feat(discord): smart auto-thread mode with race-fix and proper defaults#1035
Open
Hypn0sis wants to merge 12 commits intoRightNow-AI:mainfrom
Open
feat(discord): smart auto-thread mode with race-fix and proper defaults#1035Hypn0sis wants to merge 12 commits intoRightNow-AI:mainfrom
Hypn0sis wants to merge 12 commits intoRightNow-AI:mainfrom
Conversation
MESSAGE_UPDATE from Discord (embed resolution) arrives ~100-500ms after MESSAGE_CREATE. The previous dedup only inserted into threaded_message_ids *after* adapter.create_thread() completed (async HTTP, ~500ms-2s), so MESSAGE_UPDATE could slip through before the guard was set, producing a second free-channel response alongside the thread response. Fix: insert the message_id into threaded_message_ids immediately when MESSAGE_CREATE is forwarded to the stream — before the bridge even picks it up. This closes the race window entirely. Also move auto-thread creation in bridge.rs to after all policy guards (rate-limit, RBAC) so threads are never created for rejected messages, and propagate existing thread_id unconditionally so replies inside a bot-created thread are always routed back into that thread.
…read name
- default auto_thread was "true" so every group message got threaded
even without @mention; change default to "false" (opt-in)
- thread name was "Thread for {sender}" which is meaningless; now
derives from message content (strips <@mention> prefix, truncates
to Discord 100-char limit, falls back to sender name if empty)
wasmtime 41.0.4 had 10 CVEs (RUSTSEC-2026-0085..0096) including two critical sandbox-escape vulnerabilities. Upgraded to 43.0.1 which fixes all of them. rumqttc 0.24 pulled in rustls-webpki 0.102.8 (RUSTSEC-2026-0049, faulty CRL matching). rumqttc 0.25 resolves the transitive dependency. copy and func_wrap closures must return wasmtime::Result<T>.
… CVE rumqttc 0.25 still pins rustls-webpki 0.102.8 (RUSTSEC-2026-0049) via its default use-rustls feature. The MQTT adapter does not actually use TLS (the use_tls branch is a no-op stub), so switch to use-native-tls with default-features = false to eliminate the vulnerable transitive dependency entirely.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds a
smartauto-thread mode for the Discord adapter and fixes two bugs introduced during its development.Changes
New feature:
auto_thread = "smart"Adds a new mode alongside the existing
true/falseoptions. When set tosmart, the bot creates a Discord thread only when it is @mentioned — not for every message in a server channel.Bug fix: default changed from
"true"to"false"The previous default caused the bot to auto-thread every group message even without being mentioned. The default is now
"false"(opt-in).Bug fix: thread name derived from message content
Thread names were
"Thread for {sender}"which is meaningless. Now the thread name is the first ~100 chars of the message text (Discord's limit), with<@mention>prefixes stripped.Bug fix: eliminate race-window duplicate responses when @tagged
Discord sends
MESSAGE_UPDATE(embed resolution) ~100–500 ms afterMESSAGE_CREATE. The dedup guard only inserted the message-id intothreaded_message_idsaftercreate_thread()completed (async HTTP, up to ~2 s), soMESSAGE_UPDATEcould slip through and produce a second free-channel response alongside the thread reply.Fix: mark the message-id as seen immediately when
MESSAGE_CREATEis forwarded to the stream — before the bridge picks it up.Refactor: auto-thread creation moved after policy guards
Thread is now created only after DM/group policy, RBAC, and rate-limit checks all pass — prevents creating empty/orphan threads for rejected messages.