# ElizaOS Developer Update: November 23-29, 2025 ## 1. Core Framework This week saw focused efforts on enhancing ElizaOS's core framework stability and security. The most significant architectural change was the completion of the Entity-level Row Level Security (RLS) implementation ([#6167](https://github.com/elizaOS/eliza/pull/6167)), which provides fine-grained data isolation at the database level. This feature enforces proper data boundaries between users and applications, creating a three-layered security model: - **Server-level RLS**: Multi-tenant isolation between different ElizaOS instances - **Entity-level RLS**: Data isolation between users, agents, and other entities - **Application authorization**: Business logic enforcement through traditional code checks A critical bug in TypeScript declarations was fixed ([#6170](https://github.com/elizaOS/eliza/pull/6170)), resolving build failures caused by `instanceof` checks on generic types. The solution introduces a new `isPlainObject` type guard: ```typescript // New type guard in utils/type-guards.ts export function isPlainObject(value: unknown): value is Record { return value !== null && typeof value === 'object' && !Array.isArray(value); } // Usage in runtime.ts if (isPlainObject(params) && 'model' in params) { // Type-safe access to params properties } ``` Additionally, improvements to logging standardization across Core, CLI, and Server components were initiated to provide more consistent and manageable log output ([#6169](https://github.com/elizaOS/eliza/pull/6169)). ## 2. New Features ### Multi-asset Charts A new feature request was opened this week for multi-asset charts ([#6193](https://github.com/elizaOS/eliza/issues/6193)). This will allow users to visualize and compare multiple assets simultaneously, enhancing the platform's analytical capabilities. ### Top-P Parameter Support Support for the `topP` parameter was added to the runtime model generation system ([#6166](https://github.com/elizaOS/eliza/pull/6166)), providing more control over token sampling during text generation: ```typescript // Configure topP at the runtime level runtime.configure({ model: { defaults: { topP: 0.8 // Set default topP for all models }, typeDefaults: { 'anthropic': { topP: 0.7 // Override for specific model types } } } }); // Or specify per request const response = await runtime.generateText({ messages: [{ role: 'user', content: 'Hello!' }], model: 'claude-3-opus', topP: 0.9 // Request-specific override }); ``` ### Dynamic Prompt Normalization Enhancement Improvements were made to dynamic prompt normalization ([#6192](https://github.com/elizaOS/eliza/pull/6192)), allowing for more robust handling of both XML and JSON outputs from `dynamicPromptExecFromState`. This change relaxes required field validation to accommodate legitimate falsy values and adds comprehensive regression tests. ## 3. Bug Fixes A critical bug affecting agent settings persistence was fixed ([#6106](https://github.com/elizaOS/eliza/pull/6106)). This issue was causing runtime-generated configurations to be lost across agent restarts, resulting in inconsistent behavior: ```typescript // Before: Agent settings were lost on restart // runtime.ts (simplified) const mergedSettings = { ...defaultSettings, ...loadedSettings }; // After: Settings properly persist across restarts // runtime.ts (simplified) const mergedSettings = { ...defaultSettings, ...loadedSettings, // Preserve nested structures through deep merge actions: { ...(defaultSettings.actions || {}), ...(loadedSettings.actions || {}) }, plugins: { ...(defaultSettings.plugins || {}), ...(loadedSettings.plugins || {}) } }; ``` Another significant fix addressed the Timeline Action Spans issue in the run visualization UI ([#6167](https://github.com/elizaOS/eliza/pull/6167)). Previously, action spans were missing from the timeline because `action_event` logs weren't properly included. The fix enhances the log filtering logic: ```typescript // Old approach - missing action_event logs const related = logs.filter((l) => { const body = l.body as { runId?: UUID; parentRunId?: UUID }; return body.runId === runId || body.parentRunId === runId; }); // New approach - captures both action and action_event logs const directlyRelated = logs.filter((l) => { const body = l.body as { runId?: UUID; parentRunId?: UUID }; return body.runId === runId || body.parentRunId === runId; }); const actionRunIds = new Set( directlyRelated .filter((l) => l.type === 'action') .map((l) => (l.body as { runId?: UUID }).runId) .filter((id): id is UUID => !!id) ); const related = logs.filter((l) => { const body = l.body as { runId?: UUID; parentRunId?: UUID }; if (body.runId === runId || body.parentRunId === runId) { return true; } if (l.type === 'action_event' && body.runId && actionRunIds.has(body.runId)) { return true; } return false; }); ``` ## 4. API Changes ### Runtime API Enhancements The ElizaOS runtime API was enhanced with several new options: 1. **skipMigrations Option**: Added `skipMigrations` parameter to `runtime.initialize()` ([#6132](https://github.com/elizaOS/eliza/pull/6132)), allowing servers to conditionally skip plugin migrations: ```typescript // Initialize without running migrations (useful for read-only instances) await runtime.initialize({ skipMigrations: true }); ``` 2. **ElizaOS Reference in Runtime**: Added direct ElizaOS reference to the runtime ([#6111](https://github.com/elizaOS/eliza/pull/6111)), enabling more seamless access to core functionality: ```typescript // Check if runtime has ElizaOS reference if (runtime.hasElizaOS()) { // Access ElizaOS methods directly const agents = await runtime.elizaOS.getAgents(); } ``` ### Semantic Clarity Improvements The API was improved with clearer naming conventions by renaming `serverId` to `messageServerId` ([#6167](https://github.com/elizaOS/eliza/pull/6167)) to avoid ambiguity: ```typescript // Old API (still supported but deprecated) const channels = await api.getChannels(agentId, serverId); // New API (preferred) const channels = await api.getChannels(agentId, messageServerId); ``` This change maintains backward compatibility while providing more semantic clarity between ElizaOS server instances and external message platforms (Discord, Telegram, etc.). ### Performance Optimizations New methods were added to improve participant checking performance ([#6167](https://github.com/elizaOS/eliza/pull/6167)): ```typescript // Old approach: O(n) complexity, loads all participants into memory const participants = await runtime.getParticipantsForRoom(roomId); const isParticipant = participants.some(p => p === entityId); // New approach: O(1) complexity, direct database existence check const isParticipant = await runtime.isRoomParticipant(entityId, roomId); ``` ## 5. Social Media Integrations This week, we observed discussions about the Senpi platform, which appears to be built on ElizaOS according to community discussions. Unfortunately, no significant updates were made to specific social media plugins in the codebase this week. There was mention of the desire to implement persistent social network posting across multiple platforms, including LinkedIn and Reddit, as noted by DorianD in the partners Discord channel. This suggests an upcoming enhancement to the social media integration capabilities of ElizaOS. ## 6. Model Provider Updates Support for Anthropic's `topP` parameter was officially added ([#6166](https://github.com/elizaOS/eliza/pull/6166)), ensuring that ElizaOS can properly utilize this parameter when generating text with Anthropic models. This aligns with Anthropic's advanced tool use capabilities that were discussed in Discord. Additionally, there was a migration from LangChain v0.3 to `@langchain/textsplitters` v1.0 ([#6152](https://github.com/elizaOS/eliza/pull/6152)), addressing deprecated dependencies and ensuring compatibility with the latest version of the LangChain ecosystem: ```typescript // Old import import { RecursiveCharacterTextSplitter } from 'langchain/text_splitter'; // New import import { RecursiveCharacterTextSplitter } from '@langchain/textsplitters'; ``` ## 7. Breaking Changes While no breaking changes were introduced this week, there are several areas where deprecation notices have been added to guide developers toward preferred APIs: 1. **messageServerId vs serverId**: The `serverId` parameter in messaging APIs is now deprecated in favor of the more semantically clear `messageServerId`. The old parameter still works but will trigger TypeScript deprecation warnings. 2. **Environment Variable Loading**: The system now loads environment variables directly from `process.env` instead of relying exclusively on `.env` files ([#6141](https://github.com/elizaOS/eliza/pull/6141)). This change should not break existing code but may change behavior if you were relying on the precedence of `.env` files over environment variables. For those migrating from V1 to V2, note that the Entity-level Row Level Security feature ([#6167](https://github.com/elizaOS/eliza/pull/6167)) can be controlled via environment variables: ```bash # Enable or disable Row Level Security features ENABLE_RLS_ISOLATION=true RLS_OWNER_ID=my-server-uuid ENABLE_DATA_ISOLATION=true ``` These options allow granular control over the security layers when upgrading existing deployments.