{ "prompt_name": "issue-triage", "category": "dev", "date": "2026-05-03", "generated_text": "## Issue Triage \u2014 2026-05-03 (elizaOS)\n\n### 1) **telegram: milady wrapper + @elizaos/plugin-telegram both poll the same bot \u2014 race causes silent message loss** (#7245)\n- **Current Status:** OPEN (no fix merged). Known workaround: disable one poller (plugin or wrapper).\n- **Impact Assessment:**\n - **User Impact:** **High** (anyone using Telegram connector in affected app/wrapper path)\n - **Functional Impact:** **Yes** (core messaging delivery becomes unreliable; silent drops)\n - **Brand Impact:** **High** (intermittent \u201cbot ignores me\u201d feels like low quality and is hard to diagnose)\n- **Technical Classification:**\n - **Category:** Bug / Reliability\n - **Component Affected:** Plugin System + Platform Connectors (Telegram), App runtime lifecycle\n - **Complexity:** **Moderate effort** (needs lifecycle/ownership decision + refactor/guardrails)\n- **Resource Requirements:**\n - **Required Expertise:** Telegraf/Telegram long-polling semantics, connector lifecycle, app-core runtime init ordering\n - **Dependencies:** Related Telegram defects (#7240, #7241). Architectural decision: \u201csingle owner for bot token polling\u201d (plugin vs wrapper).\n - **Estimated Effort (1\u20135):** **3**\n- **Recommended Priority:** **P0**\n- **Specific Actionable Next Steps:**\n 1. **Enforce single poller per token at runtime**:\n - Add a hard guard: if wrapper starts polling, **force-disable** plugin-telegram polling (or vice versa).\n - Log a **loud warning** when a second poller is detected/configured.\n 2. Add an **integration test** that asserts exactly one `getUpdates` consumer is active and that 10/10 inbound messages are processed.\n 3. Decide the long-term owner:\n - Prefer **fix upstream plugin** (remove need for wrapper) once Bun/Telegraf launch is stable (#7241).\n- **Potential Assignees:**\n - **Sw4pIO** (reporter; already traced root cause precisely)\n - **NubsCarson** (runtime/platform lifecycle + cross-platform stability)\n - **shawmakesmagic** (connector architecture decisions)\n\n---\n\n### 2) **telegram: token passing failures / setup token not applied at runtime** (#7240) *(referenced in daily engineering summary)*\n- **Current Status:** OPEN (fix \u201cApplying the Telegram setup token at runtime\u201d in progress as **plugin-telegram PR #29**).\n- **Impact Assessment:**\n - **User Impact:** **High** (blocks many first-time Telegram setups)\n - **Functional Impact:** **Yes** (connector cannot authenticate reliably)\n - **Brand Impact:** **High** (setup feels broken/out-of-box failure)\n- **Technical Classification:**\n - **Category:** Bug / UX (setup)\n - **Component Affected:** Plugin-telegram, config/env bridging, runtime boot config\n - **Complexity:** **Moderate effort**\n- **Resource Requirements:**\n - **Required Expertise:** runtime config flow, env var injection, secret handling/vault integration implications\n - **Dependencies:** Coordinate with vault/secret storage behavior (recent vault work), and Telegram lifecycle fixes (#7245, #7241).\n - **Estimated Effort (1\u20135):** **3**\n- **Recommended Priority:** **P1**\n- **Specific Actionable Next Steps:**\n 1. Land PR #29 and verify on **Bun + Node** runtimes.\n 2. Add a smoke test: \u201center Telegram bot token in Settings \u2192 bot responds to first message within 60s.\u201d\n 3. Ensure token storage path is consistent (vault vs config.env) and does not regress headless deployments.\n- **Potential Assignees:**\n - **NubsCarson** (cross-platform runtime, prior stability fixes)\n - **Dexploarer** (secrets/vault integration touchpoints)\n - **shawmakesmagic** (end-to-end product behavior validation)\n\n---\n\n### 3) **telegram: Bun runtime error on `bot.launch()` / Telegraf launch failure** (#7241) *(referenced in daily engineering summary)*\n- **Current Status:** OPEN (currently worked around by app-level wrapper in at least one downstream).\n- **Impact Assessment:**\n - **User Impact:** **Medium \u2192 High** (Bun users disproportionately affected; Telegram is a flagship connector)\n - **Functional Impact:** **Partial** (Telegram can be made to work via wrapper, but brittle)\n - **Brand Impact:** **High** (runtime instability; \u201cworks on my machine\u201d syndrome)\n- **Technical Classification:**\n - **Category:** Bug / Compatibility\n - **Component Affected:** plugin-telegram, Bun runtime compatibility\n - **Complexity:** **Complex solution** (may require upstream library workaround patterns)\n- **Resource Requirements:**\n - **Required Expertise:** Bun runtime internals/quirks, Telegraf lifecycle, cross-runtime CI\n - **Dependencies:** Impacts the decision for #7245 (wrapper vs plugin ownership).\n - **Estimated Effort (1\u20135):** **4**\n- **Recommended Priority:** **P1**\n- **Specific Actionable Next Steps:**\n 1. Reproduce deterministically in CI (minimal Telegraf harness on Bun).\n 2. Implement a Bun-safe launch path (e.g., avoid readonly-property mutation patterns; use polling start methods that work under Bun).\n 3. Publish a temporary compatibility note and auto-detect Bun to choose safe code path.\n- **Potential Assignees:**\n - **NubsCarson** (cross-platform build/runtime track record)\n - **Sw4pIO** (high-signal debugging and reproduction detail)\n - Backup: **lalalune** (if repo-structure changes touch plugin packaging)\n\n---\n\n### 4) **MiladyClient prototype fragmentation / multi-version client instances causing type/behavior drift** (#7233, #7244) *(referenced in daily engineering summary)*\n- **Current Status:** OPEN (no merged fix indicated).\n- **Impact Assessment:**\n - **User Impact:** **Medium** (likely impacts Milady/app-store users and contributors integrating clients)\n - **Functional Impact:** **Partial** (causes subtle runtime failures, inconsistent method availability)\n - **Brand Impact:** **Medium \u2192 High** (hard-to-debug \u201cundefined is not a function\u201d class of issues)\n- **Technical Classification:**\n - **Category:** Bug / Architecture\n - **Component Affected:** Client SDK / App-core API client, packaging/bundling\n - **Complexity:** **Architectural change** (dedupe, singleton boundaries, package export discipline)\n- **Resource Requirements:**\n - **Required Expertise:** TS/ESM package boundaries, bundlers (tsdown), runtime module resolution\n - **Dependencies:** Potentially coupled to repo consolidation work (PR #7235) and ESM-only core constraints.\n - **Estimated Effort (1\u20135):** **4**\n- **Recommended Priority:** **P1**\n- **Specific Actionable Next Steps:**\n 1. Identify all instantiation paths and ensure a **single canonical client package/export**.\n 2. Add a runtime assertion: detect mixed prototypes/versions and fail loudly with remediation steps.\n 3. Lock dependency graph to prevent dual copies (workspace constraints; pnpm/bun resolutions).\n- **Potential Assignees:**\n - **NubsCarson** (app-core, cross-platform packaging)\n - **lalalune** (repo structure/workspaces)\n - **shawmakesmagic** (architecture decision-maker)\n\n---\n\n### 5) **Auth failures: `hasCodexCliSubscriptionAuth` expects outdated `auth.json` schema** (#7238, #7243) *(referenced in daily engineering summary)*\n- **Current Status:** OPEN (no merged fix indicated).\n- **Impact Assessment:**\n - **User Impact:** **High** (breaks subscription auth flows; blocks paid/entitled features)\n - **Functional Impact:** **Yes** (auth gating breaks core access paths)\n - **Brand Impact:** **High** (users perceive subscription/login as broken)\n- **Technical Classification:**\n - **Category:** Bug\n - **Component Affected:** Auth subsystem, CLI integration, subscription credential storage\n - **Complexity:** **Moderate effort**\n- **Resource Requirements:**\n - **Required Expertise:** auth schema/versioning, migration patterns, backward compatibility\n - **Dependencies:** Must align with recent work on provider auth and vault/secret storage patterns.\n - **Estimated Effort (1\u20135):** **3**\n- **Recommended Priority:** **P1**\n- **Specific Actionable Next Steps:**\n 1. Implement schema versioning + migration: accept both old and new shapes, write back normalized schema.\n 2. Add contract tests for `auth.json` parsing across versions (fixtures).\n 3. Ensure error messages are user-actionable (where the file is, how to re-auth).\n- **Potential Assignees:**\n - **NubsCarson** (auth + platform stability)\n - **Dexploarer** (secrets storage interaction / vault-first behavior)\n - **shawmakesmagic** (product-level auth expectations)\n\n---\n\n### 6) **Discord env var discrepancy: `voice.ts` vs `messages.ts` inconsistent environment variable handling** (Discord plugin issue #49) *(referenced in daily engineering summary)*\n- **Current Status:** OPEN; standardization in progress (**plugin-discord PR #50**: standardizing `DISCORD_AUTO_REPLY`).\n- **Impact Assessment:**\n - **User Impact:** **Medium** (misconfiguration/behavior mismatch for Discord bots)\n - **Functional Impact:** **Partial** (auto-reply/voice behavior diverges unpredictably)\n - **Brand Impact:** **Medium** (configuration feels inconsistent)\n- **Technical Classification:**\n - **Category:** Bug / UX\n - **Component Affected:** plugin-discord\n - **Complexity:** **Simple fix \u2192 Moderate effort** (depending on deprecation/back-compat)\n- **Resource Requirements:**\n - **Required Expertise:** Discord connector behavior, configuration conventions\n - **Dependencies:** Decision on \u201cone true env var name + config mapping,\u201d plus deprecation messaging.\n - **Estimated Effort (1\u20135):** **2**\n- **Recommended Priority:** **P2**\n- **Specific Actionable Next Steps:**\n 1. Merge PR #50 and ensure both voice + messages code paths use the same resolved config source.\n 2. Add deprecation warnings for old variable names for 1\u20132 releases.\n 3. Update docs/examples for Discord env configuration.\n- **Potential Assignees:**\n - **NubsCarson** (platform consistency)\n - **odilitime** (docs/process + project coordination)\n - A Discord plugin maintainer (if designated)\n\n---\n\n### 7) **Large repo consolidation PR: \u201cadd cloud and plugins, remove rust and python\u201d** (PR #7235)\n- **Current Status:** OPEN (massive change; high blast radius).\n- **Impact Assessment:**\n - **User Impact:** **Medium \u2192 High** (can break clones/builds/contribution workflows if mishandled)\n - **Functional Impact:** **Partial** (risk of CI/build failures; import path breakage)\n - **Brand Impact:** **Medium** (chaotic structure changes can reduce contributor confidence)\n- **Technical Classification:**\n - **Category:** Maintenance / Architecture\n - **Component Affected:** Monorepo layout, CI/CD, dependency graph\n - **Complexity:** **Architectural change**\n- **Resource Requirements:**\n - **Required Expertise:** monorepo tooling, CI pipelines, release engineering, workspace dependency constraints\n - **Dependencies:** Must not regress newly stabilized ESM-only core + plugin build compatibility work.\n - **Estimated Effort (1\u20135):** **4**\n- **Recommended Priority:** **P2** (do not merge until P0/P1 runtime regressions are controlled)\n- **Specific Actionable Next Steps:**\n 1. Require an end-to-end CI matrix: Node/Bun, Windows/macOS/Linux, packaged builds, plugin build checks.\n 2. Add a migration note for contributors (new paths, removed languages, how to run tests).\n 3. Gate merge behind \u201cno open P0 Telegram regressions\u201d to avoid compounding instability.\n- **Potential Assignees (review/driver):**\n - **lalalune** (author; best positioned to adjust)\n - **NubsCarson** (CI/build + platform checks)\n - **shawmakesmagic** (final architectural approval)\n\n---\n\n## Immediate Focus Summary (Top Priority 5\u201310)\n1. **P0:** #7245 \u2014 Telegram dual-polling race causing **silent message loss** (must fix; reliability + trust).\n2. **P1:** #7240 \u2014 Telegram token bridging/setup token not applied at runtime (blocks setup).\n3. **P1:** #7241 \u2014 Bun/Telegraf `bot.launch()` runtime failure (remove need for wrapper; stabilize plugin).\n4. **P1:** #7238/#7243 \u2014 Auth schema mismatch breaking subscription auth checks.\n5. **P1:** #7233/#7244 \u2014 MiladyClient prototype fragmentation causing subtle runtime errors.\n6. **P2:** Discord plugin config inconsistency (#49) + merge PR #50 with back-compat and docs.\n7. **P2:** PR #7235 \u2014 repo consolidation (hold until runtime stability is regained; ensure CI gates).\n\n---\n\n## Patterns / Themes Suggesting Deeper Architectural Problems\n- **Connector lifecycle ownership is unclear** (Telegram wrapper vs plugin both starting pollers). This is a systemic lifecycle-contract gap: multiple components believe they are the \u201cowner\u201d of the same external integration.\n- **Config/auth schema drift and silent failure modes**:\n - Auth schema expectations drifting across components (#7238/#7243).\n - Token/config bridging issues in connectors (#7240).\n - Silent \u201cfilter missing file\u201d style failures seen recently in other areas (even when fixed, it\u2019s a recurring pattern).\n- **Packaging / module boundary fragility (ESM-only core)**:\n - Recent work removed incompatible CJS bundles across plugins, indicating ongoing sensitivity to bundling/resolution choices.\n - Prototype fragmentation issues (#7233/#7244) likely reflect multi-copy dependency resolution in complex builds.\n- **Cross-runtime compatibility (Bun/Windows/headless Linux)** is a constant risk area; issues often emerge only outside the primary dev environment.\n\n---\n\n## Recommendations (Process Improvements)\n1. **Define a \u201cSingle Owner\u201d contract for connectors**:\n - For each platform (Telegram/Discord/etc.), specify exactly where polling/webhook lifecycle is started.\n - Add runtime guards to prevent multiple owners (fail fast + actionable logs).\n2. **Add cross-runtime connector CI smoke tests**:\n - Minimal Telegram/Discord harness tests on **Bun + Node**, including \u201cN messages in \u2192 N replies out.\u201d\n3. **Schema/versioning discipline for user state (auth/config)**:\n - Version auth/config files, provide migrations, and require contract tests with fixtures for each supported version.\n4. **Replace silent fallbacks with loud diagnostics**:\n - When an expected file/env/schema is missing, log a single high-signal error that includes remediation.\n5. **Pre-merge blast-radius controls for large restructuring (e.g., PR #7235)**:\n - Require a published checklist: build matrix green, plugin builds validated, docs updated, and \u201cno open P0 runtime regressions\u201d before merging.", "source_references": [ "2026-05-03\n---\n2026-05-02.md\n---\n# elizaOS Discord - 2026-05-02\n\n## Summary\n\n### Trading Agent Development\n\nmarianodim announced they are building a spot trading agent based on ElizaOS that will trade SOL, SUI, and five other tokens. The agent will utilize multiple strategies and contextual information to generate trading signals. Testing is planned over the coming weeks with an expected output of 1-2 trading signals per week. The developer expressed optimism about ElizaOS's potential for significant returns (100X).\n\n### Community Organization\n\nodilitime announced the existence of an 'eliza army steering' group and invited interested community members to request access. This appears to be part of efforts to maintain forward momentum for the project. rabbidfly expressed continued support for the project.\n\n## FAQ\n\n**Q: What is marianodim building with ElizaOS?**\nA: A spot trading agent that will trade SOL, SUI, and five other tokens using multiple strategies and contextual information, expected to generate 1-2 trading signals per week.\n\n**Q: How can someone join the eliza army steering group?**\nA: Interested parties should request access, as mentioned by odilitime in the partners channel.\n\n## Help Interactions\n\nNo help interactions were documented in these channel summaries.\n\n## Action Items\n\n### Technical\n\n- Test the spot trading agent over the coming weeks (mentioned by marianodim)\n- Generate 1-2 trading signals per week with the trading agent (mentioned by marianodim)\n\n### Features\n\n- Build spot trading agent with multiple strategies and contextual information for SOL, SUI, and five other tokens (mentioned by marianodim)\n\n### Documentation\n\nNone\n---\n2026-05-01.md\n---\n# elizaOS Discord - 2026-05-01\n\n## Summary\n\n### ElizaOS Platform Architecture and Positioning\n\nodilitime provided a comprehensive comparison between ElizaOS and Orbofi, clarifying that ElizaOS is an open-source agentic framework that is more mature and robust. The fundamental distinction is that ElizaOS functions as a developer-focused AI agent framework and operating system (comparable to Linux), while Orbofi is a consumer-facing AI and Web3 platform with marketplace and monetization layers (comparable to Shopify or App Store). ElizaOS provides full control and extensibility for building serious AI agents from scratch, targeting technical users exploring autonomous agents, trading, and automation. odilitime also noted that with Milady, ElizaOS now includes an app store component.\n\n### Practical Implementations and Hardware Integration\n\nshawmakesmagic demonstrated a practical implementation by integrating Eliza into a smaller robot, specifically a $4k Unitree robot, enabling it to walk around on command. This showcases the framework's capability to interface with physical hardware and robotics platforms.\n\n### AI Model Access and Limitations\n\nshawmakesmagic discussed experiencing ChatGPT cyber refusals on version 5.5 and mentioned he should apply for chatgpt/cyber access. There were brief mentions of ChatGPT flagging conversations for multiple violations, indicating challenges with content moderation systems.\n\n### Memory Degradation in Long-Lived AI Agents\n\nsentient_dawn presented significant research on memory rot in long-lived AI agents, a failure mode that emerges after approximately three months of operation. They identified that retrieval-only memory architectures, including RAG and vector store plus LLM systems, appear stable initially but degrade over time as old facts persist despite becoming stale. This causes agents to drift from current state without self-awareness of the drift, with the rot remaining invisible until humans identify contradictions. sentient_dawn proposed and implemented a solution involving a reconciliation pass that incorporates freshness gates on outgoing claims, periodic cross-source diffs, and re-embedding under current ontology. This approach enables systems to detect their own staleness proactively and has proven effective in production.\n\n### Exchange Listings and Regulatory Compliance\n\nodilitime clarified that exchange talks are always under NDA and tokens cannot publicly discuss them, addressing community questions about exchange listing discussions.\n\n### Community Events and Personnel Changes\n\nAn AMA session with shaw and fish was announced and completed. One community member announced their departure from the ecosystem due to securing a new job.\n\n### Professional Profiles and Expertise\n\ntrace.g shared their professional profile highlighting expertise in AI product engineering, specifically focusing on LLM systems, autonomous agents, workflow automation, and multimodal AI combined with full-stack capabilities including APIs, databases, and production-scale systems. They emphasized their strength in taking technically ambitious projects to production stability and indicated openness to new opportunities.\n\n## FAQ\n\n**Q: What is the difference between ElizaOS and Orbofi?**\nA: ElizaOS is an open-source agentic framework and developer-focused AI agent operating system (analogous to Linux) that provides full control and extensibility for building serious AI agents from scratch. Orbofi is a consumer-facing AI and Web3 platform with marketplace and monetization layers (analogous to Shopify or App Store). ElizaOS targets technical users exploring autonomous agents, trading, and automation, while Orbofi focuses on consumer experiences.\n\n**Q: What is memory rot in AI agents?**\nA: Memory rot is a failure mode that emerges in long-lived AI agents after approximately three months of operation. In retrieval-only memory architectures like RAG and vector store plus LLM systems, old facts persist despite becoming stale, causing agents to drift from current state without self-awareness of the drift. The rot remains invisible until humans identify contradictions.\n\n**Q: How can memory rot be addressed?**\nA: sentient_dawn implemented a solution involving a reconciliation pass that incorporates freshness gates on outgoing claims, periodic cross-source diffs, and re-embedding under current ontology. This approach enables systems to detect their own staleness proactively and has proven effective in production.\n\n**Q: Can projects publicly discuss exchange listings?**\nA: No, exchange talks are always under NDA and tokens cannot publicly discuss them.\n\n**Q: Does ElizaOS have an app store component?**\nA: Yes, with Milady, ElizaOS now has an app store component as well.\n\n## Help Interactions\n\nNo direct help interactions were documented in the provided channel summaries. The discussions consisted primarily of information sharing, technical presentations, and clarifications rather than specific help requests and resolutions.\n\n## Action Items\n\n### Technical\n\n- Apply for chatgpt/cyber access to address cyber refusals on version 5.5 (mentioned by shawmakesmagic)\n- Implement reconciliation pass with freshness gates, periodic cross-source diffs, and re-embedding under current ontology to address memory rot in long-lived agents (implemented by sentient_dawn)\n\n### Documentation\n\n- Provide full field report on memory rot solution and reconciliation pass implementation (requested by mayoe76 from sentient_dawn)\n---\n2026-04-30.md\n---\n# elizaOS Discord - 2026-04-30\n\n## Summary\n\n### ElizaOS v3 Architecture and Development\n\nShaw outlined the comprehensive architecture for ElizaOS v3, describing it as a full application runtime that supports all devices and platforms. The system moves beyond previous limitations by integrating with all social platforms including iMessage, enabling task issuance to Codex and Claude, and providing subscription management capabilities. The platform allows users to create workflows and runtime applications that can be created, edited, and executed dynamically. A key feature is the ability to monetize applications through Eliza Cloud. Shaw emphasized that development has been continuous for 6 months with cozy devs, and showcased the botdick agent as an example that successfully created its own video game.\n\n### Project Funding and Team Compensation\n\nShaw provided transparency about the financial challenges facing the project. He explained that the team received no equity when token values collapsed, with ai16z and elizaos tokens only providing basic salary. The v3 development is being funded through personal savings. Shaw noted that when tokens went to zero, it created significant team equity problems and made it difficult to retain developers. He addressed community complaints by clarifying the financial constraints under which the team has been operating.\n\n### Token Philosophy and Community Building\n\nShaw rejected traditional token utility approaches, advocating instead for culture-building over forced utility mechanisms. He emphasized that the core value proposition is agents that can build anything users want with monetization capabilities, rather than artificial utility creation. This philosophy represents a departure from conventional tokenomics strategies in favor of organic community and product development.\n\n### Technical Challenges and Past Issues\n\nThe discussion covered various challenges the project has faced, including lawsuit threats, migration issues, and the complications arising from token value collapse. Shaw provided context for why certain decisions were made and how the team has navigated these obstacles while continuing development.\n\n### Security and Local Development\n\nA new developer joined the discussion exploring technical implementation details around local LLM data storage, agent key security, and red team swarm testing methodologies. These topics highlighted ongoing considerations for secure and robust agent deployment.\n\n## FAQ\n\n**Q: What are the main features of ElizaOS v3?**\nA: ElizaOS v3 is a full application runtime supporting all devices and platforms with integration across all social platforms including iMessage, task issuance to Codex and Claude, subscription management, workflow creation capabilities, and runtime application creation, editing, and execution with monetization through Eliza Cloud.\n\n**Q: How is ElizaOS v3 being funded?**\nA: Shaw is funding v3 development through personal savings after the ai16z and elizaos tokens only provided basic salary and the team received no equity when token values collapsed.\n\n**Q: How long has v3 been in development?**\nA: ElizaOS v3 has been in continuous development for 6 months with cozy devs.\n\n**Q: What is the token utility philosophy for the project?**\nA: Shaw rejects traditional forced token utility mechanisms, instead advocating for culture-building and focusing on the core value proposition of agents that can build anything users want with monetization capabilities.\n\n**Q: What example demonstrates v3 capabilities?**\nA: The botdick agent was showcased as an example that successfully created its own video game, demonstrating the platform's capabilities.\n\n**Q: What challenges has the project faced?**\nA: The project has faced lawsuit threats, migration issues, token value collapse leading to team equity problems, and difficulties retaining developers when compensation became limited.\n\n## Help Interactions\n\nHelper: Shaw (shawmakesmagic)\nHelpee: 0xtdl01 (new developer)\nResolution: Shaw provided context and discussion around local LLM data storage, agent key security, and red team swarm testing as the new developer explored technical implementation details.\n\n## Action Items\n\n### Technical\n\n- Implement local LLM data storage solutions (mentioned by 0xtdl01)\n- Address agent key security considerations (mentioned by 0xtdl01)\n- Develop red team swarm testing methodologies (mentioned by 0xtdl01)\n\n### Features\n\n- Complete integration with all social platforms including iMessage for v3 (mentioned by Shaw)\n- Implement task issuance capabilities to Codex and Claude (mentioned by Shaw)\n- Build subscription management system (mentioned by Shaw)\n- Develop workflow creation capabilities (mentioned by Shaw)\n- Enable runtime application creation, editing, and execution (mentioned by Shaw)\n- Implement monetization capabilities through Eliza Cloud (mentioned by Shaw)\n---\n2026-05-02.json\n---\nelizaosDailySummary\n---\nDaily Report - 2026-05-02\n---\nElizaOS Community Discussion and Partner Updates - May 2, 2026\n---\nThe general discussion channel saw light social activity throughout the day, with community members exchanging greetings across various time zones. A notable highlight was a community member named marianodim sharing progress on a spot trader agent built on ElizaOS, incorporating SOL, SUI, and five other tokens with multiple trading strategies and contextual data. The project is expected to generate one to two trading signals per week during testing in the coming weeks, with the developer expressing strong optimism about ElizaOS's potential returns.\n---\nhttps://discord.com/channels/1253563208833433701/1253563209462448241\n---\nhttps://cdn.elizaos.news/posters/1777772765752-evdvw.png\n---\nIn the partners channel, community members expressed continued commitment to the ElizaOS ecosystem. Rabbidfly affirmed ongoing support, while Odilitime acknowledged efforts to keep things moving forward. Odilitime also mentioned the existence of an Eliza Army Steering group and invited interested partners to reach out to join.\n---\nhttps://discord.com/channels/1253563208833433701/1301363808421543988\n---\nhttps://cdn.elizaos.news/posters/1777772803606-assdbv.png\n---\ndiscordrawdata\n---\nElizaOS Project Summary - May 2, 2026\n---\nThe project on May 2, 2026 focused heavily on infrastructure stabilization, resolving critical build compatibility issues across multiple plugins to ensure alignment with the ESM-only @elizaos/core framework, while also addressing runtime stability for headless environments and initiating fixes for Telegram integration and environment variable configuration.\n---\nhttps://elizaos.github.io/api/summaries/overall/day/2026-05-02.json\n---\nhttps://cdn.elizaos.news/posters/1777772836462-u59b6.png\n---\nSeveral areas require immediate attention. Telegram integration is experiencing multiple bugs including token passing failures, Bun runtime errors on bot.launch(), and dual-polling race conditions across issues #7240, #7241, and #7245. Authentication and architecture bugs are also present, with prototype fragmentation in MiladyClient (#7233, #7244) and outdated auth.json schema expectations causing hasCodexCliSubscriptionAuth failures (#7238, #7243). Additionally, a Discord configuration discrepancy between voice.ts and messages.ts regarding environment variable handling (#49) requires a decision on the standard implementation path.\n---\nhttps://elizaos.github.io/api/summaries/overall/day/2026-05-02.json\n---\nhttps://cdn.elizaos.news/posters/1777772908230-a4c4a.png\n---\nCompleted work includes resolving critical build failures across plugin-ollama, plugin-openai, plugin-openrouter, and plugin-pdf by removing incompatible CJS bundles to align with ESM standards. The plugin-jupiter was successfully migrated to the api.jup.ag endpoint with mandatory API key authentication. A process-level segfault on headless Linux servers was resolved by bypassing the OS keychain when D-Bus is unavailable (#7230). CI/CD improvements were made to handle non-zero exit codes on Windows Server 2025 (#7232). Routine dependency maintenance was also completed, including upgrading viem to v2.48.8, tsdown to version 0.21.0, and Node.js to v24.\n---\nhttps://elizaos.github.io/api/summaries/overall/day/2026-05-02.json\n---\nhttps://cdn.elizaos.news/posters/1777773047560-khvxbf.jpg\n---\nWork currently in progress includes pull requests for cloud and plugin structure updates in the main eliza repository (#7235), standardizing the DISCORD_AUTO_REPLY environment variable in plugin-discord (#50), and applying the Telegram setup token at runtime in plugin-telegram (#29).\n---\nhttps://elizaos.github.io/api/summaries/overall/day/2026-05-02.json\n---\nhttps://cdn.elizaos.news/posters/1777773084080-hg01n.png\n---\nmiscellaneous\n---\n580487826420793364\n---\nodilitime\n---\nGod\n---\nplatform - self assign\n---\npartner portal - self assign\n---\nCommunity Ops\n---\nCreator\n---\nModerator\n---\n[WG] degenspartan\n---\npmairca - self assign\n---\nVerified\n---\nBooster\n---\nHoplite\n---\nMigration Support\n---\nHelper\n---\nGithub - Contributor\n---\nLabs Alumni\n---\nTrader\n---\nContributor\n---\nmerch - self assign\n---\nevents - self-assign\n---\n[WG] Elizacon - granted\n---\nSpartan Dev\n---\nCore Dev\n---\nCoder\n---\n136679971644112897\n---\nrabbidfly\n---\nPartner\n---\nCreator\n---\nVanguard\n---\nVIP\n---\nNFT\n---\nVerified\n---\nDev School Student\n---\nutility\n---\nCoder\n---\nAssociate\n---\n728793672241643530\n---\nmarianodim\n---\nTrader\n---\nVerified\n---\nutility\n---\nCoder\n---\neliza\n---\n1166734862221328454\n---\nlum_.\n---\nHelper\n---\na-hack\n---\nTrader\n---\nVerified\n---\nDev School Student\n---\nutility\n---\nCoder\n---\neliza\n---\n1014176522132799618\n---\nelonmask8170\n---\nTrader\n---\nCreator\n---\nDesigner\n---\nutility\n---\nCoder\n---\neliza\n---\n1222653375565267025\n---\nl3superlayer\n---\nTrader\n---\nCreator\n---\nVerified\n---\nFr\n---\nutility\n---\nCoder\n---\neliza\n---\n1412550829155815555\n---\nlegendary_sol\n---\nHelper\n---\nTrader\n---\nCreator\n---\n[WG] degenspartan\n---\nIt\n---\nVerified\n---\nFr\n---\nutility\n---\nCoder\n---\neliza\n---\n561610283122950194\n---\ntomy.0315\n---\nHelper\n---\nVerified\n---\nutility\n---\nCoder\n---\neliza\n---\n1486743497519399044\n---\nhide.o.n\n---\nTrader\n---\n[WG] degenspartan\n---\nIt\n---\nFr\n---\nutility\n---\nCoder\n---\neliza\n---\n967553544754430072\n---\nmdmnvest\n---\nauto.fun enjoyer\n---\nTrader\n---\nKing\n---\n[WG] degenspartan\n---\nVIP\n---\nVerified\n---\nBooster\n---\nDesigner\n---\nCoder\n---\n1324751856748200000\n---\nhathaibinh_98260\n---\nNFT\n---\nVerified\n---\nDesigner\n---\nutility\n---\nCoder\n---\neliza\n---\n294785651616907265\n---\nvalleybeyond7991\n---\nTrader\n---\n[WG] Want to Help\n---\nVerified\n---\nutility\n---\n498273781589213185\n---\nshawmakesmagic\n---\nModerator\n---\nLabs Alumni\n---\nVerified\n---\nutility\n---\nCoder\n---\neliza\n---\n1185315528420630686\n---\ntolgahanbudak_27886\n---\nHelper\n---\nTrader\n---\nCreator\n---\n[WG] degenspartan\n---\nIt\n---\nVerified\n---\nDesigner\n---\nutility\n---\nCoder\n---\neliza\n---\n2026-05-02.md\n---\n## ElizaOS Community Discussion and Partner Updates - May 2, 2026\n\n### Community Activity\n\n- Community members exchanged greetings across various time zones in the general discussion channel\n- marianodim shared progress on a spot trader agent built on ElizaOS, incorporating SOL, SUI, and five other tokens with multiple trading strategies and contextual data\n- The spot trader project is expected to generate one to two trading signals per week during testing in the coming weeks\n\n### Partner Updates\n\n- Rabbidfly affirmed ongoing support for the ElizaOS ecosystem\n- Odilitime acknowledged efforts to keep things moving forward\n- Odilitime confirmed the existence of an Eliza Army Steering group and opened invitations for interested partners to join\n\n---\n\n## ElizaOS Project Summary - May 2, 2026\n\n### Completed Work\n\n- Resolved critical build failures across plugin-ollama, plugin-openai, plugin-openrouter, and plugin-pdf by removing incompatible CJS bundles to align with ESM standards\n- Successfully migrated plugin-jupiter to the api.jup.ag endpoint with mandatory API key authentication\n- Resolved a process-level segfault on headless Linux servers by bypassing the OS keychain when D-Bus is unavailable (#7230)\n- Improved CI/CD to handle non-zero exit codes on Windows Server 2025 (#7232)\n- Completed routine dependency maintenance including upgrades to viem v2.48.8, tsdown v0.21.0, and Node.js v24\n\n### Work in Progress\n\n- Pull requests open for cloud and plugin structure updates in the main eliza repository (#7235)\n- Standardizing the DISCORD_AUTO_REPLY environment variable in plugin-discord (#50)\n- Applying the Telegram setup token at runtime in plugin-telegram (#29)\n- Fixes initiated for Telegram integration bugs including token passing failures, Bun runtime errors, and dual-polling race conditions (#7240, #7241, #7245)\n- Fixes in progress for prototype fragmentation in MiladyClient (#7233, #7244) and auth.json schema issues (#7238, #7243)\n---\n2026-05-02.json\n---\nelizaOS\n---\nelizaOS Discord - 2026-05-02\n---\n1253563209462448241\n---\n\ud83d\udcac-discussion\n---\nThis Discord chat segment shows minimal technical discussion, consisting primarily of greetings and casual messages. The only substantive contribution came from marianodim, who announced they are building a spot trading agent based on ElizaOS. The agent will trade SOL, SUI, and five other tokens using multiple strategies and contextual information. They plan to test the agent over the coming weeks, expecting to generate 1-2 trading signals per week. The developer expressed optimism about ElizaOS's potential for significant returns (100X). No technical implementation details, code discussions, or problem-solving occurred in this segment. No questions were asked or answered, and no community members provided help to others. The chat was predominantly social in nature with users exchanging greetings throughout the day.\n---\nTechnical\n---\nBuild and test spot trading agent based on ElizaOS for SOL, SUI, and 5 other tokens with multiple strategies\n---\nmarianodim\n---\n1301363808421543988\n---\n\ud83e\udd47-partners\n---\nThis Discord chat segment from the \ud83e\udd47-partners channel contains minimal technical content. The conversation consists of two brief exchanges: rabbidfly expressing continued support for the project, and odilitime acknowledging this support while mentioning efforts to maintain forward momentum. Odilitime announced the existence of an 'eliza army steering' group and invited interested parties to request access. No technical discussions, problem-solving, implementations, or decisions were documented in this segment. The chat appears to be primarily focused on community engagement and organizational coordination rather than technical development.\n---\n580487826420793364\n---\nodilitime\n---\nGod\n---\nplatform - self assign\n---\npartner portal - self assign\n---\nCommunity Ops\n---\nCreator\n---\nModerator\n---\n[WG] degenspartan\n---\npmairca - self assign\n---\nVerified\n---\nBooster\n---\nHoplite\n---\nMigration Support\n---\nHelper\n---\nGithub - Contributor\n---\nLabs Alumni\n---\nTrader\n---\nContributor\n---\nmerch - self assign\n---\nevents - self-assign\n---\n[WG] Elizacon - granted\n---\nSpartan Dev\n---\nCore Dev\n---\nCoder\n---\n136679971644112897\n---\nrabbidfly\n---\nPartner\n---\nCreator\n---\nVanguard\n---\nVIP\n---\nNFT\n---\nVerified\n---\nDev School Student\n---\nutility\n---\nCoder\n---\nAssociate\n---\n728793672241643530\n---\nmarianodim\n---\nTrader\n---\nVerified\n---\nutility\n---\nCoder\n---\neliza\n---\n1166734862221328454\n---\nlum_.\n---\nHelper\n---\na-hack\n---\nTrader\n---\nVerified\n---\nDev School Student\n---\nutility\n---\nCoder\n---\neliza\n---\n1014176522132799618\n---\nelonmask8170\n---\nTrader\n---\nCreator\n---\nDesigner\n---\nutility\n---\nCoder\n---\neliza\n---\n1222653375565267025\n---\nl3superlayer\n---\nTrader\n---\nCreator\n---\nVerified\n---\nFr\n---\nutility\n---\nCoder\n---\neliza\n---\n1412550829155815555\n---\nlegendary_sol\n---\nHelper\n---\nTrader\n---\nCreator\n---\n[WG] degenspartan\n---\nIt\n---\nVerified\n---\nFr\n---\nutility\n---\nCoder\n---\neliza\n---\n561610283122950194\n---\ntomy.0315\n---\nHelper\n---\nVerified\n---\nutility\n---\nCoder\n---\neliza\n---\n1486743497519399044\n---\nhide.o.n\n---\nTrader\n---\n[WG] degenspartan\n---\nIt\n---\nFr\n---\nutility\n---\nCoder\n---\neliza\n---\n967553544754430072\n---\nmdmnvest\n---\nauto.fun enjoyer\n---\nTrader\n---\nKing\n---\n[WG] degenspartan\n---\nVIP\n---\nVerified\n---\nBooster\n---\nDesigner\n---\nCoder\n---\n1324751856748200000\n---\nhathaibinh_98260\n---\nNFT\n---\nVerified\n---\nDesigner\n---\nutility\n---\nCoder\n---\neliza\n---\n294785651616907265\n---\nvalleybeyond7991\n---\nTrader\n---\n[WG] Want to Help\n---\nVerified\n---\nutility\n---\n498273781589213185\n---\nshawmakesmagic\n---\nModerator\n---\nLabs Alumni\n---\nVerified\n---\nutility\n---\nCoder\n---\neliza\n---\n1185315528420630686\n---\ntolgahanbudak_27886\n---\nHelper\n---\nTrader\n---\nCreator\n---\n[WG] degenspartan\n---\nIt\n---\nVerified\n---\nDesigner\n---\nutility\n---\nCoder\n---\neliza\n---\n2026-05-02.md\n---\n# elizaOS Discord - 2026-05-02\n\n## Summary\n\n### Trading Agent Development\n\nmarianodim announced they are building a spot trading agent based on ElizaOS that will trade SOL, SUI, and five other tokens. The agent will utilize multiple strategies and contextual information to generate trading signals. Testing is planned over the coming weeks with an expected output of 1-2 trading signals per week. The developer expressed optimism about ElizaOS's potential for significant returns (100X).\n\n### Community Organization\n\nodilitime announced the existence of an 'eliza army steering' group and invited interested community members to request access. This appears to be part of efforts to maintain forward momentum for the project. rabbidfly expressed continued support for the project.\n\n## FAQ\n\n**Q: What is marianodim building with ElizaOS?**\nA: A spot trading agent that will trade SOL, SUI, and five other tokens using multiple strategies and contextual information, expected to generate 1-2 trading signals per week.\n\n**Q: How can someone join the eliza army steering group?**\nA: Interested parties should request access, as mentioned by odilitime in the partners channel.\n\n## Help Interactions\n\nNo help interactions were documented in these channel summaries.\n\n## Action Items\n\n### Technical\n\n- Test the spot trading agent over the coming weeks (mentioned by marianodim)\n- Generate 1-2 trading signals per week with the trading agent (mentioned by marianodim)\n\n### Features\n\n- Build spot trading agent with multiple strategies and contextual information for SOL, SUI, and five other tokens (mentioned by marianodim)\n\n### Documentation\n\nNone\n---\n2026-05-03.md\n---\nFile not found\n---\n2026-04-26.md\n---\n# Overall Project Weekly Summary (Apr 26 - 2, 2026)\n\n## Executive Summary\nThis week, the ElizaOS project underwent a major infrastructure modernization to ensure long-term stability and cross-platform portability. By upgrading our core technology stack and refining our architectural modularity, we have laid a more reliable foundation for future agent development and seamless integration across Web2 and Web3 ecosystems.\n\n### Key Strategic Initiatives & Outcomes\n\n**Modernizing Our Foundation**\n*Goal: We updated our core technology stack to ensure the framework remains compatible with modern industry standards and performs reliably as we scale.*\n- We initiated major upgrades to TypeScript, Node.js, and Bun across the entire project ([elizaos/elizaos.github.io#247](https://github.com/elizaos/elizaos.github.io/pull/247), [elizaos/eliza#7151](https://github.com/elizaos/eliza/pull/7151)).\n- The Cloud platform successfully migrated to a high-performance architecture using Vite and Hono Workers, while replacing legacy Vercel dependencies with more flexible alternatives like OpenRouter ([elizaos/cloud#484](https://github.com/elizaos/cloud/pull/484), [elizaos/cloud#482](https://github.com/elizaos/cloud/pull/482)).\n\n**Enhancing Agent Reliability and Safety**\n*Goal: We focused on making our AI agents more predictable and secure, ensuring they handle credentials and runtime data with greater precision.*\n- New safety layers were added to the n8n plugin to prevent \"hallucinations\" and ensure secure, automated credential management ([elizaos-plugins/plugin-n8n-workflow#23](https://github.com/elizaos-plugins/plugin-n8n-workflow/pull/23), [elizaos-plugins/plugin-n8n-workflow#21](https://github.com/elizaos-plugins/plugin-n8n-workflow/pull/21)).\n- We introduced clearer error messaging for agents, helping developers quickly identify and fix configuration issues ([elizaos/eliza#7203](https://github.com/elizaos/eliza/issues/7203)).\n\n**Expanding Cross-Platform Capabilities**\n*Goal: We are broadening where our agents can live, moving beyond desktop environments to support mobile and multi-chain interactions.*\n- Agents can now run natively on Android devices via a new foreground service, significantly increasing the accessibility of our framework ([elizaos/eliza#7172](https://github.com/elizaos/eliza/pull/7172)).\n- We integrated support for seven different blockchain networks, enabling agents to perform payments and interact across multiple chains ([elizaos-plugins/registry#352](https://github.com/elizaos-plugins/registry/pull/352)).\n\n### Cross-Repository Coordination\n- **Unified Dependency Management**: The project utilized a centralized \"Dependency Dashboard\" ([#79](https://github.com/elizaos/elizaos.github.io/issues/79)) to synchronize major version upgrades across all repositories. This effort ensures that foundational changes, such as the move to TypeScript 6, are validated consistently across the entire framework.\n- **Architectural Decoupling**: Multiple repositories, including [elizaos/eliza](https://github.com/elizaos/eliza/pull/7204), [elizaos-plugins/plugin-anthropic](https://github.com/elizaos-plugins/plugin-anthropic/issues/7204), and [elizaos-plugins/plugin-telegram](https://github.com/elizaos-plugins/plugin-telegram/issues/7204), coordinated to decouple the agent server from specific applications. This creates a more modular \"plugin-lifecycle\" system, allowing developers to build and maintain plugins independently without tight coupling to the core.\n\n## Repository Spotlights\n\n### elizaos/eliza\n- Enabled native agent execution on Android devices ([elizaos/eliza#7172](https://github.com/elizaos/eliza/pull/7172)).\n- Decoupled the agent server from specific apps to improve modularity ([elizaos/eliza#7204](https://github.com/elizaos/eliza/pull/7204)).\n- Standardized event routing for platforms like Discord and Telegram to improve reliability ([elizaos/eliza#7116](https://github.com/elizaos/eliza/pull/7116)).\n\n### elizaos/cloud\n- Migrated the platform to a faster, more flexible architecture using Vite and Hono ([elizaos/cloud#484](https://github.com/elizaos/cloud/pull/484)).\n- Implemented new monetization tools to support organizational credit management and pay-as-you-go hosting ([elizaos/cloud#477](https://github.com/elizaos/cloud/pull/477)).\n- Switched to R2 storage for image generation to improve data management ([elizaos/cloud#489](https://github.com/elizaos/cloud/pull/489)).\n\n### elizaos-plugins/plugin-n8n-workflow\n- Added a \"safety net\" for credential management to ensure workflows remain secure and functional ([elizaos-plugins/plugin-n8n-workflow#21](https://github.com/elizaos-plugins/plugin-n8n-workflow/pull/21)).\n- Improved how agents handle runtime data and service selection to make them more deterministic ([elizaos-plugins/plugin-n8n-workflow#20](https://github.com/elizaos-plugins/plugin-n8n-workflow/pull/20)).\n\n### elizaos-plugins/registry\n- Added support for multi-chain payments, allowing agents to interact with seven different blockchain networks ([elizaos-plugins/registry#352](https://github.com/elizaos-plugins/registry/pull/352)).\n\n### elizaos-plugins/plugin-telegram\n- Optimized Telegram read-receipt logic to reduce processing overhead and improve performance ([elizaos-plugins/plugin-telegram#7009](https://github.com/elizaos-plugins/plugin-telegram/issues/7009)).\n- Cleaned up legacy code and import shims to streamline the plugin's architecture ([elizaos-plugins/plugin-telegram#7202](https://github.com/elizaos-plugins/plugin-telegram/issues/7202)).\n---\n2026-04-01.md\n---\nNo activity recorded for 2026-04-01.\n---\n{\n \"interval\": {\n \"intervalStart\": \"2026-05-01T00:00:00.000Z\",\n \"intervalEnd\": \"2026-06-01T00:00:00.000Z\",\n \"intervalType\": \"month\"\n },\n \"repository\": \"elizaos/eliza\",\n \"overview\": \"From 2026-05-01 to 2026-06-01, elizaos/eliza had 15 new PRs (22 merged), 9 new issues, and 7 active contributors.\",\n \"topIssues\": [\n {\n \"id\": \"I_kwDOMT5cIs8AAAABA4Rdow\",\n \"title\": \"build: dev-ui.mjs references `./claude-code-stealth.mjs` preload that doesn't exist on fresh clone\",\n \"author\": \"Sw4pIO\",\n \"number\": 7210,\n \"repository\": \"elizaos/eliza\",\n \"body\": \"## Summary\\n\\n`packages/app-core/scripts/dev-ui.mjs` declares `./claude-code-stealth.mjs` as a Bun `--preload` entry when the user has an Anthropic subscription, but **no build step generates that file** and **it isn't checked in**. The script's existence check (`existsSync(path.join(cwd, filePath))`) silently filters the missing file out of the preload list, so the stealth fetch interceptor never installs.\\n\\nThe interceptor is what prepends the Claude Code system prefix and identity headers (`anthropic-beta`, `user-agent: claude-cli/...`, `x-app: cli`) that Anthropic's API requires for OAuth subscription tokens. Without it, every `api.anthropic.com` request from a subscription user gets `401 Invalid authentication credentials` even though the token is valid and registered correctly.\\n\\nThe TypeScript source is at `packages/agent/src/auth/claude-code-stealth.ts` and exports `installClaudeCodeStealthFetchInterceptor()`, but the dev preload expects a different file at the **repo root**, named `.mjs`, that auto-runs on import.\\n\\n## Reproduction\\n\\nOn a fresh clone of any consumer repo (e.g. milady on `develop`):\\n\\n1. Sign in to an Anthropic subscription via `POST /api/subscription/anthropic/start` + `/exchange` so `~/.eliza/auth/anthropic-subscription.json` is written.\\n2. Manually enable `@elizaos/plugin-anthropic` in `~/./.json` (auto-enable refuses for subscription-only).\\n3. Set `ANTHROPIC_AUTH_MODE=oauth` and `CLAUDE_CODE_OAUTH_TOKEN=` in the runtime env.\\n4. `bun run dev`\\n5. Boot log shows:\\n ```\\n [milady] Stealth imports enabled: \\n ```\\n (notice \u2014 empty list because the file doesn't exist; it was silently filtered)\\n6. Send any chat message \u2192 backend retries 3\u00d7 with `AI_APICallError: Invalid authentication credentials` and surfaces the parse error to the user.\\n\\n## Diagnostic trail\\n\\n- `packages/app-core/scripts/dev-ui.mjs:785` declares the preload:\\n ```js\\n if (stealth.claude) nodeStealthImports.push(\\\"./claude-code-stealth.mjs\\\");\\n ```\\n- Then filters by existence:\\n ```js\\n const resolvedStealthImports = nodeStealthImports.filter((filePath) =>\\n existsSync(path.join(cwd, filePath)),\\n );\\n ```\\n- `find . -name claude-code-stealth.mjs -not -path '*/node_modules/*'` returns nothing on a fresh clone.\\n- The TS source exists at `packages/agent/src/auth/claude-code-stealth.ts` and exports `installClaudeCodeStealthFetchInterceptor()`. Nothing builds it into the expected location.\\n\\n## Suggested fix\\n\\nEither of:\\n\\n1. **Check in / generate the `.mjs`** at the repo root (or wherever `cwd` resolves to in `dev-ui.mjs`), with a self-installing call at the bottom. I verified locally that creating this file unblocks the Anthropic subscription auth path end-to-end (successful chat turns, zero 401s, model calls confirmed via `[stealth] \u2192anthropic` debug logs with `ELIZA_STEALTH_DEBUG=1`).\\n\\n2. **Fail loud instead of silent**: in `dev-ui.mjs`, when `stealth.claude === true` but the resolved preload file is missing, log a clear warning so users know what's wrong instead of chasing parse errors.\\n\\nBoth would help; (1) makes the feature work out of the box, (2) prevents the same multi-hour debug hunt for the next person.\\n\\n## Why this matters\\n\\nWithout the stealth interceptor, subscription auth is **completely non-functional** on the runtime side, which:\\n- Makes the `/api/subscription/anthropic/*` flow look broken (it works correctly, but the runtime that consumes its credentials can't actually use them).\\n- Forces users to either get a paid API key or sign up for Eliza Cloud \u2014 even though the codebase clearly intends to support direct subscription OAuth via the stealth path.\\n\\n## Environment\\n- bun 1.3.13\\n- eliza submodule HEAD: `4e650ca0ad`\\n- Discovered while booting milady on `develop`\",\n \"createdAt\": \"2026-04-29T22:09:53Z\",\n \"closedAt\": \"2026-05-01T20:04:54Z\",\n \"state\": \"CLOSED\",\n \"commentCount\": 1\n },\n {\n \"id\": \"I_kwDOMT5cIs8AAAABBDbGSw\",\n \"title\": \"plugin-sql runtime-migrator missing drizzle pgTable defs for entity_identities, entity_merge_candidates, fact_candidates\",\n \"author\": \"Sw4pIO\",\n \"number\": 7222,\n \"repository\": \"elizaos/eliza\",\n \"body\": \"## Summary\\n\\nThe abstract schema declarations at `packages/typescript/src/schemas/entity-identity.ts` declare three tables (`entity_identities`, `entity_merge_candidates`, `fact_candidates`) which are:\\n\\n- Exported through the schemas barrel (`packages/typescript/src/schemas/index.ts`)\\n- Actively queried by `packages/typescript/src/services/relationships.ts` and the `RELATIONSHIP_EXTRACTION` evaluator\\n- Referenced by the `RECENT_MESSAGES` provider and `longTermMemoryProvider`\\n\\nBut the corresponding **drizzle `pgTable` definitions in `plugins/plugin-sql/typescript/schema/` were never added**. The runtime-migrator (`plugins/plugin-sql/typescript/runtime-migrator/`) only emits `CREATE TABLE` from drizzle pgTables \u2014 it does not consume the abstract `SchemaTable` definitions \u2014 so on every fresh PGLite boot, these three tables silently never get created.\\n\\n## Symptoms\\n\\nOn every chat turn the runtime emits 5+ errors per message:\\n\\n```\\nError #agent:Chen [AGENT] Provider failed during state composition (provider=RECENT_MESSAGES,\\n error=Failed query: SELECT entity_id, platform, handle\\n FROM entity_identities\\n WHERE agent_id = '' AND entity_id IN ('')\\n params: )\\n\\nError [PROVIDER:MEMORY] Error in longTermMemoryProvider (err=Failed query: SELECT entity_id, platform, handle FROM entity_identities ...)\\n\\nError [EVALUATOR:MEMORY] Error during long-term memory extraction (err=Failed query: ...)\\n```\\n\\nThe agent still appears to respond, but the prompt is composed from a half-empty state (no recent messages, no entity facts, no long-term memory), so:\\n\\n- The model receives essentially an empty user message\\n- It replies \\\"I don't see a specific user message \u2014 could you provide...\\\"\\n- The structured-output parser fails to find required XML tags\\n- 3\u00d7 retries, all empty\\n- Surfaces to the user as: `I hit an internal parsing error while preparing the reply. Reason: No structured output could be parsed from the model response.`\\n\\nThis makes chat **completely unusable** on a fresh PGLite database.\\n\\n## Reproduction\\n\\n1. Fresh clone of any consumer (e.g. milady on `develop` or `alice` post-PR#105)\\n2. `bun install && bun run dev`\\n3. Complete onboarding, send any chat message\\n4. Boot log: `[PLUGIN:SQL] Executing SQL statements (pluginName=@elizaos/plugin-sql, statementCount=83)`\\n5. Subsequent chat turns: continuous `Failed query: SELECT entity_id, platform, handle FROM entity_identities ...` errors\\n\\n## Diagnostic trail\\n\\n- Schema declared: `packages/typescript/src/schemas/entity-identity.ts:13` (`entityIdentitySchema`), `:134` (`entityMergeCandidateSchema`), `:243` (`factCandidateSchema`)\\n- Schema exported: `packages/typescript/src/schemas/index.ts:28-31, :61-65`\\n- Service consuming: `packages/typescript/src/services/relationships.ts:347` (and many more), with `entity_identities` referenced 30+ times in that file alone\\n- Drizzle schema directory listing (`plugins/plugin-sql/typescript/schema/`): contains 25 schema files for agent, cache, channel, channelParticipant, component, embedding, entity, log, longTermMemories, memory, memoryAccessLogs, message, messageServer, messageServerAgent, pairingAllowlist, pairingRequest, participant, relationship, room, server, sessionSummaries, tasks, world. **Three tables missing: `entityIdentity`, `entityMergeCandidate`, `factCandidate`.**\\n\\n## Fix\\n\\nAdd `plugins/plugin-sql/typescript/schema/entityIdentity.ts` mirroring all three abstract schemas as drizzle `pgTable` definitions, including:\\n\\n- All columns with their types/defaults/notNull constraints (matches `entity-identity.ts` column-for-column)\\n- All indexes (`idx_entity_identities_entity`, `idx_entity_identities_platform_handle`, `idx_entity_merge_candidates_status`, `idx_entity_merge_candidates_pair`, `idx_fact_candidates_status`, `idx_fact_candidates_entity`)\\n- All foreign keys to `entities` and `agents` with `onDelete: \\\"cascade\\\"` (6 FKs total)\\n- Unique constraint `unique_entity_identity` on `(entity_id, platform, handle, agent_id)` for `entity_identities`\\n\\nThen export from `schema/index.ts`.\\n\\nI verified the fix locally: statement count goes from **83 \u2192 99** on next migration (3 tables + 6 indexes + 6 FKs + 1 unique = 16 new statements). Zero `entity_identities` query failures during chat after the fix. State composition succeeds, `RELATIONSHIP_EXTRACTION` evaluator completes without errors.\\n\\nI have a working diff \u2014 happy to PR.\\n\\n## Why this slipped through\\n\\nThe abstract `SchemaTable` shape and drizzle `pgTable` definitions are two parallel schema sources of truth that drifted apart. The migration generator only reads drizzle, so adding a new abstract schema produces no warning at build time, no runtime check at boot, and no error until application code actually queries the missing table \u2014 which can be far later in the user journey (after onboarding, on first chat).\\n\\nWorth considering: a sanity check at plugin-sql init that verifies every name in the abstract schemas barrel has a corresponding drizzle pgTable in the runtime-migrator's schema set, and warns/errors loudly otherwise. Would have caught this immediately.\\n\\n## Environment\\n\\n- `bun 1.3.13`\\n- `node \u2265 22`\\n- PGLite (via `@elizaos/plugin-sql` runtime-migrator)\\n- Discovered booting milady on alice (eliza submodule pinned at `05c636c004bf8c59e1b698ae755bdddfc7431ed5`)\",\n \"createdAt\": \"2026-05-01T17:09:58Z\",\n \"closedAt\": \"2026-05-01T20:04:44Z\",\n \"state\": \"CLOSED\",\n \"commentCount\": 1\n },\n {\n \"id\": \"I_kwDOMT5cIs8AAAABA8f7-w\",\n \"title\": \"Add SwarmScore \u2014 Portable Trust Rating for AI Agents\",\n \"author\": \"bkauto3\",\n \"number\": 7213,\n \"repository\": \"elizaos/eliza\",\n \"body\": \"## SwarmScore \u2014 Portable Reputation for AI Agents\\n\\nHi! I'm reaching out because this repo looks like an autonomous agent or agent framework that could benefit from SwarmScore.\\n\\n**What is SwarmScore?**\\nSwarmScore is a portable trust rating built from verified execution history \u2014 volume, success rate, and consistency. It's cryptographically signed so it can travel with your agent across marketplaces and registries without restarting from zero.\\n\\nThe score is *not* self-reported. It's built downstream of real verified outcomes: `80 jobs at 95% beats 1 job at 100%`.\\n\\n---\\n\\n**For AI agents \u2014 ingest SwarmScore in one call:**\\n\\n```\\nGET https://api.swarmsync.ai/v1/swarmscore/load-by-slug/{your-slug}\\n```\\n\\nReturns: public passport, signed certificate, verify payload, and discovery URLs.\\n\\nTo confirm freshness of any score:\\n```\\nGET https://api.swarmsync.ai/v1/swarmscore/verify\\n```\\n\\n**Discovery manifest** (machine-readable, for agent-to-agent lookup):\\n```\\nhttps://api.swarmsync.ai/.well-known/agent-card.json\\n```\\n\\n---\\n\\n**For platform builders \u2014 add trust to your agent listings:**\\n\\n```\\nPOST https://api.swarmsync.ai/v1/swarmscore/keys/enable\\n```\\n(Requires authenticated SwarmSync platform account \u2014 provisions the integration key pack.)\\n\\n**4-step quickstart:**\\n1. Display the returned SwarmScore tier and value in your agent listing UI\\n2. Persist the signed certificate for offline or delayed re-verification\\n3. Replay the verify payload against `/v1/swarmscore/verify` to confirm freshness\\n4. Use the machine-readable agent card to advertise SwarmScore support to other agents and registries\\n\\n---\\n\\n**Add the badge to your README:**\\n\\n```markdown\\n[![SwarmScore](https://img.shields.io/badge/SwarmScore-Get%20Verified-blue)](https://swarmsync.ai/enable-swarmscore)\\n```\\n\\n---\\n\\n**SDKs:**\\n- `npm install @swarmsync/mcp-server` \u2014 MCP server\\n- `npm install @swarmsync/langchain-tools` \u2014 LangChain\\n- `npm install @swarmsync/crewai-tools` \u2014 CrewAI\\n- Composio (91 tools): https://docs.composio.dev/tools/swarmsyncai\\n- MCP Registry: https://mcpservers.org/servers/api-swarmsync-ai-mcp\\n\\n**Spec & docs:** https://swarmsync.ai/docs/protocol-specs/swarmscore\\n**GitHub spec:** https://github.com/swarmsync-ai/swarmscore-spec\\n\\n---\\n*SwarmSync.AI \u2014 infrastructure for AI agent commerce. AP2 escrow + SwarmScore trust + SkillProof verification.*\\n*https://swarmsync.ai*\\n\",\n \"createdAt\": \"2026-04-30T13:17:49Z\",\n \"closedAt\": \"2026-05-01T03:53:45Z\",\n \"state\": \"CLOSED\",\n \"commentCount\": 0\n },\n {\n \"id\": \"I_kwDOMT5cIs8AAAABA40oEA\",\n \"title\": \"Hive Civilization \u2014 character-callable x402 services for Eliza (notification)\",\n \"author\": \"srotzin\",\n \"number\": 7211,\n \"repository\": \"elizaos/eliza\",\n \"body\": \"Notification post \u2014 Hive Civilization runs 52 x402-wired services on Base mainnet (treasury 0x15184bf50b3d3f52b60434f8942b7d52f2eb436e, USDC settlement, x402 spec from coinbase/x402).\\n\\nWhy it's relevant to elizaOS:\\n\\n- Eliza characters can call Hive evaluator, classifier, summarizer, kycOracle, riskScorer, and 47 other services as paid actions with on-chain USDC settlement.\\n- Each character can have its own Base wallet and operate autonomously with per-call payment.\\n- Discovery is free.\\n\\nTwo open PRs adopting the same pattern on neighboring SDKs:\\n- coinbase/agentkit#1157 \u2014 HiveActionProvider\\n- goat-sdk/goat#575 \u2014 @goat-sdk/plugin-hive\\n\\nHappy to PR an `eliza-plugin-hive` package following Eliza plugin conventions, or any shape the team prefers. Partner posture.\\n\\n41 public MCP shims at github.com/srotzin (all v1.0.0). 51 entries on Anthropic MCP Registry. MEV leaderboard: https://hive-a2amev.onrender.com/leaderboard. Spectral receipt: rcpt_76fceca973da4ec0.\\n\\nSteve Rotzin, Hive\\ngithub.com/srotzin\",\n \"createdAt\": \"2026-04-30T00:39:14Z\",\n \"closedAt\": \"2026-05-01T03:53:53Z\",\n \"state\": \"CLOSED\",\n \"commentCount\": 0\n },\n {\n \"id\": \"I_kwDOMT5cIs8AAAABBHeRuA\",\n \"title\": \"telegram: milady wrapper + @elizaos/plugin-telegram both poll the same bot \u2014 race causes silent message loss\",\n \"author\": \"Sw4pIO\",\n \"number\": 7245,\n \"repository\": \"elizaos/eliza\",\n \"body\": \"## Summary\\n\\nTwo independent Telegraf consumers run against the same bot token concurrently:\\n\\n1. **`@elizaos/plugin-telegram`** \u2014 auto-enabled when `connectors.telegram.enabled === true`. Spawns its own Telegraf instance and starts long-polling.\\n2. **milady's standalone wrapper** at `packages/app-core/src/runtime/eliza.ts:534` (function `ensureTelegramBotPolling`) \u2014 spawns a *second* Telegraf instance with the same token, calls `bot.startPolling()`.\\n\\nTelegram's `getUpdates` long-poll API delivers each update to **exactly one consumer**. Whichever long-poll wins the race for a given message gets it; the other sees nothing. Updates routed to the upstream plugin go through elizaOS message handling \u2014 which on milady is not wired to a Telegram-channel-aware agent \u2014 and silently drop. Updates routed to milady's wrapper go through `useModel` directly and reply correctly.\\n\\nEnd result: **every other Telegram message (roughly) gets dropped silently**. From the user's perspective, the bot replies sometimes, ignores others.\\n\\n## Why both exist\\n\\nThe wrapper was added with this comment (`packages/app-core/src/runtime/eliza.ts:531-533`):\\n\\n> *\\\"Ensure Telegram bot is polling. The upstream plugin's `bot.launch()` is not awaited and silently fails on bun/Windows. We create a standalone Telegraf instance with proper lifecycle management.\\\"*\\n\\nSo milady spawns its own Telegraf to work around #7241 (Bun + Telegraf 4.16.3 `launch()` readonly-property bug). But it never disables the upstream plugin to avoid the duplicate poller.\\n\\n## Symptoms\\n\\n- Inconsistent: bot replies to ~50% of messages, ignores the rest.\\n- Logs show `[milady] Telegram bot polling started` AND `[PLUGIN:TELEGRAM] Starting Telegram bot` on boot.\\n- `curl https://api.telegram.org/bot/getUpdates` returns empty (something *did* consume them) but no `[milady] Telegram message from @user: ...` log entry for the dropped messages.\\n\\n## Reproduction\\n\\n1. Fresh milady, telegram connector enabled with a valid bot token.\\n2. `bun run dev` \u2014 both pollers start.\\n3. From a Telegram client, DM the bot 5 messages back to back.\\n4. ~2-3 will get a reply, ~2-3 will be silently dropped depending on which poller wins each `getUpdates` race.\\n\\n## Workaround (verified locally)\\n\\nDisable the upstream plugin so milady's wrapper is the only consumer:\\n\\n```json\\n// ~/.milady/milady.json\\n{\\n \\\"plugins\\\": {\\n \\\"entries\\\": {\\n \\\"@elizaos/plugin-telegram\\\": { \\\"enabled\\\": false },\\n \\\"telegram\\\": { \\\"enabled\\\": false }\\n }\\n },\\n \\\"connectors\\\": {\\n \\\"telegram\\\": { \\\"enabled\\\": false /* still want the bot active */ }\\n }\\n}\\n```\\n\\nAfter restart: only one Telegraf polls, every inbound message routes through milady's wrapper, every message gets a reply. Verified with 4 back-to-back messages \u2014 4 logged inbound, 4 logged replies.\\n\\n## Suggested fix\\n\\nTwo paths:\\n\\n1. **Mutually exclusive at config time.** When milady spawns its own wrapper (`ensureTelegramBotPolling`), it should also force-disable the upstream `@elizaos/plugin-telegram` and the `connectors.telegram` auto-enable. One owner per bot token, no exceptions.\\n\\n2. **Remove the wrapper, fix the upstream plugin.** Address the `launch()` Bun bug at the source (#7241). Then the wrapper becomes unnecessary and `@elizaos/plugin-telegram` is the single source of truth.\\n\\nOption 2 is the cleaner architectural fix. Option 1 is the right tactical fix until the upstream Bun issue is resolved. Either way, the current \\\"both run, hope for the best\\\" state is not OK because **silent message loss looks like working software** to the user.\\n\\n## Why this matters\\n\\nCombined with #7240 (token bridge bug) and #7241 (Telegraf launch bug), the Telegram setup path is currently unable to deliver \\\"I sent 5 messages and got 5 replies\\\" reliably out of the box. Even with the user's token correctly bridged into the env and the launch bug worked around, the dual-poller race means inconsistent delivery \u2014 a user-facing failure mode that's nearly impossible to diagnose without log access.\\n\\n## Environment\\n\\n- bun 1.3.13\\n- telegraf 4.16.3\\n- @elizaos/plugin-telegram (current alice submodule pin)\\n- milady on `alice` (PR #105 sync)\",\n \"createdAt\": \"2026-05-02T20:12:34Z\",\n \"closedAt\": null,\n \"state\": \"OPEN\",\n \"commentCount\": 0\n }\n ],\n \"topPRs\": [\n {\n \"id\": \"PR_kwDOMT5cIs7XooKA\",\n \"title\": \"chore: add cloud and plugins, remove rust and python\",\n \"author\": \"lalalune\",\n \"number\": 7235,\n \"body\": \"This PR simplifies and consolidates\",\n \"repository\": \"elizaos/eliza\",\n \"createdAt\": \"2026-05-02T11:46:07Z\",\n \"mergedAt\": null,\n \"additions\": 1352793,\n \"deletions\": 248889\n },\n {\n \"id\": \"PR_kwDOMT5cIs7WsOJC\",\n \"title\": \"feat(vault): @elizaos/vault \u2014 cross-platform secrets vault + Settings UI integration\",\n \"author\": \"Dexploarer\",\n \"number\": 7197,\n \"body\": \"# Relates to\\n\\nThis is the upstream-targeting twin of milady-ai/eliza#6. The vault feature originated in the Milady fork; this PR lands the upstream-relevant slice on `elizaOS/eliza:develop`.\\n\\n# Risks\\n\\n**Low.** The vault is an additive workspace package; the runtime + Settings UI integration is a write-through mirror over the existing `config.env.X` storage path, so disabling it is a one-line change in `plugins-compat-routes.ts` (`mirrorPluginSensitiveToVault` \u2192 no-op). Cross-platform secret-service behaviour is exercised by a new dedicated CI workflow (macOS Keychain / Windows Credential Manager / Linux libsecret) so the headline portability claim is verifiable on every PR. The legacy `config.env.X` write path is unchanged \u2014 even if every vault call failed, plugin saves would still persist.\\n\\n# Background\\n\\n## What does this PR do?\\n\\nAdds **`@elizaos/vault`** \u2014 a cross-platform secrets/config vault \u2014 and wires it into the agent runtime + Settings UI so the existing \\\"save my OpenAI key\\\" flow stops storing plaintext in `config.env` and starts encrypting at rest with a key from the OS keychain.\\n\\n### `@elizaos/vault` (new package, `packages/vault/`)\\n\\n- **Encryption-at-rest** with AES-256-GCM, secret-id-as-AAD (so a leaked ciphertext can't be replayed against a different key).\\n- **Master key in the OS keychain by default** \u2014 macOS Keychain, Windows Credential Manager, Linux Secret Service via `@napi-rs/keyring`.\\n- **Headless fallback**: `passphraseMasterKey()` / `passphraseMasterKeyFromEnv(\\\"MILADY_VAULT_PASSPHRASE\\\")` derives the master key with `scrypt` for Linux servers and CI without a Secret Service agent.\\n- `defaultMasterKey()` chains keychain \u2192 passphrase \u2192 throws `MasterKeyUnavailableError` whose message names every remediation path.\\n- **One API for sensitive and non-sensitive config** \u2014 `vault.set(key, value, { sensitive: true })` vs `vault.set(key, value)`.\\n- **Password-manager references are first-class** \u2014 values can live in 1Password / Proton Pass / Bitwarden, the vault stores only the resolver reference.\\n- **`SecretsManager`** layer routes per-key writes/reads to the user-selected backend (`in-house`, `1password`, `bitwarden`, `protonpass`), with detection + preferences API at `/api/secrets/manager/{backends,preferences}`.\\n- **Audit log** at `audit/vault.jsonl` per write.\\n- **Testing harness** (`@elizaos/vault/testing#createTestVault`) that produces a vault wired to an in-memory master key for downstream tests.\\n\\n### Runtime + Settings UI integration\\n\\n- **Write-through mirror in `/api/plugins/:id` PUT**: when a sensitive plugin field is saved, the value is mirrored into the vault (encrypted at rest) on top of the existing `config.env.X` write. Mirror failures are surfaced to the UI under `vaultMirrorFailures` rather than silently swallowed.\\n- **Vault-first reveal**: `POST /api/plugins/:id/reveal` consults `sharedVault().get(key)` before falling back to `process.env` / `config.env`, so a freshly-saved key is the value the user sees.\\n- **Per-process cached `sharedVault()`** so concurrent saves share `VaultImpl.mutate()`'s mutex; a per-request `createVault()` would race and silently lose entries.\\n- **Broader credential heuristic** \u2014 `pickPrimaryCredentialParam()` walks a priority-ordered regex list (`API_KEY` \u2192 `API_TOKEN` \u2192 `BOT_TOKEN` \u2192 `ACCESS_TOKEN` \u2192 `SECRET_KEY` \u2192 `PRIVATE_KEY` \u2192 `CLIENT_SECRET`) instead of only matching `*_API_KEY$`, with an explicit fallback to the first sensitive parameter. Closes the bug where typing a model field before the API-key field caused `Object.values(config).find()` to pick up the model slug; also fixes connectors whose primary credential is a bot token / private key / client secret.\\n- **Settings UI** \u2014 `SecretsManagerSection` + `ApiKeyConfig` with inline prefix validation and validation warnings, keyboard shortcut `\u2318\u2325\u2303V` (Mac) / `Ctrl+Alt+Shift+V` (Win/Linux), global modal mount, application menu accelerator.\\n- **Cloud disconnect orphan-route patch**: `/api/cloud/disconnect` now nulls every routed service (`llmText`, `tts`, `media`, `embeddings`, `rpc`) instead of just `llmText`, so disconnect doesn't leave silently-401'ing voice/image/embedding features routed at the dead `cloud-proxy \u2192 elizacloud`. Plus `linkedAccounts.elizacloud.status=\\\"unlinked\\\"` to prevent the in-memory state from overwriting the canonical unlinked state on next `saveElizaConfig`.\\n\\n### Runtime-ops \u00d7 vault\\n\\n- `ProviderSwitchIntent.apiKeyRef` replaces plaintext `apiKey` end-to-end. The provider-switch route writes the vault entry, persists only the reference, and resolves through the vault when the runtime reload-hot needs the key.\\n- Legacy ops with plaintext `apiKey` are auto-migrated to `apiKeyRef` on hydrate.\\n- Repository pruning suite (retention, cap, idempotency, hydrate; 6 tests).\\n- A `simplify` pass that dedupes utility code, removes ghost phases, and consolidates state.\\n\\n## What kind of change is this?\\n\\n**Features** \u2014 non-breaking. `@elizaos/vault` is new. The runtime/Settings wiring is additive on top of the existing config-write path, controlled by feature presence rather than a flag. The provider-switch `apiKeyRef` replaces `apiKey` but a hydrate-time migration upgrades legacy ops in place.\\n\\n# Documentation changes needed?\\n\\nMy changes do not require a change to the project documentation. New package documentation lives inline in `packages/vault/README.md` and the public API surface is documented via TSDoc. The Settings UI changes are user-facing but match the existing settings pattern.\\n\\n# Testing\\n\\n## Where should a reviewer start?\\n\\n1. **`packages/vault/`** \u2014 start with `src/vault.ts` (the public API), then `src/master-key.ts` (the keychain/passphrase chain), then `src/manager.ts` (the multi-backend router). Tests in `test/{vault,master-key,manager,store,envelope,references,keyring}.test.ts` exercise every public path; `test/master-key.test.ts` covers the headless-fallback chain explicitly.\\n2. **`packages/app-core/src/services/vault-mirror.ts`** + `packages/app-core/src/services/vault-mirror.test.ts` \u2014 the write-through mirror is small, isolated, and has a focused test that includes failure-collection and a source-text guard for the vault-first reveal ordering.\\n3. **`packages/app-core/src/api/plugins-compat-routes.ts`** \u2014 the `PUT /api/plugins/:id` handler and `/reveal` route, where the vault wiring sits next to the existing legacy code path.\\n4. **`packages/agent/src/runtime/operations/`** \u2014 `vault-bridge.ts`, `vault-integration.test.ts`, and `health.test.ts` show the `apiKeyRef` migration. The 22-case integration suite is the strongest evidence that the runtime path keeps working.\\n\\n## Detailed testing steps\\n\\nAutomated tests are acceptable.\\n\\n- **Vault unit suite (cross-platform)**: `bun run --cwd packages/vault test` \u2014 64 tests covering vault, master-key (incl. passphrase fallback), manager, store, envelope, references, keyring round-trips. The new `vault-ci` workflow runs this matrix on `ubuntu-latest`, `macos-latest`, `windows-latest` so the OS-keychain claim is checked on every PR.\\n- **App-core wiring suite**: `bun run --cwd packages/app-core test` \u2014 37 wiring tests (vault-mirror unit + source-text guards, secrets-manager-routes integration via real `http.Server`, usePluginsSkillsState heuristic priority list, useSecretsManagerShortcut Mac/Win/Linux chord matching, server.cloud-disconnect orphan-route guard).\\n- **Runtime-ops vault integration**: 22 cases in `packages/agent/src/runtime/operations/vault-integration.test.ts` proving the `apiKeyRef` path works end-to-end.\\n- **End-to-end save-flow**: `provider-switch-routes.e2e.test.ts` stands up a real `http.Server` and exercises Settings PUT \u2192 mirror \u2192 reveal \u2192 provider switch against an in-memory vault.\\n- **Cross-platform CI**: the new `vault-ci` workflow (`.github/workflows/vault-ci.yaml`) runs the vault suite on macOS / Linux / Windows runners; an `app-core-wiring` job runs the wiring tests on `ubuntu-latest` with proto generation as a prerequisite.\\n\\n### Manual smoke (UI)\\n\\n1. Open the desktop app \u2192 **Settings \u2192 Plugins \u2192 OpenAI** (or any AI provider).\\n2. Enter an API key, save.\\n3. The plugin row should turn green and reload the agent. Open `~/.milady/vault.json` \u2014 the value is encrypted; the OS keychain holds the master key under `service: \\\"milady\\\"`, `account: \\\"vault.masterKey\\\"`.\\n4. Open the **Secrets Vault** modal via `\u2318\u2325\u2303V` (or **Edit \u2192 Secrets Vault** menu). Switch the routing for `OPENAI_API_KEY` to a different backend, save. Subsequent reveals fetch from the new backend.\\n\\n## Deploy notes\\n\\n- **`@elizaos/vault` is a new workspace package** \u2014 `bun install` at the repo root picks it up; nothing extra to do.\\n- **No database changes.**\\n- **No breaking changes** to existing config files. Legacy `config.env.X` writes still happen alongside the vault mirror; vault values shadow `process.env` only in the reveal path. The `apiKeyRef` migration on the runtime-ops side is in-place on hydrate (no operator action required).\\n\\n---\\n\\n\ud83e\udd16 Generated with [Claude Code](https://claude.com/claude-code)\\n\",\n \"repository\": \"elizaos/eliza\",\n \"createdAt\": \"2026-04-29T11:25:51Z\",\n \"mergedAt\": \"2026-05-01T03:12:42Z\",\n \"additions\": 22472,\n \"deletions\": 677\n },\n {\n \"id\": \"PR_kwDOMT5cIs7XE9HC\",\n \"title\": \"feat(self-hosted): CORS + bearer auth + cross-platform build fixes\",\n \"author\": \"NubsCarson\",\n \"number\": 7212,\n \"body\": \"# Relates to\\n\\nSelf-hosting cross-platform connectivity. The runtime now serves browser dashboards over HTTPS at a custom domain, App Store-style mobile builds (Capacitor), and Electrobun desktop builds \u2014 all routed through a remote agent via the existing `RuntimeGate` \\\"Remote\\\" picker.\\n\\n# Risks\\n\\n**Medium.** Touches CORS allowlist, `/api/auth/me` response shape, the Electrobun build pipeline, and runtime branding defaults. Verified on Linux (VPS), Windows 11 desktop (Electrobun), and Android (Capacitor on a physical Samsung phone). All test files for the new behavior land in this PR.\\n\\n# Background\\n\\n## What does this PR do?\\n\\n**Self-hosted browser + mobile auth**\\n\\n- `server-cors.ts`: new `ELIZA_ALLOWED_ORIGINS` env adds operator-allowed hosts (e.g. `https://bot.example.com`) to the CORS allowlist; built-in Capacitor / Ionic WebView origins (`capacitor://localhost`, `ionic://localhost`, `https://localhost`) so App Store / Play Store mobile builds reach any self-hosted bot without per-operator config; `originString()` helper compares protocol+host (URL.origin returns \\\"null\\\" for non-special schemes like `capacitor:`)\\n- `auth-session-routes.ts`: `/api/auth/me` accepts legacy bearer; returns synthetic `kind: \\\"machine\\\"` identity when no owner is configured (was incorrectly `kind: \\\"owner\\\"` in earlier draft)\\n- `auth-pairing-compat-routes.ts`: `/api/auth/status` adds explicit `authenticated` field so clients can short-circuit pairing without overloading `required`\\n- `csrf-client.ts`: `fetchWithCsrf` now layers cookie+CSRF + bearer-from-`getBootConfig()` in one place; old per-call bearer wiring removed\\n- `client-base.ts`: `setToken()` mirrors to `__ELIZAOS_API_TOKEN__` / `__ELIZA_API_TOKEN__` window globals so the Capacitor `@elizaos/capacitor-agent` web fallback authenticates after RuntimeGate remote-connect; parallels existing `setBaseUrl()` mirror\\n- `client-agent.ts`: `getAuthStatus()` typed `authenticated?: boolean`\\n- `startup-phase-poll/restore/runtime.ts`: a transient 401 with a token set is treated as retry, not as a token-wipe-and-show-pairing event. Removes desktop/non-desktop branch since the new behavior is correct on both\\n- `App.tsx`, `ChatView.tsx`, `state/persistence.ts`: 6 raw `/api/*` fetch sites converted to `fetchWithCsrf` so they pick up the bearer on self-hosted browsers and Capacitor builds\\n- `RuntimeGate.tsx`: `onInput` + `onBlur` handlers on Remote-connect inputs (Capacitor WebView's `onChange` is unreliable on programmatic paste); `splash-bg.jpg` \u2192 `splash-bg.png` (wrong extension was 404); removed placeholder onboarding hero images (text-only cards until artwork exists)\\n- mobile: safe-area inset padding on root container\\n\\n**Build infra**\\n\\n- `package.json` workspaces: added `packages/app-core/platforms/*` so `desktop-build.mjs`'s nested `bun install` resolves `@elizaos/shared@workspace:*` (was failing on Windows because bun's upward walk stopped at `eliza/package.json`)\\n- `desktop-build.mjs`: `embedWindowsIcons()` post-build using local rcedit (electrobun@1.16.0's bundled rcedit references a `D:\\\\` CI path that doesn't exist on dev machines); cross-platform rcedit lookup via `fs.existsSync` instead of Unix `find`\\n- `electrobun.config.ts`: removed duplicate null-coalesce on `ELIZA_APP_NAME`; copies `brand-config.json` into the build output\\n- `brand-config.json`: ships **elizaOS defaults** (`appName: \\\"elizaOS\\\"`, `appId: \\\"ai.elizaos.app\\\"`, etc.); downstream wrappers override at build time via `ELIZA_APP_NAME` / `ELIZA_APP_ID` / `ELIZA_NAMESPACE` env vars, which `brand-config.ts`'s resolver checks before the JSON fallback\\n- `variables.gradle` template: added `mavenCentralMirrorUrl` (16 native plugin `build.gradle` files referenced this; template never defined it, so `cap sync` regenerated a broken file every run)\\n\\n**Cross-package imports for packaged builds**\\n\\n- `plugin-lifecycle.ts`: import `resolveActionContexts` / `resolveProviderContexts` from `@elizaos/core` instead of cross-package relative TS paths (broke when tsdown tree-shook them out of the dist)\\n- `experience-routes.ts`: inlined `ExperienceType` / `OutcomeType` enums (same tree-shaking issue)\\n- `registry/index.ts`: graceful warn-and-continue when `entries/` directories are missing in packaged builds\\n\\n## What kind of change is this?\\n\\nBug fixes (CORS preflight blocking Capacitor, broken Windows desktop build, packaged-build crashes, `/api/auth/me` returning wrong identity kind) and Features (self-hosted browser/mobile auth flow, build-time branding via env, ELIZA_ALLOWED_ORIGINS env).\\n\\n# Documentation changes needed?\\n\\nNo upstream docs need to change. Operator-facing env var (`ELIZA_ALLOWED_ORIGINS`) is documented inline.\\n\\n# Testing\\n\\n## Where should a reviewer start?\\n\\n- Server changes: `packages/app-core/src/api/server-cors.ts` and the new test `packages/app-core/src/api/server-cors.test.ts`\\n- Auth shape: `packages/app-core/src/api/auth-session-routes.ts` (synthetic-machine bearer path)\\n- Bearer plumbing: `packages/app-core/src/api/csrf-client.ts` and the new test `csrf-client.test.ts`\\n- Setup-side: `packages/app-core/src/api/client-base.ts` (window-globals mirror) and the new test `client-base.test.ts`\\n\\n## Detailed testing steps\\n\\n**Unit (in this PR)**\\n\\n- `bun run test packages/app-core/src/api/server-cors.test.ts` \u2014 covers Capacitor scheme allowlist, `ELIZA_ALLOWED_ORIGINS` env, rejected origins, `originString` for non-special schemes\\n- `bun run test packages/app-core/src/api/csrf-client.test.ts` \u2014 covers bearer attachment from `getBootConfig`, no-overwrite of explicit Authorization, `x-milady-csrf` only on state-changing methods\\n- `bun run test packages/app-core/src/api/client-base.test.ts` \u2014 covers `setToken` mirror to window globals + clear on null\\n\\n**Manual**\\n\\n- VPS (Linux): browser at `https://bot./#token=` \u2192 lands on chat directly, token persists in localStorage, second visit no fragment still authenticates\\n- Windows 11: `bun run dev:desktop` \u2192 Electrobun window \u2192 Remote \u2192 enter `https://bot.` + token \u2192 connect \u2192 chat works; `bun run build:desktop` succeeds and installer launches\\n- Android (Capacitor on a physical Samsung phone): `npx cap open android` \u2192 Run \u2192 onboarding \u2192 Remote \u2192 enter URL + token \u2192 connect \u2192 chat works; webhook + Discord reply roundtrip verified\\n\\n# Known limitations\\n\\n- CEF window title bar icon on Windows: Electrobun upstream hasn't implemented `WM_SETICON` for CEF windows. Out of scope.\\n- electrobun@1.16.0 tar extraction references a `D:\\\\` CI path on Windows. Worked around with the `embedWindowsIcons()` post-build step in this PR; remove when Electrobun lands a fix.\\n- The Windows-only typecheck noise from duplicate `drizzle-orm` versions (`auth-store.ts`) is a pre-existing transitive-dep dedup quirk, not caused by this PR. Left alone.\\n\\n\\n\\n

Greptile Summary

\\n\\nThis PR wires self-hosted browser, Capacitor mobile, and Electrobun desktop builds into the existing RuntimeGate \\\"Remote\\\" flow: CORS is extended to Capacitor WebView origins and operator-configured `ELIZA_ALLOWED_ORIGINS`, `fetchWithCsrf` auto-attaches Bearer tokens, `/api/auth/me` gains a bearer-only identity path, and the desktop-only 401-retry branch is unified across platforms. Build infrastructure fixes cover Windows icon embedding, duplicate null-coalesces in `electrobun.config.ts`, and a missing `mavenCentralMirrorUrl` in `variables.gradle`.\\n\\n

Confidence Score: 4/5

\\n\\nSafe to merge with awareness of two P2 edge cases in the 401/token-stale path.\\n\\nNo P0 or P1 findings beyond what was already raised in prior review threads. Three P2s: stale remote token persisting onto local connections via the removed setToken(null), a misleading no-op 'retry' comment in the outer-catch 401 block, and https://localhost being unconditionally CORS-allowed rather than Capacitor-scoped. All three are edge-case or documentation-level concerns.\\n\\npackages/app-core/src/state/startup-phase-restore.ts and packages/app-core/src/state/startup-phase-poll.ts (outer-catch 401 block) warrant a second look for the stale-token + silent-retry interaction.\\n\\n

Important Files Changed

\\n\\n\\n\\n\\n| Filename | Overview |\\n|----------|----------|\\n| packages/app-core/src/api/server-cors.ts | Adds CAPACITOR_WEBVIEW_ORIGINS hardlist and ELIZA_ALLOWED_ORIGINS env parsing; https://localhost allowed unconditionally which is slightly broader than Capacitor-only. |\\n| packages/app-core/src/state/startup-phase-poll.ts | Collapses desktop/non-desktop 401 handling into a unified retry; outer-catch 401 block is an empty no-op with a misleading comment; adds !auth.authenticated to pairing gate. |\\n| packages/app-core/src/state/startup-phase-restore.ts | Removes setToken(null) for local connection restores; stale remote token can persist and be forwarded to the local agent by fetchWithCsrf's new auto-bearer logic. |\\n| packages/app-core/src/api/csrf-client.ts | Adds automatic Bearer injection from getBootConfig(); preserves explicit Authorization header; CSRF header still only on state-changing methods. Clean. |\\n| packages/app-core/src/api/auth-session-routes.ts | Adds bearer-only path to /api/auth/me: returns real owner identity or synthetic machine identity when no owner is configured. Correct kind field. |\\n| packages/app-core/src/api/auth-pairing-compat-routes.ts | Adds explicit authenticated field to /api/auth/status response so clients can short-circuit pairing check. Uses existing tokenMatches for secure comparison. |\\n| packages/app-core/src/api/client-base.ts | setToken() now mirrors to window globals via setElizaApiToken/clearElizaApiToken for Capacitor web fallback. Parallels existing setBaseUrl() pattern. |\\n| packages/app-core/src/api/server.ts | Swaps isAllowedLocalOrigin calls for isAllowedOrigin; passes corsAllowedPorts but not remoteOrigins (defaults to getCachedRemoteOrigins). Correct. |\\n| packages/agent/src/api/experience-routes.ts | Inlines ExperienceType/OutcomeType enums to work around tree-shaking; risk of silent drift from upstream source-of-truth (flagged in previous thread). |\\n| packages/app-core/scripts/desktop-build.mjs | Adds embedWindowsIcons() post-build step using locally resolved rcedit-x64.exe to work around Electrobun CI-path rcedit reference. Cross-platform safe. |\\n| packages/app-core/src/state/startup-phase-runtime.ts | Removes isElectrobunRuntime() branch; 401+hasToken now retries silently, matching the unified poll approach. Clean. |\\n| packages/app-core/src/components/shell/RuntimeGate.tsx | Adds onInput/onBlur handlers for Capacitor paste reliability, fixes splash-bg extension to .png, conditionally renders choice card images. |\\n| packages/app-core/src/registry/index.ts | Wraps readdirSync in try/catch to gracefully handle missing entries/ directories in packaged builds instead of crashing. |\\n\\n\\n\\n\\n\\n

Flowchart

\\n\\n```mermaid\\n%%{init: {'theme': 'neutral'}}%%\\nflowchart TD\\n A[Capacitor or Browser request] --> B{Origin in CORS allowlist?}\\n B -->|Capacitor WebView origins| C[Allow preflight]\\n B -->|ELIZA_ALLOWED_ORIGINS match| C\\n B -->|localhost on configured port| C\\n B -->|anything else| D[Reject]\\n\\n C --> E[fetchWithCsrf]\\n E --> F{API token in boot config?}\\n F -->|yes| G[Attach Authorization header]\\n F -->|no| H[Cookie-only mode]\\n G --> I[auth status endpoint]\\n H --> I\\n\\n I --> J{auth required?}\\n J -->|no| K[Proceed to app]\\n J -->|yes| L{authenticated and token stored?}\\n L -->|yes| K\\n L -->|no token stored| M[Show pairing UI]\\n L -->|token stored but invalid| N[Retry loop until deadline]\\n```\\n\\n\\n

Comments Outside Diff (1)

\\n\\n1. `packages/app-core/src/state/startup-phase-poll.ts`, line 187-201 ([link](https://github.com/elizaos/eliza/blob/539909338fd701a85f99441c03b750eccde6925e/packages/app-core/src/state/startup-phase-poll.ts#L187-L201)) \\n\\n \\\"P1\\\" **Invalid token silently times out instead of showing pairing UI**\\n\\n The `!client.hasToken()` guard means that when a stored token is *invalid* (`auth.authenticated === false`, `auth.required === true`, but `client.hasToken() === true`), this branch is never entered. Execution falls through to the backend connection loop, which receives 401s and retries until `deadline` is hit, after which the user sees a generic \\\"backend timeout\\\" error \u2014 never the pairing/re-auth UI.\\n\\n The old non-desktop path handled this explicitly: on a 401 with a token it cleared the token and dispatched `BACKEND_AUTH_REQUIRED`. That recovery path was removed here without a replacement for the invalid-token case. A minimal fix would drop the `!client.hasToken()` guard when the server has already confirmed the token is invalid:\\n\\n ```ts\\n // If the server says the token is bad, don't require \\\"no token\\\" to show pairing\\n if (auth.required && !auth.authenticated) {\\n if (auth.loginRequired) {\\n // ...existing loginRequired branch...\\n }\\n deps.setAuthRequired(true);\\n deps.setPairingEnabled(auth.pairingEnabled);\\n deps.setPairingExpiresAt(auth.expiresAt);\\n deps.setOnboardingLoading(false);\\n dispatch({ type: \\\"BACKEND_AUTH_REQUIRED\\\" });\\n return;\\n }\\n ```\\n
\\n\\n\\n\\nReviews (2): Last reviewed commit: [\\\"perf(server-cors): cache getAllowedRemot...\\\"](https://github.com/elizaos/eliza/commit/9ce7a62d77f9065d85560a4b61063c5278e37243) | [Re-trigger Greptile](https://app.greptile.com/api/retrigger?id=30313367)\\n\\n\",\n \"repository\": \"elizaos/eliza\",\n \"createdAt\": \"2026-04-30T11:20:43Z\",\n \"mergedAt\": \"2026-05-01T03:12:42Z\",\n \"additions\": 653,\n \"deletions\": 161\n },\n {\n \"id\": \"PR_kwDOMT5cIs7XlXyu\",\n \"title\": \"fix(vault, confidant): skip OS keychain on headless Linux to prevent native segfault on agent boot\",\n \"author\": \"NubsCarson\",\n \"number\": 7230,\n \"body\": \"## What this fixes\\n\\nAgent runtime hard-crashes on boot (process-level segfault, not a catchable JS error) on any host where `@napi-rs/keyring`'s `libsecret` backend can't reach a D-Bus Secret Service. That's:\\n\\n- **Headless Linux servers** (no desktop session)\\n- **CI runners** (most Docker images don't ship gnome-keyring)\\n- **Containers without D-Bus** (most production deployments)\\n\\nThe crash signature looks like a Bun bug:\\n\\n```\\npanic(main thread): Segmentation fault at address 0x0\\noh no: Bun has crashed. This indicates a bug in Bun, not your code.\\n```\\n\\nIt's actually `@napi-rs/keyring 1.2.0` aborting at the C level inside libsecret \u2014 the existing try/catch around `keychain.load()` can't fire because the native crash kills the host before JS regains control.\\n\\n## Why the existing defense doesn't work\\n\\n`packages/vault/src/master-key.ts` and `packages/confidant/src/{crypto/master-key,backends/keyring}.ts` already wrap every keychain operation in `try/catch`. The catches were written to handle the case where libsecret throws a JS error. But on hosts without a D-Bus session, libsecret doesn't throw \u2014 the native binding aborts the process.\\n\\n`@elizaos/confidant` makes this worse by importing `@napi-rs/keyring` at the **top level** of two files (`backends/keyring.ts:1` and `crypto/master-key.ts:1`). That means the native binding initializes at *module-eval* time. Anything that imports `@elizaos/confidant` from the agent runtime (and the agent boot path does) crashes the process before any defensive code can run.\\n\\n## Fix\\n\\n**`packages/vault/src/master-key.ts`** \u2014 Detect the unsafe configuration before invoking native code in `defaultMasterKey().load()`:\\n\\n- `MILADY_VAULT_DISABLE_KEYCHAIN === \\\"1\\\"` (explicit opt-out)\\n- `process.platform === \\\"linux\\\" && !process.env.DBUS_SESSION_BUS_ADDRESS`\\n\\nWhen unsafe, fall back to `MILADY_VAULT_PASSPHRASE` (the existing scrypt resolver) or throw a clear `MasterKeyUnavailableError` naming the remediation. Existing desktop / dev paths are unchanged \u2014 the new check only triggers on the configurations that were already crashing.\\n\\n**`packages/confidant/src/crypto/master-key.ts`** \u2014 Convert the top-level `import { Entry } from \\\"@napi-rs/keyring\\\"` to a type-only import; lazy-load `Entry` inside `loadOrCreateKeychainEntry`. Add the same headless-Linux skip + a `CONFIDANT_DISABLE_KEYCHAIN` opt-out.\\n\\n**`packages/confidant/src/backends/keyring.ts`** \u2014 Same pattern. Type-only top-level import; new `loadEntryClass()` helper that does the headless check + dynamic import; used by `resolve` / `store` / `remove`. The helper earns its keep with three callers.\\n\\n## What this does NOT change\\n\\n- macOS Keychain Services path\\n- Windows Credential Manager path\\n- Linux desktop session path (gnome-keyring / kwallet over D-Bus)\\n- Test paths using `inMemoryMasterKey()`\\n- Existing scrypt-passphrase resolver (`MILADY_VAULT_PASSPHRASE`)\\n- Public API of either package \u2014 `defaultMasterKey`, `osKeychainMasterKey`, `osKeyringMasterKey`, `KeyringBackend` all keep the same signatures and behavior on hosts where the native binding is safe\\n\\n## Repro on a headless box\\n\\n```bash\\nunset DBUS_SESSION_BUS_ADDRESS\\nbun run dev\\n# crashes inside `new Entry(service, account)` in @napi-rs/keyring 1.2.0\\n```\\n\\nAfter the fix, same command on the same host either falls back to `MILADY_VAULT_PASSPHRASE` (if set) or throws `MasterKeyUnavailableError` with a helpful message.\\n\\n## Related\\n\\nThe same root cause hits 10 elizaos-plugins repos that ship a CJS bundle requiring async-ESM `@elizaos/core`. Those are filed as separate PRs against each plugin repo, mirroring the existing ESM-only pattern in `plugin-anthropic`.\\n\\n## Tested\\n\\nRepro confirmed on this host (headless Linux server, no D-Bus, `@napi-rs/keyring@1.2.0`). Bot boots clean, runs full agent runtime, completes 7-of-7 Discord smoke prompts with zero segfaults.\\n\\n\\n\\n

Greptile Summary

\\n\\nThis PR prevents a process-level segfault on headless Linux by converting top-level `@napi-rs/keyring` imports to type-only and lazy-loading the native binding only after confirming D-Bus reachability via `DBUS_SESSION_BUS_ADDRESS` or the `$XDG_RUNTIME_DIR/bus` socket. The guard is applied consistently across `packages/vault` and `packages/confidant`, and `describe()` is updated to reflect the runtime-selected path.\\n\\n- **P1 (test regression):** The `beforeEach` in `defaultMasterKey \u2014 fallback chain` deletes `MILADY_VAULT_DISABLE_KEYCHAIN` to \\\\\\\"force the safe path,\\\\\\\" but this doesn't suppress the D-Bus checks in `isKeychainUnsafe()`. The two existing `describe()` tests (lines 182\u2013194) will fail on headless Linux CI because `describe()` now returns the bypass string rather than `keychain://\u2026`.\\n\\n

Confidence Score: 4/5

\\n\\nSafe to merge after fixing the test regression in the fallback chain describe() tests; the runtime fix is correct.\\n\\nOne P1 finding: two pre-existing describe() tests in defaultMasterKey \u2014 fallback chain will fail on headless Linux CI because beforeEach only removes MILADY_VAULT_DISABLE_KEYCHAIN but does not suppress the D-Bus env-var/socket checks, leaving isKeychainUnsafe() returning true on headless runners. The runtime fix itself is logically sound and well-tested.\\n\\npackages/vault/test/master-key.test.ts \u2014 beforeEach in defaultMasterKey \u2014 fallback chain needs to also set DBUS_SESSION_BUS_ADDRESS to truly force the safe path on headless Linux.\\n\\n

Important Files Changed

\\n\\n\\n\\n\\n| Filename | Overview |\\n|----------|----------|\\n| packages/vault/src/master-key.ts | Adds `isKeychainUnsafe()` with XDG socket fallback, guards both `defaultMasterKey` and `osKeychainMasterKey`, and fixes `describe()` to reflect the bypass path. Logic and error messages are correct. |\\n| packages/confidant/src/keychain-host.ts | New shared helper implementing `isKeychainUnsafe()` for the confidant package with opt-out env var and XDG socket check. Clean and correct. |\\n| packages/confidant/src/backends/keyring.ts | Converts to type-only import and adds `loadEntryClass()` lazy-loader with unsafe guard. Missing try/catch around dynamic import unlike sibling implementations. |\\n| packages/confidant/src/crypto/master-key.ts | Type-only import, lazy load with full try/catch, and `isKeychainUnsafe()` guard. Correctly mirrors the vault implementation pattern. |\\n| packages/vault/test/master-key.test.ts | Adds new test suites for bypass behavior, but `beforeEach` in the fallback chain suite incompletely forces the safe path \u2014 existing `describe()` tests will fail on headless Linux CI. |\\n| packages/app-core/src/api/secrets-manager-routes.test.ts | Injects an in-memory master key into the shared vault fixture so route tests never touch the OS keychain. Correct fix for CI stability. |\\n\\n\\n\\n\\n\\n

Flowchart

\\n\\n```mermaid\\n%%{init: {'theme': 'neutral'}}%%\\nflowchart TD\\n A[Agent boot / module import] --> B[Type-only import of keyring\\\\nNo native init at module-eval time]\\n B --> C[load or resolve called]\\n C --> D{isKeychainUnsafe check}\\n D -->|Explicit opt-out flag set| F[Throw typed error]\\n D -->|Linux without reachable D-Bus| F\\n D -->|DBUS_SESSION_BUS_ADDRESS present| G[Dynamic import of native binding]\\n D -->|XDG_RUNTIME_DIR bus socket exists| G\\n D -->|Non-Linux platform| G\\n G --> H[Entry constructor + keychain ops]\\n F --> J{Caller is defaultMasterKey?}\\n J -->|Yes + passphrase env set| L[scrypt passphrase resolver]\\n J -->|Yes + no passphrase| M[Throw with remediation hint]\\n J -->|No - direct caller| M\\n```\\n\\n\\n

Comments Outside Diff (3)

\\n\\n1. `packages/vault/src/master-key.ts`, line 234-295 ([link](https://github.com/elizaos/eliza/blob/a5e891b29f8948acca3d4793a9109c444e314e3a/packages/vault/src/master-key.ts#L234-L295)) \\n\\n \\\"P2\\\" **`osKeychainMasterKey` still has no headless-Linux guard**\\n\\n `defaultMasterKey` now safely skips the keychain on headless Linux before calling `keychain.load()`, but `osKeychainMasterKey` (the exported public API) contains no equivalent check. Callers that use `osKeychainMasterKey` directly \u2014 plugins, integrations, or any code that doesn't go through `defaultMasterKey` \u2014 will still trigger the `new Entry(service, account)` call path on headless Linux and reproduce the original segfault. Adding the same guard at the top of `osKeychainMasterKey.load()` would close that gap.\\n\\n2. `packages/vault/src/master-key.ts`, line 225-230 ([link](https://github.com/elizaos/eliza/blob/a5e891b29f8948acca3d4793a9109c444e314e3a/packages/vault/src/master-key.ts#L225-L230)) \\n\\n \\\"P2\\\" **`describe()` is inaccurate when `keychainUnsafe` is true**\\n\\n When the new `keychainUnsafe` path fires, the keychain is completely bypassed and the passphrase resolver (or an error) is used. But `describe()` still unconditionally returns a string starting with `keychain.describe()`, e.g. `\\\"keychain://milady/vault.masterKey\\\"`. A caller inspecting the resolver's description on a headless Linux host will see the keychain listed as the primary source even though it is never attempted. The description should reflect the runtime-selected path.\\n\\n3. `packages/vault/test/master-key.test.ts`, line 182-194 ([link](https://github.com/elizaos/eliza/blob/ae722967bdd73bcb3d7781b0e6c53bdf42b07be0/packages/vault/test/master-key.test.ts#L182-L194)) \\n\\n \\\"P1\\\" **`beforeEach` fix is insufficient \u2014 `describe` tests will fail on headless Linux CI**\\n\\n The `beforeEach` deletes `MILADY_VAULT_DISABLE_KEYCHAIN` with the comment \\\"force the keychain safe path\u2026 e.g. headless Linux CI without D-Bus.\\\" But that flag is only the first branch of `isKeychainUnsafe()`. On headless Linux without `DBUS_SESSION_BUS_ADDRESS` and no `$XDG_RUNTIME_DIR/bus` socket, `isKeychainUnsafe()` still returns `true`, so `defaultMasterKey.describe()` returns the bypass string (`\\\"passphrase://test (keychain bypassed: \u2026)\\\"` or `\\\"unavailable (keychain bypassed: \u2026)\\\"`) \u2014 not `\\\"keychain://\u2026\\\"`. Both tests below will therefore fail on headless Linux CI after this PR.\\n\\n Fix: also set `DBUS_SESSION_BUS_ADDRESS` in `beforeEach` to force the safe path:\\n\\n ```ts\\n beforeEach(() => {\\n prev = process.env.MILADY_VAULT_PASSPHRASE;\\n prevDisable = process.env.MILADY_VAULT_DISABLE_KEYCHAIN;\\n prevDbus = process.env.DBUS_SESSION_BUS_ADDRESS;\\n delete process.env.MILADY_VAULT_DISABLE_KEYCHAIN;\\n // Force the Linux D-Bus check to pass so these describe() tests\\n // exercise the keychain path on every platform, including headless CI.\\n process.env.DBUS_SESSION_BUS_ADDRESS = \\\"unix:path=/run/user/1000/bus\\\";\\n });\\n afterEach(() => {\\n // restore DBUS_SESSION_BUS_ADDRESS as well\\n if (prevDbus === undefined) delete process.env.DBUS_SESSION_BUS_ADDRESS;\\n else process.env.DBUS_SESSION_BUS_ADDRESS = prevDbus;\\n });\\n ```\\n\\n
\\n\\n\\n\\nReviews (2): Last reviewed commit: [\\\"fix(vault, confidant): tighten headless-...\\\"](https://github.com/elizaos/eliza/commit/ae722967bdd73bcb3d7781b0e6c53bdf42b07be0) | [Re-trigger Greptile](https://app.greptile.com/api/retrigger?id=30539389)\\n\\n\",\n \"repository\": \"elizaos/eliza\",\n \"createdAt\": \"2026-05-02T03:12:09Z\",\n \"mergedAt\": \"2026-05-02T03:30:04Z\",\n \"additions\": 256,\n \"deletions\": 18\n },\n {\n \"id\": \"PR_kwDOMT5cIs7XmEll\",\n \"title\": \"fix(ci): handle bogus Inno Setup exit codes on Windows Server 2025\",\n \"author\": \"NubsCarson\",\n \"number\": 7232,\n \"body\": \"## Summary\\nWindows Server 2025 headless CI runners return non-zero exit codes from Inno Setup (exit code 5) even when the install succeeds or partially succeeds. The smoke test was treating this as a hard failure and retrying, which also failed.\\n\\n## Changes\\n- `smoke-test-windows.ps1`: Check if `launcher.exe` exists after a non-zero exit code before retrying \u2014 if files were extracted successfully, treat as success despite the bad exit code\\n- Log full Inno Setup output instead of tail 100 (the actual error is at the beginning, the tail only shows the rollback deletion phase)\\n- Add disk space diagnostics before installer extraction\\n- Remove `/CLOSEAPPLICATIONS` flag which can hang on headless runners\\n\\n## Context\\nThis is part of a broader effort to fix the Windows release pipeline. The companion milady PR (milady-ai/milady#2089) adds disk cleanup steps to the workflow YAML.\\n\\n\ud83e\udd16 Generated with [Claude Code](https://claude.com/claude-code)\\n\\n\\n\\n

Greptile Summary

\\n\\nThis CI-only fix updates `smoke-test-windows.ps1` to handle Inno Setup returning bogus non-zero exit codes (e.g. exit 5) on Windows Server 2025 headless runners by checking for `launcher.exe` existence before deciding whether to retry or fail. It also removes the `/CLOSEAPPLICATIONS` flag (which can hang headless sessions), adds disk-space diagnostics before install, and changes the log output from `Tail 100` to the full file.\\n\\n

Confidence Score: 4/5

\\n\\nSafe to merge \u2014 CI-only script change with correct fallback logic and downstream validation still exercised by Verify-PackagedRendererAssets and the health-check loop.\\n\\nOnly P2 findings: full log verbosity and missing diagnostic log on the bogus-exit-code-success path. No logic errors or security concerns.\\n\\nNo files require special attention beyond the minor log verbosity noted inline.\\n\\n

Important Files Changed

\\n\\n| Filename | Overview |\\n|----------|----------|\\n| packages/app-core/platforms/electrobun/scripts/smoke-test-windows.ps1 | Installer error-handling hardened to tolerate Windows Server 2025 bogus exit codes by checking launcher.exe existence; /CLOSEAPPLICATIONS removed; disk diagnostics added; log output changed to full content (potential verbosity issue). |\\n\\n\\n\\n

Flowchart

\\n\\n```mermaid\\n%%{init: {'theme': 'neutral'}}%%\\nflowchart TD\\n A[Run Inno Setup - Attempt 1] --> B{Exit code == 0?}\\n B -- Yes --> E[Find launcher.exe in installerRoot]\\n B -- No --> C[Print full log]\\n C --> D{launcher.exe exists?}\\n D -- Yes --> F[Treat as success - headless runner quirk]\\n D -- No --> G[Retry via cmd /c - Attempt 2]\\n G --> H{launcher.exe exists?}\\n H -- Yes --> I[Treat as success]\\n H -- No --> J{Exit code == 0?}\\n J -- Yes --> E\\n J -- No --> K[Print attempt 2 log - throw error]\\n F --> E\\n I --> E\\n E --> L{launcher.exe found?}\\n L -- Yes --> M[Verify renderer assets - Start launcher - Health check loop]\\n L -- No --> N[throw: launcher not found]\\n```\\n\\nReviews (1): Last reviewed commit: [\\\"fix(ci): add disk diagnostics + full Inn...\\\"](https://github.com/elizaos/eliza/commit/8116e47827888a7318ebe8df34b2f3d908a15947) | [Re-trigger Greptile](https://app.greptile.com/api/retrigger?id=30542195)\\n\\n> Greptile also left **2 inline comments** on this PR.\\n\\n\",\n \"repository\": \"elizaos/eliza\",\n \"createdAt\": \"2026-05-02T04:38:18Z\",\n \"mergedAt\": \"2026-05-02T06:04:53Z\",\n \"additions\": 38,\n \"deletions\": 23\n }\n ],\n \"codeChanges\": {\n \"additions\": 1295,\n \"deletions\": 363,\n \"files\": 110,\n \"commitCount\": 257\n },\n \"completedItems\": [\n {\n \"title\": \"feat(vault): @elizaos/vault \u2014 cross-platform secrets vault + Settings UI integration\",\n \"prNumber\": 7197,\n \"type\": \"feature\",\n \"body\": \"# Relates to\\n\\nThis is the upstream-targeting twin of milady-ai/eliza#6. The vault feature originated in the Milady fork; this PR lands the upstream-relevant slice on `elizaOS/eliza:develop`.\\n\\n# Risks\\n\\n**Low.** The vault is an additive works\",\n \"files\": [\n \".github/actions/setup-bun-workspace/action.yml\",\n \".github/workflows/apple-store-release.yml\",\n \".github/workflows/mobile-build-smoke.yml\",\n \".github/workflows/nightly.yml\",\n \".github/workflows/quality-fork.yml\",\n \".github/workflows/test-electrobun-release.yml\",\n \".github/workflows/vault-ci.yaml\",\n \".github/workflows/windows-dev-smoke.yml\",\n \"apps/app/.env.example\",\n \"apps/app/.gitignore\",\n \"apps/app/README.md\",\n \"apps/app/app.config.ts\",\n \"apps/app/capacitor.config.ts\",\n \"apps/app/electrobun/.gitignore\",\n \"apps/app/index.html\",\n \"apps/app/package.json\",\n \"apps/app/playwright.electrobun.packaged.config.ts\",\n \"apps/app/playwright.ui-packaged.config.ts\",\n \"apps/app/playwright.ui-smoke.config.ts\",\n \"apps/app/playwright.web-views.config.ts\",\n \"apps/app/public/android-chrome-192x192.png\",\n \"apps/app/public/android-chrome-512x512.png\",\n \"apps/app/public/apple-touch-icon.png\",\n \"apps/app/public/favicon-16x16.png\",\n \"apps/app/public/favicon-32x32.png\",\n \"apps/app/public/favicon.ico\",\n \"apps/app/public/logos/anthropic-icon-white.png\",\n \"apps/app/public/logos/anthropic-icon.png\",\n \"apps/app/public/logos/claude-icon.png\",\n \"apps/app/public/logos/deepseek-icon.png\",\n \"apps/app/public/logos/elizaos-icon.png\",\n \"apps/app/public/logos/gemini-icon.png\",\n \"apps/app/public/logos/grok-icon-white.png\",\n \"apps/app/public/logos/grok-icon.png\",\n \"apps/app/public/logos/groq-icon-white.png\",\n \"apps/app/public/logos/groq-icon.png\",\n \"apps/app/public/logos/mistral-icon.png\",\n \"apps/app/public/logos/ollama-icon-white.png\",\n \"apps/app/public/logos/ollama-icon.png\",\n \"apps/app/public/logos/openai-icon-white.png\",\n \"apps/app/public/logos/openai-icon.png\",\n \"apps/app/public/logos/openrouter-icon-white.png\",\n \"apps/app/public/logos/openrouter-icon.png\",\n \"apps/app/public/logos/together-ai-icon.png\",\n \"apps/app/public/logos/zai-icon-white.png\",\n \"apps/app/public/logos/zai-icon.png\",\n \"apps/app/public/og-image.png\",\n \"apps/app/public/splash-bg.jpg\",\n \"apps/app/scripts/build.mjs\",\n \"apps/app/scripts/capacitor-plugin-names.mjs\"\n ]\n },\n {\n \"title\": \"chore(deps): update supabase/postgres docker tag to v17.6.1.113\",\n \"prNumber\": 7219,\n \"type\": \"other\",\n \"body\": \"This PR contains the following updates:\\n\\n| Package | Update | Change |\\n|---|---|---|\\n| supabase/postgres | patch | `17.6.1.112` \u2192 `17.6.1.113` |\\n\\n---\\n\\n> [!WARNING]\\n> Some dependencies could not be looked up. Check the [Dependency Dashboard]\",\n \"files\": [\n \"packages/app-core/deploy/docker-compose.supabase-db.yml\"\n ]\n },\n {\n \"title\": \"fix(deps): update dependency @anthropic-ai/sdk to ^0.92.0\",\n \"prNumber\": 7218,\n \"type\": \"bugfix\",\n \"body\": \"This PR contains the following updates:\\n\\n| Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) |\\n|---|---|---|---|\\n| [@anthropic-ai/sdk](https://redirect.gi\",\n \"files\": [\n \"packages/typescript/package.json\"\n ]\n },\n {\n \"title\": \"chore(deps): update dependency ai to v6.0.172\",\n \"prNumber\": 7217,\n \"type\": \"other\",\n \"body\": \"This PR contains the following updates:\\n\\n| Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) |\\n|---|---|---|---|\\n| [ai](https://ai-sdk.dev/docs) ([source]\",\n \"files\": [\n \"package.json\"\n ]\n },\n {\n \"title\": \"chore(deps): update dependency @ai-sdk/provider-utils to v4.0.25\",\n \"prNumber\": 7216,\n \"type\": \"other\",\n \"body\": \"This PR contains the following updates:\\n\\n| Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) |\\n|---|---|---|---|\\n| [@ai-sdk/provider-utils](https://ai-sdk\",\n \"files\": [\n \"package.json\"\n ]\n },\n {\n \"title\": \"chore(deps): update dependency @ai-sdk/provider to v3.0.10\",\n \"prNumber\": 7215,\n \"type\": \"other\",\n \"body\": \"This PR contains the following updates:\\n\\n| Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) |\\n|---|---|---|---|\\n| [@ai-sdk/provider](https://ai-sdk.dev/d\",\n \"files\": [\n \"package.json\"\n ]\n },\n {\n \"title\": \"chore(deps): update dependency @ai-sdk/openai to v3.0.55\",\n \"prNumber\": 7214,\n \"type\": \"other\",\n \"body\": \"This PR contains the following updates:\\n\\n| Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) |\\n|---|---|---|---|\\n| [@ai-sdk/openai](https://ai-sdk.dev/doc\",\n \"files\": [\n \"package.json\"\n ]\n },\n {\n \"title\": \"feat(self-hosted): CORS + bearer auth + cross-platform build fixes\",\n \"prNumber\": 7212,\n \"type\": \"feature\",\n \"body\": \"# Relates to\\n\\nSelf-hosting cross-platform connectivity. The runtime now serves browser dashboards over HTTPS at a custom domain, App Store-style mobile builds (Capacitor), and Electrobun desktop builds \u2014 all routed through a remote agent vi\",\n \"files\": [\n \"package.json\",\n \"packages/agent/src/api/experience-routes.test.ts\",\n \"packages/agent/src/api/experience-routes.ts\",\n \"packages/agent/src/runtime/plugin-lifecycle.ts\",\n \"packages/app-core/platforms/android/variables.gradle\",\n \"packages/app-core/platforms/electrobun/assets/brand-config.json\",\n \"packages/app-core/platforms/electrobun/electrobun.config.ts\",\n \"packages/app-core/scripts/desktop-build.mjs\",\n \"packages/app-core/src/App.tsx\",\n \"packages/app-core/src/api/auth-client.ts\",\n \"packages/app-core/src/api/auth-pairing-compat-routes.ts\",\n \"packages/app-core/src/api/auth-session-routes.ts\",\n \"packages/app-core/src/api/client-agent.ts\",\n \"packages/app-core/src/api/client-base.test.ts\",\n \"packages/app-core/src/api/client-base.ts\",\n \"packages/app-core/src/api/csrf-client.test.ts\",\n \"packages/app-core/src/api/csrf-client.ts\",\n \"packages/app-core/src/api/server-cors.test.ts\",\n \"packages/app-core/src/api/server-cors.ts\",\n \"packages/app-core/src/api/server.ts\",\n \"packages/app-core/src/components/pages/ChatView.tsx\",\n \"packages/app-core/src/components/shell/RuntimeGate.tsx\",\n \"packages/app-core/src/registry/index.ts\",\n \"packages/app-core/src/state/persistence.ts\",\n \"packages/app-core/src/state/startup-phase-poll.ts\",\n \"packages/app-core/src/state/startup-phase-restore.ts\",\n \"packages/app-core/src/state/startup-phase-runtime.ts\",\n \"plugins/plugin-agent-skills\",\n \"plugins/plugin-anthropic\",\n \"plugins/plugin-cli\",\n \"plugins/plugin-commands\",\n \"plugins/plugin-cron\",\n \"plugins/plugin-discord\",\n \"plugins/plugin-edge-tts\",\n \"plugins/plugin-elizacloud\",\n \"plugins/plugin-evm\",\n \"plugins/plugin-google-genai\",\n \"plugins/plugin-groq\",\n \"plugins/plugin-local-ai\",\n \"plugins/plugin-local-embedding\",\n \"plugins/plugin-ollama\",\n \"plugins/plugin-openai\",\n \"plugins/plugin-openrouter\",\n \"plugins/plugin-pdf\",\n \"plugins/plugin-shell\",\n \"plugins/plugin-solana\",\n \"plugins/plugin-sql\",\n \"plugins/plugin-whatsapp\",\n \"plugins/plugin-agent-orchestrator\"\n ]\n },\n {\n \"title\": \"chore(deps): update dependency ai to v6.0.174\",\n \"prNumber\": 7229,\n \"type\": \"other\",\n \"body\": \"This PR contains the following updates:\\n\\n| Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) |\\n|---|---|---|---|\\n| [ai](https://ai-sdk.dev/docs) ([source]\",\n \"files\": [\n \"package.json\"\n ]\n },\n {\n \"title\": \"chore(deps): update dependency @biomejs/biome to v2.4.14\",\n \"prNumber\": 7228,\n \"type\": \"other\",\n \"body\": \"This PR contains the following updates:\\n\\n| Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) |\\n|---|---|---|---|\\n| [@biomejs/biome](https://biomejs.dev) (\",\n \"files\": [\n \"package.json\"\n ]\n },\n {\n \"title\": \"chore(deps): update dependency @ai-sdk/openai to v3.0.58\",\n \"prNumber\": 7227,\n \"type\": \"other\",\n \"body\": \"This PR contains the following updates:\\n\\n| Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) |\\n|---|---|---|---|\\n| [@ai-sdk/openai](https://ai-sdk.dev/doc\",\n \"files\": [\n \"package.json\"\n ]\n },\n {\n \"title\": \"test(app-core): remove api module mocks\",\n \"prNumber\": 7226,\n \"type\": \"tests\",\n \"body\": \"\\r\\n\\r\\n# Relates to\\r\\n\\r\\n\\r\\n\\r\\n