diff --git a/scripts/release.py b/scripts/release.py
index 9fae3f5b696..0e2c285049b 100755
--- a/scripts/release.py
+++ b/scripts/release.py
@@ -179,6 +179,7 @@ AUTHOR_MAP = {
     "rino.alpin@gmail.com": "kunci115",  # PR #27098 salvage (thread-not-found retry)
     "237601532+chromalinx@users.noreply.github.com": "chromalinx",  # PR #27014 salvage (commands for groups+DM)
     "booker1207@gmail.com": "booker1207",  # PR #25132 salvage (gate profile bots by allowed topics)
+    "kiranvk2011@gmail.com": "kiranvk-2011",  # PR #24815 salvage (image documents → vision)
     "282919977+eliteworkstation94-ai@users.noreply.github.com": "eliteworkstation94-ai",  # PR #28157 salvage (group reply session splits)
     "androidhtml@yandex.com": "hllqkb",
     "25840394+Bongulielmi@users.noreply.github.com": "Bongulielmi",
diff --git a/tests/gateway/test_telegram_documents.py b/tests/gateway/test_telegram_documents.py
index 136856afb8f..8b2e1943cc2 100644
--- a/tests/gateway/test_telegram_documents.py
+++ b/tests/gateway/test_telegram_documents.py
@@ -134,6 +134,11 @@ def adapter():
     a = TelegramAdapter(config)
     # Capture events instead of processing them
     a.handle_message = AsyncMock()
+    # After PR #28494 made the empty-allowlist callback auth fail-closed
+    # (and #28492 wired _is_callback_user_authorized into _should_process_message),
+    # document-routing tests need to bypass the new gate so messages from fake
+    # senders reach handle_message.
+    a._is_callback_user_authorized = lambda user_id, **_kw: True
     return a