## ElizaOS Developer Update (2026-04-12 → 2026-04-18) This update summarizes core framework work in `elizaos/eliza` plus plugin ecosystem changes across `elizaos-plugins/*`, based on GitHub activity and developer Discord discussions through **2026-04-18** (no 2026-04-19 daily log available in the provided dataset). --- ### 1) Core Framework #### Shared concurrency primitives: `utils/batch-queue` A new shared batch-processing subsystem landed to unify concurrency, prioritization, draining, retry, and backpressure across multiple runtime subsystems (knowledge embeddings, action-filter indexing, prompt batching, etc.). This reduces duplicated “ad-hoc queues” and makes throughput tuning consistent across the stack. - PR: **`feat(core): shared batch-queue drains and bounded knowledge embeddings`** — https://github.com/elizaos/eliza/pull/6722 - Docs: `packages/docs/runtime/batch-queue.mdx` (added/updated in the same PR) **Why this matters** - High-concurrency workloads (embedding, indexing, enrichment) now share the same scheduling semantics and can be tuned centrally. - The “bounded” changes reduce the risk of runaway embedding workloads when knowledge bases are large or ingest spikes. **Example: using a batch processor** ```ts import { BatchProcessor } from "@elizaos/core/utils/batch-queue"; // Pseudocode: exact imports/paths may differ by package entrypoint const processor = new BatchProcessor({ maxBatchSize: 32, maxConcurrency: 4, retry: { attempts: 3, backoffMs: 250 }, }); await processor.enqueue({ key: `embed:${doc.id}`, priority: 10, task: async () => embedDocument(doc), }); ``` #### Reflection pipeline: task completion wired into evaluator flow Reflection now incorporates an explicit “is the task done?” assessment step, improving termination behavior and evaluation accuracy. - PR: **`Shaw/reflection runtime sync`** — https://github.com/elizaos/eliza/pull/6721 #### Message service reliability work (retry + flow hardening) Ongoing runtime flow changes to improve responsiveness and reduce transient failures in message processing, including docs/spec updates across prompts and generated action/provider docs. - PR: **`Shaw/message service retry`** — https://github.com/elizaos/eliza/pull/6717 #### Repo structure: new `agent/` starter workspace A new top-level `agent/` workspace was introduced to make it easier to “boot” the repo and run a minimal agent across TypeScript/Python/Rust scaffolds. This also included runtime composition changes (notably, `loadCharacters` accepting file paths/options rather than only preloaded objects). - PR: **`feat: add agent/ like starter in develop`** — https://github.com/elizaos/eliza/pull/6702 **Developer impact** - Expect minor refactors if you previously constructed characters purely in-memory and relied on older composition helpers. **Example: loading characters by path (newer composition style)** ```ts import { loadCharacters } from "@elizaos/core/runtime-composition"; const characters = await loadCharacters([ "./characters/default.character.json", "./characters/support.character.json", ], { // options vary; example intent: validate: true, allowOverrides: true, }); ``` --- ### 2) New Features #### Pipeline hooks (prompt optimization + plugin typography + future routing) Hook points were added to the pipeline to enable cross-cutting tooling (prompt optimizers, post-processors, formatting/typography layers, etc.). This expands the surface area for instrumentation and transformation without forking the core message loop. - PR: **`feat: pipeline hooks`** — https://github.com/elizaos/eliza/pull/6733 **Illustrative usage (conceptual)** ```ts runtime.pipeline.registerHook("beforeModelCall", async (ctx) => { // e.g. redact secrets, normalize whitespace, attach tracing metadata ctx.prompt = redact(ctx.prompt); ctx.metadata.traceId = crypto.randomUUID(); return ctx; }); runtime.pipeline.registerHook("afterModelStreamChunk", async (chunk) => { // e.g. apply typography / chunk normalization for TTS return normalizeChunk(chunk); }); ``` #### Plugin ecosystem growth: QuantOracle plugin proposal A new community plugin was proposed for inclusion in the plugin registry. - Registry: `@quantoracle/plugin-quantoracle` (proposal referenced in the 2026-04-18 dev summary) - Registry repo: https://github.com/elizaos-plugins/registry #### Agent-to-agent commerce exploration (Merxex integration proposal) A new issue proposed integrating Merxex to enable agent-to-agent commerce flows. - Issue (proposal): referenced in 2026-04-18 activity summary (link not provided in dataset) - Core repo: https://github.com/elizaos/eliza/issues --- ### 3) Bug Fixes (critical / high-impact) #### Duplicate LLM calls when messages contain URLs (token-cost + duplicated streaming) A subtle bug caused **two model invocations** for messages that included URLs (or otherwise triggered providers), because provider enrichment incorrectly forced the “actions path” even when the model already produced a streamed `REPLY`. - PR: **`fix(core): prevent duplicate LLM calls when message contains URL or triggers providers`** — https://github.com/elizaos/eliza/pull/6528 - Related issue: https://github.com/elizaos/eliza/issues/6486 **Technical context** - The first call returned `actions: ["REPLY"]` and `providers: ["ATTACHMENTS"]` due to URL detection. - The old `isSimple` check treated “providers present” as “not simple”, causing the REPLY handler to run and call the model again. - Fix: `isSimple` now keys solely on `actions === ["REPLY"]`. #### TTS garbling + streaming callback type divergence Multiple inconsistent `onStreamChunk` callback definitions and a “dual extractor” pattern were consolidated into one canonical type (`StreamChunkCallback`), eliminating a class of streaming chunk handling bugs that manifested as TTS garbling. - PR: **`fix(core): consolidate StreamChunkCallback, remove dual-extractor CAUSING TTS garbling`** — https://github.com/elizaos/eliza/pull/6690 - Docs updated: - `packages/docs/guides/streaming-responses.mdx` - `packages/docs/runtime/messaging.mdx` - `packages/docs/runtime/types-reference.mdx` **Migration note (TypeScript)** ```ts import type { StreamChunkCallback } from "@elizaos/core/types/components"; // Prefer a single canonical signature everywhere const onStreamChunk: StreamChunkCallback = (chunk) => { // chunk normalization/rendering }; ``` #### Release pipeline unblocked: TypeScript build errors in agent/app-core/ui Alpha releases were blocked by TS errors; fixes landed to restore publishability for key packages. - PR: **`fix(build): unblock NPM Release — TS errors in agent/app-core/ui`** — https://github.com/elizaos/eliza/pull/6810 #### Repo hygiene: removed a machine-specific symlink A dangling symlink inside `packages/typescript/` pointed to a contributor’s local filesystem path, breaking tooling that recursively walks the package tree. - PR: **`fix: remove dangling typescript symlink in packages/typescript`** — https://github.com/elizaos/eliza/pull/6713 --- ### 4) API Changes (developer-facing) #### Runtime composition: `loadCharacters` accepts paths/options (composition API evolution) Introduced in the `agent/` starter work, `loadCharacters` now supports loading by file path with options, impacting custom runners that previously only passed in-memory objects. - PR: https://github.com/elizaos/eliza/pull/6702 - Tests updated: `packages/typescript/src/__tests__/runtime-composition.test.ts` #### Streaming types: canonical `StreamChunkCallback` If you implemented custom streaming adapters or UI streaming consumers, update to the unified callback type. - PR: https://github.com/elizaos/eliza/pull/6690 #### Infrastructure-level changes (dependency bump batch) A large set of dependency updates was submitted (Supabase/Postgres docker tag upgrades, Capacitor, Uniswap SDKs, node types, gymnasium, Android Gradle tools). While mostly non-functional changes, they can affect: - Docker-based local dev environments - Android build reproducibility - TypeScript ambient types (`@types/node`) Reference (daily summary): https://elizaos.github.io/api/summaries/overall/day/2026-04-18.json --- ### 5) Social Media Integrations (Twitter / Telegram / Discord / Farcaster) #### Discord plugin hardening (DM gating + timeout fallbacks) Security gating was added around direct messages plus timeout fallbacks to reduce risk and prevent “stuck generation” scenarios. - PR: **DM allowlist gating + timeout fallbacks** — https://github.com/elizaos-plugins/plugin-discord/pull/48 - Weekly summary reference: `github_summaries_week_latest_2026-04-12.md` #### Discord chat UX: remove heartbeat messages A UX improvement removed heartbeat messages and bumped the orchestrator pin (referenced in 2026-04-18 activity). If you rely on heartbeat events for monitoring, confirm you’re not parsing user-facing chat output for system health. - Reference: https://elizaos.github.io/api/summaries/overall/day/2026-04-18.json #### Telegram plugin: one poller per bot token policy Telegram polling was stabilized by enforcing a strict single-poller policy per bot token to prevent duplicate processes and resource contention. - PR: https://github.com/elizaos-plugins/plugin-telegram/pull/27 #### Twitter/X status (community note) Community raised concerns about inactivity of the official X account; team focus is currently on product/framework work (Milady + v3 efforts). No plugin-level X changes were confirmed in the provided Discord logs this week. - Discord reference (discussion): https://discord.com/channels/1253563208833433701/1253563209462448241 --- ### 6) Model Provider Updates (OpenAI / Anthropic / DeepSeek / etc.) #### Anthropic plugin: OAuth + headless CLI auth Anthropic integration gained OAuth support and a headless authentication flow, improving deployability in CI, servers, and enterprise environments where interactive login is not feasible. - PR: OAuth support — https://github.com/elizaos-plugins/plugin-anthropic/pull/17 - PR: Headless CLI auth — https://github.com/elizaos-plugins/plugin-anthropic/pull/18 - Weekly summary reference: `github_summaries_week_latest_2026-04-12.md` #### Dependency bumps touching provider SDKs Several Renovate-driven updates were submitted (example: `@anthropic-ai/sdk` bump). Validate lockfiles and ensure provider request/response typing still matches your adapter expectations. - Example bump reference (in month activity listing): `fix(deps): update dependency @anthropic-ai/sdk to ^0.90.0` --- ### 7) Breaking Changes / Migration Warnings (V1 → V2) #### V2 release work is active and potentially disruptive A large V2.0.0 release PR exists and significantly alters CI/release automation across TypeScript + interop + Python + Rust, adds SBOM/vuln scanning, and changes publishing workflows (including workspace dependency rewriting for NPM publishing). - PR: **`V2.0.0 release`** — https://github.com/elizaos/eliza/pull/6530 **What to watch for when migrating** - **Build & publish pipelines**: if you mirror ElizaOS workflows, expect churn in action versions, job serialization, and artifact publishing steps. - **Node/Bun expectations**: dependency updates (and `.nvmrc` changes in related PRs in the broader April activity) can impact local dev and CI reproducibility. - **Runtime composition changes**: the direction is toward path-based character loading + “starter” workflows (see `agent/` workspace PR #6702). - **Streaming type unification**: adopt `StreamChunkCallback` everywhere; remove bespoke chunk handler signatures to avoid regressions. **Action for plugin authors** - Pin against explicit `@elizaos/*` versions (avoid implicit workspace assumptions). - Run your plugin CI against `develop` and `v2 alpha` tags if you publish to npm. --- ## Security / Operational Notes (from Discord) - A security researcher (“kullai”) privately disclosed multiple vulnerabilities to a maintainer. The project does **not** currently have a bug bounty program; maintainers requested **private disclosure** rather than public PRs/issues for security findings. - Discord thread reference: https://discord.com/channels/1253563208833433701/1253563209462448241 - Multiple scam/phishing attempts were reported (fake Solana airdrops impersonating maintainers). Developers should treat any “airdrop” links as hostile and ensure official comms channels are documented and pinned. **Recommended follow-ups (docs/process)** - Add/refresh `SECURITY.md` with a private disclosure channel and response expectations. - Document “official channels” to reduce successful impersonation attempts.