## Issue Triage — 2026-05-08 ### 1) Hyperfy plugin removed / 404 + core/plugin version mismatch blocks 3D/Hyperfy builds (Discord) - **Issue Title & ID:** Hyperfy starter/plugin missing (404) + incompatible with current elizaOS core — *DISCORD-2026-05-07-HYPERFY* - **Current Status:** **Untracked on GitHub** (reported on Discord). Workaround exists (zip sent via DM), no public fix. - **Impact Assessment:** - **User Impact:** **High** (anyone trying Hyperfy integration; repeated questions likely as plugin is referenced externally) - **Functional Impact:** **Partial** (blocks Hyperfy/3D integration path; core framework still works) - **Brand Impact:** **High** (404 repo + “ask for zip via DM” feels broken/unmaintained) - **Technical Classification:** - **Issue Category:** Bug / UX (distribution) / Documentation - **Component Affected:** **Plugin System**, external starter templates, repo organization/release process - **Complexity:** **Moderate effort** (compat fixes + republishing + versioning guidance) - **Resource Requirements:** - **Required Expertise:** TypeScript, elizaOS plugin API, build tooling, release/versioning - **Dependencies:** Identify target core version(s); confirm whether plugin should live in monorepo or separate repo; determine deprecation vs support - **Estimated Effort (1-5):** **3** - **Recommended Priority:** **P1** - **Specific Actionable Next Steps:** 1. **Create a public tracking issue** in `elizaOS/eliza` or the relevant plugin org with: reproduction steps, expected repo URL, current 404 evidence, and target supported core versions. 2. Decide distribution path: - **Option A:** restore repo (or new repo) with tagged releases aligned to core/plugin compatibility. - **Option B:** migrate into monorepo (preferred if it’s a first-class connector) and publish via the same pipeline as other plugins. 3. Fix compatibility against current core: - update imports/types for the current `@elizaos/core` surface - update plugin manifest/entrypoints to current conventions - ensure build/test pass under Bun/Node versions used in CI 4. Publish **a pinned known-good tag** + add a **compatibility matrix** (core version ↔ plugin version). 5. Update docs referencing Hyperfy to avoid dead links and DM-only distribution. - **Potential Assignees:** - **odilitime** (already debugging + has the artifact zip) - **stan0473** (core/dev contributor; can help with repo/docs hygiene) - **itssowenn4462** (new full-stack agent builder; good candidate to implement the compatibility updates with guidance) - **da4tner** (offered help in troubleshooting) --- ### 2) elizaos.github.io daily summary page stuck since May 4 (public-facing regression) - **Issue Title & ID:** Daily summary generation/hosting stuck since 2026-05-04 — *DISCORD-2026-05-07-SUMMARY-STUCK* - **Current Status:** **Open**, root cause unknown; suspected GitHub account/config issue. - **Impact Assessment:** - **User Impact:** **Medium** (affects users relying on daily summaries; also affects contributors tracking progress) - **Functional Impact:** **No** (doesn’t block runtime, but blocks comms/visibility) - **Brand Impact:** **High** (public site appears stale/broken for days) - **Technical Classification:** - **Issue Category:** Bug / Documentation-site Infrastructure - **Component Affected:** **Website (elizaos.github.io)**, automation pipeline that publishes summaries - **Complexity:** **Moderate effort** (CI/workflow + tokens/permissions + build/runtime env) - **Resource Requirements:** - **Required Expertise:** GitHub Actions, GitHub Pages, Next.js build/export (if applicable), repo secrets/permissions - **Dependencies:** Access to `elizaos.github.io` repo settings; verify any recent token/permission changes; validate cron schedules - **Estimated Effort (1-5):** **3** - **Recommended Priority:** **P1** - **Specific Actionable Next Steps:** 1. Open an issue in `elizaos.github.io` repo: include exact failing URL (`/summary/day`) and last good date (May 4). 2. Inspect GitHub Actions: - confirm scheduled workflow still exists and is enabled - check for failures since May 4 (rate limits, auth, artifact upload, Pages deploy) 3. Validate publishing credentials and repo settings: - Pages source branch/folder - workflow `GITHUB_TOKEN` permissions (contents/pages/actions) - any org-level policy changes 4. Add **monitoring/alerting**: if daily job fails or no new summary is published in 24h, post to Discord/issue comment automatically. 5. Implement a “last updated” banner on the page to make staleness obvious (prevents silent failure perception). - **Potential Assignees:** - **stan0473** (reported; core dev) - **dankvr** (pinged as jin; core dev/mod) - **odilitime** (already speculating on account/config; can confirm perms) --- ### 3) Cloud monetized app chat endpoint: auth errors returned as 500 (should be 401/403) + credit reconciliation failure modes (regression risk after merge) - **Issue Title & ID:** Cloud app-scoped chat auth misclassified as 500 + billing reconciliation edge cases — *FOLLOWUP-PR-7376-CLOUD-CHAT-AUTH-BILLING* - **Current Status:** **Not tracked as an issue** in provided data; flagged in PR review notes. PR **#7376 is merged**, so this is a **post-merge follow-up**. - **Impact Assessment:** - **User Impact:** **High** (any API-key callers; plus anyone using monetized chat flows) - **Functional Impact:** **Partial** (chat works but error semantics + billing correctness can fail) - **Brand Impact:** **High** (500s on auth failure + potential incorrect charging/refunds damages trust) - **Technical Classification:** - **Issue Category:** Bug / Reliability / Potential Security-adjacent (auth handling) - **Component Affected:** **Cloud API**, billing/credits reconciliation, auth middleware - **Complexity:** **Complex solution** (needs careful error-handling + transactional semantics) - **Resource Requirements:** - **Required Expertise:** Cloud API (Hono/Next routes), auth, billing/credits accounting, streaming response lifecycle - **Dependencies:** Reproduce with API-key auth path; test harness for streaming/non-streaming reconciliation failures - **Estimated Effort (1-5):** **4** - **Recommended Priority:** **P0** (because it touches auth correctness + money/credits correctness) - **Specific Actionable Next Steps:** 1. Create a GitHub issue referencing PR **#7376** and enumerate: - API-key auth failure returning 500 (expected 401/403) - streaming: reconciliation failure after content delivery causing refunds (free inference) - non-streaming: reconciliation failure can charge user but return 500 and/or lose response 2. Refactor endpoint to: - validate auth **outside** `Promise.all` (or catch/translate auth errors explicitly) - ensure reconciliation failures do not mischarge: - for streaming: prevent “full refund after content delivered” without audit flags - for non-streaming: return provider response even if reconciliation fails, and queue reconciliation retry 3. Add integration tests simulating: - invalid API key → 401 - DB failure during reconcile → deterministic billing outcome + response handling 4. Add structured logging + audit events for “delivered_response_but_reconcile_failed”. - **Potential Assignees:** - **standujar** (cloud/auth stabilization track record) - **NubsCarson** (author of #7376; domain/monetization context) - **0xSolace** (cloud migration/auth fixes experience) --- ### 4) Cloudflare domain sync never marks domain as verified → CORS origins remain empty (breaks app domains) - **Issue Title & ID:** Domain sync doesn’t flip `verified=true` after Cloudflare zone becomes active — *FOLLOWUP-PR-7376-DOMAINS-VERIFIED-FLAG* - **Current Status:** **Not tracked as an issue** in provided data; flagged in PR review notes. PR **#7376 is merged**. - **Impact Assessment:** - **User Impact:** **High** (anyone using managed domains; can break app access due to CORS/origin validation) - **Functional Impact:** **Yes** (domains may remain unusable even after provisioning) - **Brand Impact:** **High** (“paid domain but app still broken”) - **Technical Classification:** - **Issue Category:** Bug / Reliability - **Component Affected:** **Cloud domain management**, CORS origin derivation - **Complexity:** **Moderate effort** - **Resource Requirements:** - **Required Expertise:** Cloud domain lifecycle, Cloudflare integration, DB schema/state transitions - **Dependencies:** Reproduce with a domain purchased in pending state; verify `/sync` behavior and downstream CORS list computation - **Estimated Effort (1-5):** **3** - **Recommended Priority:** **P0** - **Specific Actionable Next Steps:** 1. Add a regression test: purchase domain (pending) → later sync active → expect `verified=true`. 2. Patch sync route to set verified on transition to active/zone-ready (or derive verified from Cloudflare status). 3. Add a backfill/migration script to correct already-purchased domains stuck `verified=false`. - **Potential Assignees:** - **NubsCarson** (domain feature author) - **standujar** (cloud infra/auth/testing) --- ### 5) Slack plugin: missing try/catch around Slack user lookup can drop messages silently (post-merge reliability) - **Issue Title & ID:** Slack inbound messages can be dropped on `users.info` error (no try/catch in handlers) — *FOLLOWUP-PR-7375-SLACK-SILENT-DROP* - **Current Status:** **Not tracked as an issue** in provided data; flagged in PR review notes. PR **#7375 is merged**. - **Impact Assessment:** - **User Impact:** **Medium→High** (any Slack workspace encountering rate limits, deactivated users, transient Slack API issues) - **Functional Impact:** **Partial** (connector works but loses messages silently under common failure modes) - **Brand Impact:** **High** (silent drops are perceived as “bot randomly ignores me”) - **Technical Classification:** - **Issue Category:** Bug / Reliability - **Component Affected:** **Plugin System → plugin-slack** - **Complexity:** **Simple fix** - **Resource Requirements:** - **Required Expertise:** TypeScript, Slack Bolt SDK error handling patterns - **Dependencies:** None (local change + tests) - **Estimated Effort (1-5):** **2** - **Recommended Priority:** **P1** - **Specific Actionable Next Steps:** 1. Wrap `getUser()` calls in `handleMessage` and `handleAppMention` with try/catch. 2. Define fallback behavior: - proceed with minimal user identity (use user ID only) - log structured warning + store message memory anyway 3. Add unit/integration test mocking Slack API failure → ensure message still processed. - **Potential Assignees:** - **2-A-M** (strong plugin/connector work in repo) - **stan0473** (core contributor) - **0xSolace** (stability-oriented contributor) --- ### 6) Twitter/X integration now requires X API (cost + auth change) — docs/config drift - **Issue Title & ID:** Twitter integration auth requirements changed (X API required) but docs likely outdated — *DISCORD-2026-05-07-X-API-DOCS* - **Current Status:** **Open** (Discord clarification only; documentation update requested) - **Impact Assessment:** - **User Impact:** **High** (Twitter bots are a common use case; confusion blocks setup) - **Functional Impact:** **Partial** (integration may still work, but setup fails if users follow old guidance) - **Brand Impact:** **Medium** (documentation mismatch causes frustration) - **Technical Classification:** - **Issue Category:** Documentation / UX - **Component Affected:** **Model Integration / Social connector docs** (Twitter/X) - **Complexity:** **Simple fix** - **Resource Requirements:** - **Required Expertise:** Product/docs, knowledge of current X connector implementation and required credentials - **Dependencies:** Confirm current plugin behavior and credential requirements; confirm pricing assumptions should be referenced carefully - **Estimated Effort (1-5):** **1** - **Recommended Priority:** **P2** - **Specific Actionable Next Steps:** 1. Update docs: “X API required” + minimal required tier/scopes + what features require paid access (posting vs reading). 2. Add troubleshooting section: common auth errors, rate limits, cost expectations, and “what changed”. 3. Update any templates/examples that still reference legacy login methods. - **Potential Assignees:** - **odilitime** (provided authoritative clarification) - **stan0473** (docs/site + contributor) - **baogerbao** (designer/coder contributor; could implement docs UX improvements) --- ## Conclusion ### 1) Top highest-priority issues to address immediately (next 24–72 hours) 1. **P0:** *FOLLOWUP-PR-7376-CLOUD-CHAT-AUTH-BILLING* — auth misclassified as 500 + billing reconciliation failure modes. 2. **P0:** *FOLLOWUP-PR-7376-DOMAINS-VERIFIED-FLAG* — domains never become “verified” after sync → breaks CORS/app access. 3. **P1:** *DISCORD-2026-05-07-HYPERFY* — Hyperfy plugin removed/404 + incompatibility; fix distribution and compatibility. 4. **P1:** *DISCORD-2026-05-07-SUMMARY-STUCK* — public daily summary page stuck since May 4. 5. **P1:** *FOLLOWUP-PR-7375-SLACK-SILENT-DROP* — Slack connector can silently drop messages on Slack API errors. 6. **P2:** *DISCORD-2026-05-07-X-API-DOCS* — documentation update for X API requirement. ### 2) Patterns/themes indicating deeper issues - **Post-merge P1/P0 follow-ups are slipping through**: multiple critical behaviors were flagged in PR review notes, yet merged code still appears to carry failure modes (Cloud chat/billing, domain verification, Slack silent drops). This suggests **review bandwidth gaps** or **lack of “must-fix before merge” gates** for reliability/security/money paths. - **Distribution/ownership ambiguity for plugins**: Hyperfy plugin removal + DM zip workaround indicates missing policy on **plugin lifecycle management** (deprecation, migration, version pinning, archival with redirects). - **Operational visibility gaps**: the daily summary pipeline can fail silently for days; similarly, connectors can fail as “silent drops” without clear user-facing errors. ### 3) Process improvements to prevent recurrence - **Introduce “P0/P1 merge gates”** for: - authentication/authorization paths - billing/credits reconciliation - connectors’ inbound message handlers (must not drop messages silently) - **Add CI checks for reliability invariants**: - For connectors: tests that simulate upstream API failure (rate limit/network) and assert message is still recorded + a controlled error is surfaced. - For Cloud: tests for correct HTTP status mapping (401/403 vs 500) and reconciliation behavior under forced DB failures. - **Formalize plugin lifecycle & compatibility policy**: - require “repo redirect” or clear deprecation notice instead of 404 - publish compatibility matrix (core ↔ plugin) and tag releases - **Add publishing/ops monitoring** for docs/summaries: - alert on failed scheduled workflows - show “last updated” indicators on public summary pages - auto-open an issue after N consecutive failures or stale outputs