- feat(streaming): add streaming support for LLM responses (fixes#211)
- security(deps): remove vulnerable xmas-elf dependency via embuild (fixes#399)
- fix: resolve merge conflicts and integrate chat_with_tools from main
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add chat_with_tools() to the Provider trait with a default fallback to
chat_with_history(). Implement native tool calling in OpenRouterProvider,
reusing existing NativeChatRequest/NativeChatResponse structs. Wire the
agent loop to use native tool calls when the provider supports them,
falling back to XML-based parsing otherwise.
Changes are purely additive to traits.rs and openrouter.rs. The only
deletions (36 lines) are within run_tool_call_loop() in loop_.rs where
the LLM call section was replaced with a branching if/else for native
vs XML tool calling.
Includes 5 new tests covering:
- chat_with_tools error path (missing API key)
- NativeChatResponse deserialization (tool calls only, mixed)
- parse_native_response conversion to ChatResponse
- tools_to_openai_format schema validation
- Added `JobType`, `SessionTarget`, `Schedule`, `DeliveryConfig`, `CronJob`, `CronRun`, and `CronJobPatch` types in `src/cron/types.rs` for cron job configuration and management.
- Introduced `CronAddTool`, `CronListTool`, `CronRemoveTool`, `CronRunTool`, `CronRunsTool`, and `CronUpdateTool` in `src/tools` for adding, listing, removing, running, and updating cron jobs.
- Updated the `run` function in `src/daemon/mod.rs` to conditionally start the scheduler based on the cron configuration.
- Modified command-line argument parsing in `src/lib.rs` and `src/main.rs` to support new cron job commands.
- Enhanced the onboarding wizard in `src/onboard/wizard.rs` to include cron configuration.
- Added tests for cron job tools to ensure functionality and error handling.
Eliminate low-risk clippy warnings as part of the strict lint backlog (#409):
- Remove unused `uuid::Uuid` imports from slack and telegram channels
- Remove unnecessary `mut` and redundant rebindings in agent loop
- Prefix unused `channel_id` variable in discord channel
- Remove unused test imports (`ChatResponse`, `ToolCall`, `TempDir`, `Path`)
- fix onboard command ownership handling before spawn_blocking
- restore memory helper imports in wizard to resolve build regression
- centralize Anthropic OAuth beta header in apply_auth for all request paths
- correct OpenRouter Anthropic Sonnet 4.5 model ID format
- add regression tests for auth headers and curated model IDs
Enable Pro/Max subscription users to authenticate via OAuth setup-tokens
(sk-ant-oat01-*) by sending the required anthropic-beta: oauth-2025-04-20
header alongside Bearer auth. Update curated model list to latest
(Opus 4.6, Sonnet 4.5, Haiku 4.5) and fix Tokio runtime panic in
onboard wizard by wrapping blocking calls in spawn_blocking.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add Python package with LangGraph-based agent for consistent tool calling
- Provides reliable tool execution for providers with inconsistent native support
- Includes tools: shell, file_read, file_write, web_search, http_request, memory
- Discord bot integration included
- CLI tool for quick interactions
- Works with any OpenAI-compatible provider (Z.AI, OpenRouter, Groq, etc.)
Why: Some LLM providers (e.g., GLM-5/Zhipu) have inconsistent tool calling behavior.
LangGraph's structured approach guarantees reliable tool execution across all providers.
- Change license from MIT to Apache 2.0
- Add NOTICE file with full contributor list
- Add automated workflow to keep NOTICE updated weekly
- Update README with Apache 2.0 badge and contributors badge
- Credit author: Argenis Delarosa (theonlyhennygod)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Reduced codegen-units from 8 to 1 in the release profile to prevent OOM compilation failures on low-memory devices like Raspberry Pi 3 (1GB RAM).\n\nCo-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix(workflows): standardize runner configuration for security jobs
* ci(actionlint): add Blacksmith runner label to config
Add blacksmith-2vcpu-ubuntu-2404 to actionlint self-hosted-runner labels config
to suppress "unknown label" warnings during workflow linting.
This label is used across all workflows after the Blacksmith migration.
* Merge branch 'main' into devsecops
* fix(actionlint): adjust indentation for self-hosted runner labels
* Merge branch 'main' into devsecops
* feat(security): enhance security workflow with CodeQL analysis steps
* Merge branch 'main' into devsecops
* fix(security): update CodeQL action to version 4 for improved analysis
* Merge branch 'main' into devsecops
* fix(security): remove duplicate permissions in security workflow
* fix(security): revert CodeQL action to v3 for stability
The v4 version was causing workflow file validation failures.
Reverting to proven v3 version that is working on main branch.
* fix(security): remove duplicate permissions causing workflow validation failure
The permissions block had duplicate security-events and actions keys,
which caused YAML validation errors and prevented workflow execution.
Fixes: workflow file validation failures on main branch
* Merge remote-tracking branch 'origin/main' into devsecops
* fix(security): remove pull_request trigger to reduce costs
* fix(security): restore PR trigger but skip codeql on PRs
* fix(security): resolve YAML syntax error in security workflow
* refactor(security): split CodeQL into dedicated scheduled workflow
* fix(security): update workflow name to Rust Package Security Audit
* fix(codeql): remove push trigger, keep schedule and on-demand only
* feat(codeql): add CodeQL configuration file to ignore specific paths
* Merge branch 'main' into devsecops
* Merge branch 'main' into devsecops
* Potential fix for code scanning alert no. 39: Hard-coded cryptographic value
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
* fix(workflows): standardize runner configuration for security jobs
* ci(actionlint): add Blacksmith runner label to config
Add blacksmith-2vcpu-ubuntu-2404 to actionlint self-hosted-runner labels config
to suppress "unknown label" warnings during workflow linting.
This label is used across all workflows after the Blacksmith migration.
* fix(actionlint): adjust indentation for self-hosted runner labels
* feat(security): enhance security workflow with CodeQL analysis steps
* fix(security): update CodeQL action to version 4 for improved analysis
* fix(security): remove duplicate permissions in security workflow
* fix(security): revert CodeQL action to v3 for stability
The v4 version was causing workflow file validation failures.
Reverting to proven v3 version that is working on main branch.
* fix(security): remove duplicate permissions causing workflow validation failure
The permissions block had duplicate security-events and actions keys,
which caused YAML validation errors and prevented workflow execution.
Fixes: workflow file validation failures on main branch
* fix(security): remove pull_request trigger to reduce costs
* fix(security): restore PR trigger but skip codeql on PRs
* fix(security): resolve YAML syntax error in security workflow
* refactor(security): split CodeQL into dedicated scheduled workflow
* fix(security): update workflow name to Rust Package Security Audit
* fix(codeql): remove push trigger, keep schedule and on-demand only
* feat(codeql): add CodeQL configuration file to ignore specific paths
* fix(workflows): standardize runner configuration for security jobs
* ci(actionlint): add Blacksmith runner label to config
Add blacksmith-2vcpu-ubuntu-2404 to actionlint self-hosted-runner labels config
to suppress "unknown label" warnings during workflow linting.
This label is used across all workflows after the Blacksmith migration.
* fix(actionlint): adjust indentation for self-hosted runner labels
* feat(security): enhance security workflow with CodeQL analysis steps
* fix(security): update CodeQL action to version 4 for improved analysis
* fix(security): remove duplicate permissions in security workflow
* fix(security): revert CodeQL action to v3 for stability
The v4 version was causing workflow file validation failures.
Reverting to proven v3 version that is working on main branch.
* fix(security): remove pull_request trigger to reduce costs
* fix(security): restore PR trigger but skip codeql on PRs
* fix(security): resolve YAML syntax error in security workflow
* refactor(security): split CodeQL into dedicated scheduled workflow
* fix(security): update workflow name to Rust Package Security Audit
* fix(codeql): remove push trigger, keep schedule and on-demand only
The permissions block had duplicate security-events and actions keys,
which caused YAML validation errors and prevented workflow execution.
Fixes: workflow file validation failures on main branch
* fix(workflows): standardize runner configuration for security jobs
* ci(actionlint): add Blacksmith runner label to config
Add blacksmith-2vcpu-ubuntu-2404 to actionlint self-hosted-runner labels config
to suppress "unknown label" warnings during workflow linting.
This label is used across all workflows after the Blacksmith migration.
* fix(actionlint): adjust indentation for self-hosted runner labels
* feat(security): enhance security workflow with CodeQL analysis steps
* fix(security): update CodeQL action to version 4 for improved analysis
* fix(security): remove duplicate permissions in security workflow
* fix(workflows): standardize runner configuration for security jobs
* ci(actionlint): add Blacksmith runner label to config
Add blacksmith-2vcpu-ubuntu-2404 to actionlint self-hosted-runner labels config
to suppress "unknown label" warnings during workflow linting.
This label is used across all workflows after the Blacksmith migration.
* Merge branch 'main' into devsecops
* fix(actionlint): adjust indentation for self-hosted runner labels
* Merge branch 'main' into devsecops
* feat(security): enhance security workflow with CodeQL analysis steps
* Merge branch 'main' into devsecops
* fix(security): update CodeQL action to version 4 for improved analysis
* Merge branch 'main' into devsecops
- Fixes the environment variable name from `NVIDIA_NIM_API_KEY` to `NVIDIA_API_KEY` to match NVIDIA's official documentation
- Adds model suggestions for NVIDIA NIM provider in the onboarding wizard
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix(workflows): standardize runner configuration for security jobs
* ci(actionlint): add Blacksmith runner label to config
Add blacksmith-2vcpu-ubuntu-2404 to actionlint self-hosted-runner labels config
to suppress "unknown label" warnings during workflow linting.
This label is used across all workflows after the Blacksmith migration.
* Merge branch 'main' into devsecops
* fix(actionlint): adjust indentation for self-hosted runner labels
* Merge branch 'main' into devsecops
* feat(security): enhance security workflow with CodeQL analysis steps
* Merge branch 'main' into devsecops
