feat(#756): add official Discord channel adapter
All checks were successful
ci/woodpecker/pr/ci Pipeline was successful
All checks were successful
ci/woodpecker/pr/ci Pipeline was successful
This commit is contained in:
27
docs/reports/code-review/756-code-review.md
Normal file
27
docs/reports/code-review/756-code-review.md
Normal file
@@ -0,0 +1,27 @@
|
||||
# Independent Code Review — #756 Official Discord Channel Plugin
|
||||
|
||||
**Verdict: APPROVE**
|
||||
|
||||
## Scope reviewed
|
||||
|
||||
Complete current uncommitted #756 delta: multi-binding trusted agent selection, privileged ingress-route validation, attachment validation/persistence/resume, egress route lifecycle and idempotency, concurrent gateway stream state, Discord lifecycle/thread/rate behavior, compatibility ingress, and tests.
|
||||
|
||||
## Review result
|
||||
|
||||
No blocking or change-request finding remains.
|
||||
|
||||
- **Trusted multi-agent routing:** each binding requires a provisioned `agentConfigId`; the gateway resolves that config server-side, verifies its logical-agent name, and never accepts a Discord-controlled agent selection or applies generic routing to Discord ingress.
|
||||
- **Auth and route integrity:** allowlist, pairing, role, and canonical logical-agent/channel-or-thread conversation-route validation occur before gateway processing. Privileged approval/stop paths use the same binding and route validation.
|
||||
- **Attachments:** ingress rejects malformed, over-bounded, credential-bearing, fragment-bearing, or query-bearing URLs. Valid attachment metadata, including `sizeBytes`, persists and is reconstructed into resume history as explicitly untrusted context.
|
||||
- **Discord reliability:** the adapter supports degraded Socket.IO reconnect, parent/thread routing semantics, bounded pre-side-effect ingress rates, and terminal response-route cleanup. Egress validates route/message alignment, sends deterministic nonces, distinguishes permanent from transient errors, and uses bounded retries.
|
||||
- **Concurrent state:** per-client/conversation keys isolate listener, redaction, tool, and stream state for simultaneous threads sharing a Discord socket; disconnect cleanup covers all associated conversations.
|
||||
- **Harness neutrality:** contracts retain logical-agent/channel data only; no harness/provider identity leaks into adapter routes or message boundaries.
|
||||
|
||||
## Verification performed
|
||||
|
||||
- `git diff --check` — passed.
|
||||
- `pnpm --filter @mosaicstack/discord-plugin typecheck` — passed.
|
||||
- `pnpm --filter @mosaicstack/discord-plugin lint` — passed.
|
||||
- `pnpm --filter @mosaicstack/discord-plugin test` — passed: 44 tests; coverage 92.18% statements/lines, 86.55% branches, 100% functions (all ≥85% threshold).
|
||||
- `pnpm --filter @mosaicstack/gateway typecheck` — passed.
|
||||
- `cd apps/gateway && pnpm exec vitest run src/plugin/discord-ingress.security.spec.ts src/chat/chat.gateway-redaction.spec.ts src/__tests__/integration/tess-cross-surface.integration.test.ts` — passed: 32 tests.
|
||||
36
docs/reports/documentation/756-discord-plugin-checklist.md
Normal file
36
docs/reports/documentation/756-discord-plugin-checklist.md
Normal file
@@ -0,0 +1,36 @@
|
||||
# Documentation Completion Checklist — #756 Official Discord plugin
|
||||
|
||||
## Required artifacts
|
||||
|
||||
- [x] `docs/PRD.md` includes the #756 workstream, assumptions, and acceptance criteria.
|
||||
- [x] User workflow updated in `docs/tess/USER-GUIDE.md`.
|
||||
- [x] Administrator configuration and authorization policy updated in `docs/guides/admin-guide.md`.
|
||||
- [x] Developer/plugin authoring guidance updated in `docs/tess/PLUGIN-GUIDE.md`.
|
||||
- [x] Channel architecture updated in `docs/architecture/channel-protocol.md`.
|
||||
- [x] Package operations/development guide added at `plugins/discord/README.md`.
|
||||
- [x] `docs/SITEMAP.md` links the official channel plugin documentation.
|
||||
|
||||
## API coverage
|
||||
|
||||
- [x] No HTTP or WebSocket endpoint was added, removed, or changed.
|
||||
- [x] No OpenAPI update is needed.
|
||||
- [x] Shared TypeScript contracts are documented in architecture and plugin-authoring guides.
|
||||
- [x] Discord authentication, authorization, thread failure, and control-command behavior are documented.
|
||||
|
||||
## Structural standards
|
||||
|
||||
- [x] Working notes remain under `docs/scratchpads/`.
|
||||
- [x] Review and checklist artifacts remain under `docs/reports/`.
|
||||
- [x] No generated publishing output was added.
|
||||
- [x] Existing repository documentation structure was preserved; no unrelated root cleanup was attempted.
|
||||
|
||||
## Review gate
|
||||
|
||||
- [x] Independent documentation/contract review passes (shared-contract review plus final code review of the current documentation delta).
|
||||
- [x] Independent code review verifies documentation matches implementation (`docs/reports/code-review/756-code-review.md`: APPROVE).
|
||||
- [x] Independent security review verifies documented controls (`docs/reports/security/756-security-review.md`: APPROVE).
|
||||
|
||||
## Publishing
|
||||
|
||||
- [x] Canonical source remains in-repository.
|
||||
- [x] No external publishing action is in scope for this slice.
|
||||
37
docs/reports/security/756-security-review.md
Normal file
37
docs/reports/security/756-security-review.md
Normal file
@@ -0,0 +1,37 @@
|
||||
# Security Review — Issue #756
|
||||
|
||||
**Scope:** final current uncommitted Discord plugin, shared channel contract, gateway ingress, AgentService, and plugin registration delta
|
||||
**Snapshot:** `plugins/discord/src/index.ts` SHA-256 `5ee6b6aa4e2ff349f137f76b918d02c1254e12066cb48b136048e57bef36fdb2`
|
||||
**Verdict:** **APPROVE**
|
||||
|
||||
## Final remediation verification
|
||||
|
||||
| Area | Current evidence | Result |
|
||||
|---|---|---|
|
||||
| Attachment confidentiality and integrity | Ingress accepts bounded attachment metadata only when URL is HTTPS, query-free, fragment-free, and credential-free. Count, aggregate size, field length, MIME, and finite non-negative size validation apply before dispatch; `sizeBytes` is signed and retained. | Pass |
|
||||
| Trusted agent selection | Each binding names a required trusted `agentConfigId`; gateway resolves that config server-side and requires its configured name to equal the binding logical-agent ID. Client/provider input cannot select the agent for Discord ingress. | Pass |
|
||||
| Privileged operation routing | Gateway revalidates the binding and requires the signed conversation identity to match the configured logical agent before approve/stop actions. Paired admin identity and one-time approval checks remain enforced. | Pass |
|
||||
| Egress containment and delivery | Egress requires an aligned message/route, configured parent or exact observed thread target, and cleans response routes after completion, errors, typed-ingress failure, or bounded-map pressure. | Pass |
|
||||
| Side-effect limits | Per guild/authorized-parent/user rolling message and thread limits execute before thread creation or dispatch. | Pass |
|
||||
|
||||
## Security controls reviewed
|
||||
|
||||
- Default-deny guild, parent-channel, user, configured pairing, and role checks precede rate consumption and all side effects.
|
||||
- Gateway independently enforces Discord service authentication, HMAC integrity, allowlists, binding/role checks, attachment validation, and replay-ID rejection.
|
||||
- Thread authorization uses only the Discord thread parent; category parents cannot authorize ingress.
|
||||
- Agent-visible attachment references are explicitly labeled untrusted; binary content is not embedded. Persisted attachment name/URL values are redacted.
|
||||
- Egress uses deterministic nonces, bounded transient retry, typed terminal errors, and does not send to forged targets.
|
||||
- No secrets or message content were added to plugin logs.
|
||||
|
||||
## Verification evidence
|
||||
|
||||
| Command | Result |
|
||||
|---|---|
|
||||
| `pnpm --filter @mosaicstack/discord-plugin test` | PASS — 44 tests; v8 coverage: 92.18% statements/lines, 86.55% branches, 100% functions |
|
||||
| `pnpm --filter @mosaicstack/discord-plugin typecheck` | PASS |
|
||||
| `pnpm --filter @mosaicstack/types typecheck` | PASS |
|
||||
| `pnpm --filter @mosaicstack/gateway typecheck` | PASS |
|
||||
| `pnpm --filter @mosaicstack/gateway exec vitest run src/plugin/discord-ingress.security.spec.ts src/agent/__tests__/agent-service-ownership.test.ts` | PASS — 29 tests |
|
||||
| `git diff --check` | PASS |
|
||||
|
||||
No unresolved critical, high, medium, or low security findings were identified in the reviewed final delta.
|
||||
Reference in New Issue
Block a user