mirrors/hermes-agent
1
0
Fork 0
mirror of https://github.com/NousResearch/hermes-agent.git synced 2026-05-08 03:01:47 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 7
hermes-agent/gateway/platforms
History
0xyg3n ef1e565570 fix(discord): scope DISCORD_ALLOWED_ROLES to originating guild (CVSS 8.1) 
The initial DISCORD_ALLOWED_ROLES implementation (#11608, merged from #9873)
scans every mutual guild when resolving a user's roles. This allows a
cross-guild DM bypass:

1. Bot is in both public server A and private server B.
2. User holds the allowed role in server A only.
3. User DMs the bot. The role check finds the role in A and authorizes the
   DM, granting access as if the user were trusted in server B.

Fix:
- DMs (no guild context) disable role-based auth by default. Opt-in via
  DISCORD_DM_ROLE_AUTH_GUILD=<guild_id> restricts role lookup to one
  explicitly-trusted guild.
- Guild messages check roles only in the originating guild
  (message.guild), never in other mutual guilds.
- Reject cached author.roles when the Member came from a different guild
  than the current message.

Backwards compatibility:
- DISCORD_ALLOWED_USERS behavior is unchanged (still works in both DMs
  and guild messages).
- Deployments that rely on roles in guild channels continue to work;
  role checks are now strictly scoped to that guild.
- Deployments that intentionally want role-based DM auth can opt into a
  single trusted guild via DISCORD_DM_ROLE_AUTH_GUILD.

Tests: 9 new regression guards in
tests/gateway/test_discord_roles_dm_scope.py covering the bypass path,
the opt-in path, cross-guild guild-message bypass, and backwards-compat
user-ID paths. 47/47 discord-auth tests pass.

Refs: #11608 (initial implementation), #7871 (feature request),
  #9873 (PR author credit @0xyg3n)
2026-05-07 05:51:56 -07:00
..
qqbot fix(qqbot): honor proxy env vars for websocket 2026-05-04 05:06:09 -07:00
__init__.py yuanbao platform (#16298) 2026-04-26 18:50:49 -07:00
_http_client_limits.py fix(gateway): tighten httpx keepalive and close whatsapp typing-response leak (#18451) 2026-05-02 02:23:37 -07:00
ADDING_A_PLATFORM.md feat: final platform plugin parity — webhook delivery, platform hints, docs 2026-04-29 21:56:51 -07:00
api_server.py docs: clarify API server tool execution locality 2026-05-07 05:30:37 -07:00
base.py feat(gateway): support [[as_document]] directive for skill media routing 2026-05-07 05:20:10 -07:00
bluebubbles.py fix(gateway): tighten httpx keepalive and close whatsapp typing-response leak (#18451) 2026-05-02 02:23:37 -07:00
dingtalk.py fix(gateway): tighten httpx keepalive and close whatsapp typing-response leak (#18451) 2026-05-02 02:23:37 -07:00
discord.py fix(discord): scope DISCORD_ALLOWED_ROLES to originating guild (CVSS 8.1) 2026-05-07 05:51:56 -07:00
email.py fix(email): drop non-allowlisted senders before dispatch to prevent mail loops 2026-05-04 12:35:22 -07:00
feishu.py fix(gateway): use monotonic deadlines in QR onboarding flows 2026-05-07 05:09:39 -07:00
feishu_comment.py chore: remove unused imports and dead locals (ruff F401, F841) (#17010) 2026-04-28 06:46:45 -07:00
feishu_comment_rules.py fix(feishu-comment): use get_hermes_home(); drop dead asyncio wrapper; AUTHOR_MAP 2026-04-17 19:04:11 -07:00
helpers.py fix(gateway): ensure deterministic thread eviction in helpers 2026-05-05 10:13:55 -07:00
homeassistant.py fix(gateway): correct ws scheme conversion for https urls 2026-05-03 03:54:03 -07:00
matrix.py fix(matrix): stop tagging the user on every reply (#16932) 2026-04-28 02:00:37 -07:00
mattermost.py feat(gateway): native send_multiple_images for Telegram, Discord, Slack, Mattermost, Email 2026-04-30 04:28:08 -07:00
signal.py fix(signal): skip reactions for unauthorized senders 2026-05-04 01:38:21 -07:00
signal_rate_limit.py feat(gateway/signal): add support for multiple images sending 2026-04-30 04:28:08 -07:00
slack.py fix(slack): close previous handler in connect() to prevent zombie Socket Mode connections 2026-05-03 03:47:49 -07:00
sms.py test(sms): use clear=True in test_missing_phone_number_is_non_retryable 2026-05-04 05:25:09 -07:00
telegram.py fix: route Telegram image documents through photo handling 2026-05-07 04:51:46 -07:00
telegram_network.py fix(gateway): keep DoH-confirmed Telegram IPs that match system DNS (#14520) 2026-05-05 04:42:59 -07:00
webhook.py feat: final platform plugin parity — webhook delivery, platform hints, docs 2026-04-29 21:56:51 -07:00
wecom.py fix(gateway): use monotonic deadlines in QR onboarding flows 2026-05-07 05:09:39 -07:00
wecom_callback.py fix(gateway): tighten httpx keepalive and close whatsapp typing-response leak (#18451) 2026-05-02 02:23:37 -07:00
wecom_crypto.py feat(gateway): add WeCom callback-mode adapter for self-built apps 2026-04-11 15:22:49 -07:00
weixin.py fix(weixin): replace all aiohttp ClientTimeout with asyncio.wait_for() 2026-05-07 05:10:04 -07:00
whatsapp.py fix: WhatsApp bridge process leak and disable config asymmetry 2026-05-07 05:38:08 -07:00
yuanbao.py fix(yuanbao): enforce owner identity check on group slash commands 2026-04-30 23:57:55 -07:00
yuanbao_media.py chore: remove unused imports and dead locals (ruff F401, F841) (#17010) 2026-04-28 06:46:45 -07:00
yuanbao_proto.py chore: remove unused imports and dead locals (ruff F401, F841) (#17010) 2026-04-28 06:46:45 -07:00
yuanbao_sticker.py yuanbao platform (#16298) 2026-04-26 18:50:49 -07:00