Merged
Conversation
打通 message_id 全链路:存储 → 暴露 → 发送。 - history.py: add_group/private_message 增加 message_id 可选参数 - handlers.py: 用户消息入历史时传入 trigger_message_id - sender.py: 调整为先发送再写历史,提取 bot message_id; 增加 reply_to 参数,在消息段开头插入 reply 段 - prompts.py: 历史消息 XML 标签增加 message_id 属性 - get_recent_messages/get_messages_by_time: XML 输出增加 message_id - send_message/send_private_message: 新增 reply_to 工具参数 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- 新增 libraries 参数:可选指定 pip 安装的第三方库列表,启用网络下载 - 新增 send_files 参数:代码执行成功后自动发送生成的文件给用户 - 图片文件通过 CQ 码内联发送,其他文件通过上传接口发送为附件 - 代码写入脚本文件执行,避免 shell 引号转义问题 - 库名正则校验防止 requirements.txt 注入(-r/-e/--index-url) - 有库时内存上限 512m、超时 10 分钟;无库时保持原有安全限制 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
…el configs - python_interpreter: separate pip install (with network) from code execution (network=none, read-only), add path traversal protection for send_files via _resolve_output_host_path - sender: extract _extract_message_id to handle nested data.message_id envelope from OneBot responses - model_selector: pass responses_tool_choice_compat and responses_force_stateless_replay through pool model selection - config_sync/toml_render: support array-of-tables (pool models) in template merge and comment augmentation - Add tests for python interpreter handler, sender, model pool flags, and config sync pool model merging Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
Handle Responses replies from gateways that return top-level output_text, preserve tool replay offsets after prefetch injection, and avoid racing temp cleanup with OneBot file reads while lowering container privileges. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
![devin-ai-integration[bot]](https://avatars.githubusercontent.com/in/811515?s=60&v=4){kind=small}
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
Use the current host uid/gid for Docker bind mounts so the mounted temp directory remains accessible without opening it to world-writable permissions. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Owner
Author
will be resolved in the next pr |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
功能概述
本 PR 新增消息引用回复、Python 解释器安全增强,并完整支持 OpenAI Responses API 传输层与配置系统改进。
主要变更
1. 消息引用回复 (reply_to)
send_message和send_private_message工具新增reply_to参数2. Python 解释器增强与安全加固
libraries参数安装第三方 Python 库(pip install)send_files参数发送容器内生成的文件(图片、数据文件等)send_files路径解析防止符号链接逃逸和目录穿越攻击3. OpenAI Responses API 完整支持
openai_transport.py实现 Responses API 传输层(流式/非流式)api_mode = "responses"配置切换传输协议responses_tool_choice_compat:兼容模式,将字符串 tool_choice 转为 Responses 格式responses_force_stateless_replay:强制无状态重放,tool call 后续轮次不依赖历史reasoning配置(o1/o3 系列推理模型)4. 配置系统改进
request_params自定义模型请求参数(temperature、top_p 等)responses_*兼容标志5. 其他优化
data.message_id字段(OneBot 响应格式)reply_to参数解析失败时静默忽略而非报错scripts/sync_config_template.py测试覆盖
破坏性变更
无。所有新功能默认关闭或向后兼容。
相关文档
docs/configuration.md:新增 Responses API 和 request_params 配置说明scripts/README.md:新增配置同步脚本文档AGENTS.md:更新 Agent 配置示例