Skip to content

fix(tui): port upstream #22345 — strip inbound metadata blocks from user messages#322

Merged
jiulingyun merged 2 commits intomainfrom
copilot/port-upstream-commit-fix-another-one
Mar 1, 2026
Merged

fix(tui): port upstream #22345 — strip inbound metadata blocks from user messages#322
jiulingyun merged 2 commits intomainfrom
copilot/port-upstream-commit-fix-another-one

Conversation

Copy link
Copy Markdown

Copilot AI commented Feb 22, 2026
edited
Loading

AI-facing metadata blocks injected by buildInboundUserContextPrefix (conversation info, sender, reply context, etc.) were leaking into user-visible chat history in the TUI and gateway message pipeline.

Changes

  • New: src/auto-reply/reply/strip-inbound-meta.ts — canonical stripInboundMetadata / stripLeadingInboundMetadata implementation; line-by-line parser that handles consecutive blocks, blank separators, and the trailing Untrusted context suffix; fast-path short-circuits on no sentinel match (zero alloc)

  • src/gateway/chat-sanitize.ts — imports and applies stripInboundMetadata in stripEnvelopeFromContent and both string-content/text branches of stripEnvelopeFromMessage

  • src/tui/tui-formatters.ts — applies stripInboundMetadata in extractTextFromMessage for user-role messages before returning display text

  • src/gateway/chat-sanitize.test.ts — adds three regression cases: single block prefix, multiple chained blocks, and mid-text block (not just prefix position)

// Before: metadata blocks surfaced verbatim in TUI history
extractTextFromMessage({ role: "user", content: 'Sender (untrusted metadata):\n```json\n{"name":"alice"}\n```\n\nHello' })
// → 'Sender (untrusted metadata):\n```json\n{"name":"alice"}\n```\n\nHello'

// After
// → 'Hello'
Original prompt

This section details on the original issue you should resolve

<issue_title>upstream(tui): 移植 1 个冲突 commit (P1) — v2026.2.19→v2026.2.21</issue_title>
<issue_description>## 任务

将以下 1 个上游 commit 的修改语义化应用到本 fork。这些 commit 无法直接 cherry-pick(存在冲突),需要理解修改意图后手动应用等效变更。

上游版本范围

  • 来源: openclaw/openclaw v2026.2.19 → v2026.2.21
  • 模块: tui
  • 优先级: P1

需要移植的 commit

Commit 1: 35be87b09b0c (P1)

描述: fix(tui): strip inbound metadata blocks from user messages (clean rewrite) (openclaw#22345)
涉及文件: CHANGELOG.md,src/discord/send.components.test.ts,src/gateway/chat-sanitize.test.ts,src/gateway/chat-sanitize.ts,src/gateway/server.chat.gateway-server-chat-b.e2e.test.ts,src/media-understanding/runner.auto-audio.test.ts,src/media-understanding/runner.deepgram.test.ts,src/memory/manager.async-search.test.ts,src/shared/chat-envelope.ts,src/tui/tui-formatters.ts

查看上游 diff 
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 4c54ca26f..d71b4798b 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -33,7 +33,8 @@ Docs: https://docs.openclaw.ai
 - Security/OpenClawKit/UI: strip inbound metadata blocks from user messages in TUI rendering while preserving user-authored content. (#22345) Thanks @kansodata, @vincentkoc.
 - Security/OpenClawKit/UI: prevent inbound metadata leaks and reply-tag streaming artifacts in TUI rendering by stripping untrusted metadata prefixes at display boundaries. (#22346) Thanks @akramcodez, @vincentkoc.
 - Agents/System Prompt: label allowlisted senders as authorized senders to avoid implying ownership. Thanks @thewilloftheshadow.
-- Agents/Tool display: fix exec cwd suffix inference so `pushd ... && popd ... && <command>` does not keep stale `(in <dir>)` context in summaries. (#21925) thanks @Lukavyi.
+- Agents/Tool display: fix exec cwd suffix inference so `pushd ... && popd ... && <command>` does not keep stale `(in <dir>)` context in summaries. (#21925) Thanks @Lukavyi.
+- Discord: restore model picker back navigation when a provider is missing and document the Discord picker flow. (#21458) Thanks @pejmanjohn and @thewilloftheshadow.
 - Gateway/Auth: allow trusted-proxy mode with loopback bind for same-host reverse-proxy deployments, while still requiring configured `gateway.trustedProxies`. (#20097) thanks @xinhuagu.
 - Gateway/Auth: allow authenticated clients across roles/scopes to call `health` while preserving role and scope enforcement for non-health methods. (#19699) thanks @Nachx639.
 - Gateway/Security: remove shared-IP fallback for canvas endpoints and require token or session capability for canvas access. Thanks @thewilloftheshadow.
@@ -59,7 +60,6 @@ Docs: https://docs.openclaw.ai
 - WhatsApp/Cron/Heartbeat: enforce allowlisted routing for implicit scheduled/system delivery by merging pairing-store + configured `allowFrom` recipients, selecting authorized recipients when last-route context points to a non-allowlisted chat, and preventing heartbeat fan-out to recent unauthorized chats.
 - Heartbeat/Active hours: constrain active-hours `24` sentinel parsing to `24:00` in time validation so invalid values like `24:30` are rejected early. (#21410) thanks @adhitShet.
 - Heartbeat: treat `activeHours` windows with identical `start`/`end` times as zero-width (always outside the window) instead of always-active. (#21408) thanks @adhitShet.
-- Discord: restore model picker back navigation when a provider is missing and document the Discord picker flow. (#21458) Thanks @pejmanjohn and @thewilloftheshadow.
 - Gateway/Pairing: tolerate legacy paired devices missing `roles`/`scopes` metadata in websocket upgrade checks and backfill metadata on reconnect. (#21447, fixes jiulingyun/openclaw-cn#21236) Thanks @joshavant.
 - Gateway/Pairing/CLI: align read-scope compatibility in pairing/device-token checks and add local `openclaw devices` fallback recovery for loopback `pairing required` deadlocks, with explicit fallback notice to unblock approval bootstrap flows. (#21616) Thanks @shakkernerd.
 - CLI/Pairing: default `pairing list` and `pairing approve` to the sole available pairing channel when omitted, so TUI-only setups can recover from `pairing required` without guessing channel arguments. (#21527) Thanks @losts1.
diff --git a/src/discord/send.components.test.ts b/src/discord/send.components.test.ts
index 2dd89d76e..41a05acbb 100644
--- a/src/discord/send.components.test.ts
+++ b/src/discord/send.components.test.ts
@@ -25,7 +25,7 @@ describe("sendDiscordComponentMessage", () => {
     vi.clearAllMocks();
   });
 
-  it("registers component entries for DM channel targets", async () => {
+  it("keeps direct-channel DM session keys on component entries", async () => {
     const { rest, postMock, getMock } = makeDiscordRest();
     getMock.mockResolvedValueOnce({
       type: ChannelType.DM,
@@ -48,6 +48,6 @@ describe("sendDiscordComponentMessage", () => {
 
     expect(registerMock).toHaveBeenCalledTimes(1);
     const args = registerMock.mock.cal...

</details>



<!-- START COPILOT CODING AGENT SUFFIX -->

- Fixes jiulingyun/openclaw-cn#320

<!-- START COPILOT CODING AGENT TIPS -->
---

💬 We'd love your input! Share your thoughts on Copilot coding agent in our [2 minute survey](https://gh.io/copilot-coding-agent-survey).

Copilot AI changed the title [WIP] Port upstream commit to fork for tui module fix(tui): port upstream #22345 — strip inbound metadata blocks from user messages Feb 22, 2026
Copilot AI requested a review from jiulingyun February 22, 2026 09:25
@jiulingyun jiulingyun marked this pull request as ready for review March 1, 2026 11:27
@jiulingyun jiulingyun merged commit ed8f373 into main Mar 1, 2026
@jiulingyun jiulingyun mentioned this pull request Mar 1, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jiulingyun jiulingyun Awaiting requested review from jiulingyun

Assignees

@jiulingyun jiulingyun

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jiulingyun