@tractorscorch/clank 1.3.1 → 1.4.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +43 -0
- package/dist/index.js +619 -226
- package/dist/index.js.map +1 -1
- package/dist/web/index.html +17 -0
- package/package.json +1 -1
package/CHANGELOG.md
CHANGED
|
@@ -6,6 +6,49 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/).
|
|
|
6
6
|
|
|
7
7
|
---
|
|
8
8
|
|
|
9
|
+
## [1.4.1] — 2026-03-23
|
|
10
|
+
|
|
11
|
+
### Security
|
|
12
|
+
- **Config get redaction** — `config get` action now redacts sensitive keys (apiKey, token, botToken) before returning to LLM context
|
|
13
|
+
- **Config set protection** — config tool now blocks prototype pollution (`__proto__`, `constructor`, `prototype`)
|
|
14
|
+
- **Rate limit streaming path** — `handleInboundMessageStreaming` now enforced (was bypassing rate limiter)
|
|
15
|
+
- **SSRF private IPs** — web_fetch now blocks RFC 1918 ranges (10.x, 192.168.x, 172.16-31.x) and IPv4-mapped IPv6
|
|
16
|
+
- **STT workspace containment** — speech_to_text tool now uses guardPath() to prevent reading files outside workspace
|
|
17
|
+
|
|
18
|
+
### Audit Result
|
|
19
|
+
- 0 dependency vulnerabilities
|
|
20
|
+
- 14 PASS, 1 WARN (bash blocklist is defense-in-depth), 0 FAIL
|
|
21
|
+
- Grade: A
|
|
22
|
+
|
|
23
|
+
---
|
|
24
|
+
|
|
25
|
+
## [1.4.0] — 2026-03-23
|
|
26
|
+
|
|
27
|
+
### Added
|
|
28
|
+
- **Telegram streaming** — responses edit in real-time as tokens arrive (800ms interval, respects rate limits)
|
|
29
|
+
- **Telegram image handling** — send photos to the bot, routed to agent with image URL
|
|
30
|
+
- **Telegram document handling** — send files to the bot, saved to temp with sanitized filenames, agent can read them
|
|
31
|
+
- **File share tool** — `share_file` lets the agent send workspace files through channels (workspace containment enforced)
|
|
32
|
+
- **Per-agent voice** — each agent can have its own ElevenLabs voice ID in config
|
|
33
|
+
- **Compact prompt mode** — `compactPrompt: true` strips workspace files for small model context optimization
|
|
34
|
+
- **Thinking control** — `thinking: "off"` suppresses extended reasoning for faster responses
|
|
35
|
+
- **Auto-memory persistence** — "remember X", preference statements, and corrections auto-saved to MEMORY.md
|
|
36
|
+
- **Web UI session history** — loads last 50 messages on connect and session switch
|
|
37
|
+
- **Rate limiting** — 20 messages per minute per session, prevents model flooding
|
|
38
|
+
|
|
39
|
+
### Improved
|
|
40
|
+
- **Model retry** — one retry with 2s backoff on transient connection failures
|
|
41
|
+
- **Session resume compaction** — auto-compacts on load if over context budget
|
|
42
|
+
- **Memory persistence instruction** — system prompt now encourages the agent to save learnings
|
|
43
|
+
|
|
44
|
+
### Security
|
|
45
|
+
- Telegram document uploads: filename sanitized (path traversal protection), 10MB size limit
|
|
46
|
+
- File share tool: workspace containment via guardPath
|
|
47
|
+
- Rate limiting prevents denial-of-service via message flooding
|
|
48
|
+
- Per-agent voice IDs read from config only (not from user input)
|
|
49
|
+
|
|
50
|
+
---
|
|
51
|
+
|
|
9
52
|
## [1.3.1] — 2026-03-23
|
|
10
53
|
|
|
11
54
|
### Fixed
|