Patch Changes
-
8223498: Start remote authentication when a credentialed Vercel deployment returns an
UNAUTHORIZEDprotection response. -
79df338: feat(eve): scaffold projects with bundler module resolution
eve initnow writes atsconfig.jsonusing"moduleResolution": "bundler"(and"module": "esnext"), which matches how eve compiles authored agents and extensions. Relative imports in your agent and extension source no longer need.jsextensions (e.g.import extension from "../extension"). -
173fa5d: Restore the
DISCORD_BOT_TOKENenvironment fallback for proactive Discord messages, typing indicators, and bot-authenticated requests whendiscordChannel()is configured without explicit credentials. -
89cd2d6: Eval assertion
countoptions now accept predicates, allowing ranges such as “at least two” while preserving exact numeric counts. -
fdf56ef: feat(eve): mounted extensions
Package eve capabilities — tools, connections, skills, instructions, hooks — as a reusable package and mount it under
agent/extensions/, as a file (crm.ts) or a directory with co-located override slots that shadow the extension's own contributions. Contributions compose into the agent under a<namespace>__prefix. Author withdefineExtensionfromeve/extension, taking an optional Standard-Schemaconfigread viaextension.config;defineStateis auto-scoped to the package.eve buildcompiles the package to runnable JavaScript with type declarations and fills itsexports, so a published extension installs and mounts with no second compiler.eveis a peer dependency whose declared range eve enforces at mount; an extension cannot declare a sandbox, agent config, schedules, or limits, or mount other extensions. -
89f13e0: Hardened frontmatter parsing and OpenAPI connection loading.
All frontmatter parsing now runs through a single safe-by-default helper with gray-matter's code-capable engines disabled, so a
---js/---javascriptfence throws instead of beingeval()d. Previously only authored markdown (skills, schedules, instructions) was hardened; the eval YAML loader and the OpenAPI spec loader used gray-matter's defaults and would execute such a fence. This closes that path for OpenAPI specs, which are fetched over the network. Parsing untrusted frontmatter as code is now opt-in only, and a direct import of the bundled gray-matter outside the wrapper fails CI.OpenAPI spec URLs and the resolved base URL are now required to use
https(plainhttpis still allowed for loopback hosts during local development), so neither the spec fetch nor the credentialed operation calls run over cleartext; the spec transport is also re-checked after redirects. -
aff35e2: Stop
eve devsource snapshots from copying nested Git repositories and worktrees, preventing duplicate checkouts from inflating each development snapshot. -
9087496: Prevent brokered credential values from being exposed to commands running in Microsandbox. Guest Git configuration continues to use broker-managed placeholders for authenticated requests.
-
72c58ae: Recover
eve dev <url>authentication when Vercel Deployment Protection returns an SSO redirect or a structured protected-deployment response. -
87688f9: Slack outbound messages now preserve literal bare
@tokens, including scoped package names, while explicit<@USER_ID>mention syntax continues to pass through unchanged. -
c1c4ee5: Preserve query parameters passed to
eve devand send them on every agent request, including session POSTs and streams.