\n \"packages/cli/tests/commands/monorepo.test.ts\",\n \"packages/cli/tests/commands/plugins.test.ts\",\n \"packages/cli/tests/commands/publish.test.ts\",\n \"packages/cli/tests/commands/start.test.ts\",\n \"packages/cli/tests/commands/tee.test.ts\",\n \"packages/cli/tests/commands/test.test.ts\",\n \"packages/cli/tests/commands/update.test.ts\",\n \"packages/cli/tests/unit/utils/elizacloud-config.test.ts\",\n \"packages/client/package.json\",\n \"packages/config/package.json\",\n \"packages/core/package.json\",\n \"packages/plugin-bootstrap/package.json\",\n \"packages/plugin-dummy-services/package.json\",\n \"packages/plugin-quick-starter/package.json\",\n \"packages/plugin-sql/build.ts\",\n \"packages/plugin-sql/package.json\",\n \"packages/plugin-starter/package.json\",\n \"packages/project-starter/package.json\",\n \"packages/project-tee-starter/package.json\",\n \"packages/server/package.json\",\n \"packages/service-interfaces/package.json\",\n \"packages/test-utils/package.json\"\n ]\n }\n ],\n \"topContributors\": [\n {\n \"username\": \"standujar\",\n \"avatarUrl\": \"https://avatars.githubusercontent.com/u/16385918?u=718bdcd1585be8447bdfffb8c11ce249baa7532d&v=4\",\n \"totalScore\": 279.52895895081156,\n \"prScore\": 270.09095895081157,\n \"issueScore\": 0,\n \"reviewScore\": 9,\n \"commentScore\": 0.43799999999999994,\n \"summary\": null\n },\n {\n \"username\": \"wtfsayo\",\n \"avatarUrl\": \"https://avatars.githubusercontent.com/u/82053242?u=98209a1f10456f42d4d2fa71db4d5bf4a672cbc3&v=4\",\n \"totalScore\": 106.43812183926335,\n \"prScore\": 106.03812183926334,\n \"issueScore\": 0,\n \"reviewScore\": 0,\n \"commentScore\": 0.4,\n \"summary\": null\n },\n {\n \"username\": \"ChristopherTrimboli\",\n \"avatarUrl\": \"https://avatars.githubusercontent.com/u/27584221?u=0d816ce1dcdea8f925aba18bb710153d4a87a719&v=4\",\n \"totalScore\": 100.17356870848266,\n \"prScore\": 95.17356870848266,\n \"issueScore\": 0,\n \"reviewScore\": 5,\n \"commentScore\": 0,\n \"summary\": null\n },\n {\n \"username\": \"0xbbjoker\",\n \"avatarUrl\": \"https://avatars.githubusercontent.com/u/54844437?u=90fe1762420de6ad493a1c1582f1f70c0d87d8e2&v=4\",\n \"totalScore\": 38.31247180559945,\n \"prScore\": 33.31247180559945,\n \"issueScore\": 0,\n \"reviewScore\": 5,\n \"commentScore\": 0,\n \"summary\": null\n },\n {\n \"username\": \"Tonyflam\",\n \"avatarUrl\": \"https://avatars.githubusercontent.com/u/150600391?u=0c905a5f627ff99389fc79e9978f1dc47546456e&v=4\",\n \"totalScore\": 6.218573590279973,\n \"prScore\": 6.218573590279973,\n \"issueScore\": 0,\n \"reviewScore\": 0,\n \"commentScore\": 0,\n \"summary\": null\n },\n {\n \"username\": \"github-advanced-security\",\n \"avatarUrl\": \"https://avatars.githubusercontent.com/in/57789?v=4\",\n \"totalScore\": 4.5,\n \"prScore\": 0,\n \"issueScore\": 0,\n \"reviewScore\": 4.5,\n \"commentScore\": 0,\n \"summary\": null\n },\n {\n \"username\": \"pereslavlland\",\n \"avatarUrl\": \"https://avatars.githubusercontent.com/u/247946180?v=4\",\n \"totalScore\": 2.2,\n \"prScore\": 0,\n \"issueScore\": 2,\n \"reviewScore\": 0,\n \"commentScore\": 0.2,\n \"summary\": null\n },\n {\n \"username\": \"linear\",\n \"avatarUrl\": \"https://avatars.githubusercontent.com/in/20150?v=4\",\n \"totalScore\": 2,\n \"prScore\": 0,\n \"issueScore\": 2,\n \"reviewScore\": 0,\n \"commentScore\": 0,\n \"summary\": null\n },\n {\n \"username\": \"lalalune\",\n \"avatarUrl\": \"https://avatars.githubusercontent.com/u/18633264?u=e2e906c3712c2506ebfa98df01c2cfdc50050b30&v=4\",\n \"totalScore\": 2,\n \"prScore\": 0,\n \"issueScore\": 2,\n \"reviewScore\": 0,\n \"commentScore\": 0,\n \"summary\": null\n },\n {\n \"username\": \"borisudovicic\",\n \"avatarUrl\": \"https://avatars.githubusercontent.com/u/31806472?u=8935f4d43fd7e4eb9bf5ff92d54d4d2f8ac8a786&v=4\",\n \"totalScore\": 2,\n \"prScore\": 0,\n \"issueScore\": 2,\n \"reviewScore\": 0,\n \"commentScore\": 0,\n \"summary\": null\n }\n ],\n \"newPRs\": 12,\n \"mergedPRs\": 8,\n \"newIssues\": 4,\n \"closedIssues\": 13,\n \"activeContributors\": 12\n}" ] }