# ElizaOS Developer Update: November 24-30, 2025 ## 1. Core Framework This week saw important stability improvements to the ElizaOS core framework, addressing critical type-checking issues and laying groundwork for standardized logging. ### Type Checking Stability A critical bug in TypeScript declarations was resolved that was causing build failures with `instanceof` checks on generic types. The fix introduces a new `isPlainObject` type guard in `utils/type-guards.ts` to properly handle ModelParamsMap[T] type checking: ```typescript // New type guard in utils/type-guards.ts export function isPlainObject(value: unknown): value is Record { return typeof value === 'object' && value !== null && !Array.isArray(value); } // Usage in runtime.ts (replacing manual instanceof checks) if (isPlainObject(modelParams)) { // Type-safe operation on the parameters } ``` ### Logging System Refactor Work has begun on standardizing logging across Core, CLI, and Server components. The goal is to maintain JSON format for production while using a more readable single-line format during development: ```typescript // Before: Mixed format logging console.log(JSON.stringify(logObject, null, 2)); // Multi-line in dev/prod // After: Context-aware logging if (process.env.JSON_LOG === 'true') { console.log(JSON.stringify(logObject)); // Compact JSON in production } else { console.log(`[${logObject.level}] ${logObject.message}`); // Pretty in development } ``` ## 2. New Features ### Entity-Level Row Level Security (RLS) A major security enhancement has been merged this week with PR [#6167](https://github.com/elizaOS/eliza/pull/6167), implementing PostgreSQL Row Level Security for fine-grained data isolation: ```sql -- Function to track current entity context CREATE OR REPLACE FUNCTION current_entity_id() RETURNS UUID AS $$ BEGIN RETURN current_setting('app.entity_id', TRUE)::UUID; EXCEPTION WHEN OTHERS THEN RETURN NULL; END; $$ LANGUAGE plpgsql; -- Example RLS policy for direct entity ownership ALTER TABLE memories ENABLE ROW LEVEL SECURITY; CREATE POLICY entity_isolation_policy ON memories USING (entityId = current_entity_id()); ``` This creates a three-layer security model: - Server RLS (multi-tenant isolation) - Entity RLS (user privacy isolation) - Application layer authorization ### Mobile ElizaOS Implementation Community developer Endless is making progress on running elizaOS on Android devices using Termux with proot to simulate an Ubuntu environment. The main technical challenge is getting Bun (JavaScript runtime) working on mobile devices. This effort aims to enable hosting Discord bots from phones at a $5/month price point. ## 3. Bug Fixes ### Plugin SQL Build Configuration Rollback A critical bug was identified in the plugin-sql build configuration. PR [#6194](https://github.com/elizaOS/eliza/pull/6194) has been submitted to roll back these changes: ``` rollback(plugin-sql): revert build configuration changes from 08d5141… ``` Analysis of the issue revealed that recent build configuration changes in plugin-sql were causing unexpected behavior in production environments. The rollback ensures stability while a proper fix can be implemented. ### Timeline Action Spans Fix Fixed a critical bug in the run timeline display where action events weren't properly visible. The issue was that `action_event` logs (with start information) weren't being included in API responses: ```typescript // Previous filter logic only matched some logs const related = logs.filter((l) => { const body = l.body as { runId?: UUID; parentRunId?: UUID }; return body.runId === runId || body.parentRunId === runId; }); // New logic also includes action_event logs that share runIds with matched actions const actionRunIds = new Set( directlyRelated .filter((l) => l.type === 'action') .map((l) => (l.body as { runId?: UUID }).runId) .filter((id): id is UUID => !!id) ); const related = logs.filter((l) => { // Include action_event logs matching action runIds if (l.type === 'action_event' && body.runId && actionRunIds.has(body.runId)) { return true; } // ...other conditions }); ``` This fix ensures that all agent actions are visible in the timeline, significantly improving observability for debugging agent behavior. ## 4. API Changes ### Semantic Clarity: messageServerId A rename from `serverId` to `messageServerId` has been implemented to eliminate confusion between ElizaOS server instances and messaging platform servers (Discord, Telegram, etc.): ```typescript // Old API (still supported with deprecation warnings) const channels = await client.getChannels({ serverId: "discord-123" }); // New API const channels = await client.getChannels({ messageServerId: "discord-123" }); ``` Key benefits: - Clear distinction between ElizaOS server instances and messaging platforms - Self-documenting code with reduced ambiguity - Improved API endpoint clarity ### Performance Optimization: Participant Checking New efficient methods for checking room and channel participation were added, reducing complexity from O(n) to O(1): ```typescript // Old: O(n) complexity - loads all participants into memory const participants = await runtime.getParticipantsForRoom(roomId); if (!participants.includes(entityId)) { return sendError(res, 403, 'FORBIDDEN'); } // New: O(1) complexity - direct DB query if (!(await runtime.isRoomParticipant(entityId, roomId))) { return sendError(res, 403, 'FORBIDDEN'); } ``` All changes maintain full backward compatibility with existing code. ## 5. Social Media Integrations ### Cross-Platform Distribution Strategy Discussions are underway to implement a comprehensive cross-platform content distribution strategy for Eliza Labs content across: - X (Twitter) - Farcaster - Telegram - LinkedIn - Reddit - Substack - HackerNews - Meta Threads - Chinese platforms A blog will be established to serve as the content source, with automated distribution to reach a broader audience. ### Discord Plugin Testing Real-world testing of the Discord plugin revealed several issues that have been fixed: 1. Improved error handling for service unavailability 2. Fixed webhook validation for message delivery 3. Enhanced permission checking for channel access ## 6. Model Provider Updates ### OpenAI gpt-5-nano Parameter Correction An error was identified with the "gpt-5-nano" model which requires using "max_completion_tokens" instead of "max_tokens" parameter. This has been fixed in the runtime model parameter normalization. ### Anthropic Tool Use Anthropic's new advanced tool use capabilities were discussed, with similarities noted to ElizaOS's "build an agent" functionality. These advanced capabilities allow for more complex interactions and automation using Anthropic's Claude models. ## 7. Breaking Changes No breaking changes have been introduced in this release. All API changes maintain backward compatibility through: - Type deprecation warnings to guide migration - Dual field support (`serverId` → `messageServerId`) - Preserved method signatures with new alternatives All migrations are handled automatically by the system without manual intervention required. --- If you encounter any issues or have questions, please reach out in the #core-devs channel or open a support ticket.