fix(config): load discord.reply_to_mode from config.yaml#9837
Closed
Hypn0sis wants to merge 1 commit into
Closed
Conversation
b15f962 to
dfc2a7d
Compare
|
Orb Code Review (powered by GLM 5.1 on Orb Cloud) PR #9837 — fix(config): load discord.reply_to_mode from config.yamlWhat it doesAdds support for reading Observations✅ Config fix is clean
🚨 Security concern: deployment scripts expose private infrastructure The two new scripts contain hardcoded default values that expose private infrastructure:
These defaults leak a public IP address, username, and SSH key path for a specific contributor's VPS. While env var overrides exist, committing infrastructure details to a public repository is a security risk. Recommendation: Either:
Summary: The config fix for Assessment: request-changes (remove or sanitize the deployment scripts) |
1232178 to
501b2af
Compare
Contributor
Author
|
Fixed.
Il giorno mar 14 apr 2026 alle ore 23:40 nidhish ***@***.***>
ha scritto:
… *nidhishgajjar* left a comment (NousResearch/hermes-agent#9837)
<#9837 (comment)>
*Orb Code Review* (powered by GLM 5.1 on Orb Cloud <https://orbcloud.dev>)
PR #9837 <#9837> —
fix(config): load discord.reply_to_mode from config.yaml What it does
Adds support for reading discord.reply_to_mode from config.yaml and
exporting it to the DISCORD_REPLY_TO_MODE env var. Also includes two
deployment scripts.
Observations
*✅ Config fix is clean*
The reply_to_mode loading logic correctly handles:
- Top-level discord.reply_to_mode and nested
discord.extra.reply_to_mode
- YAML 1.1 quirk where bare off is parsed as boolean False → converted
to string "off"
- Env var precedence (doesn't overwrite existing DISCORD_REPLY_TO_MODE)
*🚨 Security concern: deployment scripts expose private infrastructure*
The two new scripts contain hardcoded default values that expose private
infrastructure:
- deploy-remote.sh line 24:
REMOTE_HOST="${DEPLOY_HOST:-87.106.215.151}"
- deploy-remote.sh line 23: REMOTE_USER="${DEPLOY_USER:-hypnosis}"
- deploy-remote.sh line 25:
REMOTE_SSH_KEY="${DEPLOY_SSH_KEY:-$HOME/.ssh/hypnoclaw-id_rsa}"
- sync-upstream-and-deploy.sh references the same VPS
These defaults leak a public IP address, username, and SSH key path for a
specific contributor's VPS. While env var overrides exist, committing
infrastructure details to a public repository is a security risk.
*Recommendation:* Either:
1. Remove the deployment scripts from this PR (they're unrelated to
the config fix)
2. Remove the hardcoded defaults and require env vars to be set
explicitly (fail if unset)
*Summary:* The config fix for discord.reply_to_mode is correct and
well-handled. However, the included deployment scripts expose private
infrastructure details (IP address, username, SSH key path) that should not
be committed to a public repository.
*Assessment: request-changes* (remove or sanitize the deployment scripts)
—
Reply to this email directly, view it on GitHub
<#9837 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AS6IHC3ADPK7SRHUSW3ODQ34V2V3ZAVCNFSM6AAAAACXZIV2F2VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHM2DENBXGM2DENZXGY>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
|
9fa6f85 to
6fd01f4
Compare
Contributor
Author
|
The 3 failing tests are upstream regressions unrelated to this PR. This PR only touches Failures:
None of these files are touched by this PR. |
6fd01f4 to
0267ae0
Compare
Contributor
Author
|
Note: CI may show 2 unrelated upstream test failures:
Neither touches |
4 tasks
Contributor
Author
851a177 to
4e880c8
Compare
…_REPLY_TO_MODE discord.reply_to_mode (and discord.extra.reply_to_mode) in config.yaml was silently ignored — the gateway only honoured the DISCORD_REPLY_TO_MODE env var, leaving the YAML setting with no effect. Apply the same env-var bridge already used for require_mention, auto_thread, free_response_channels, etc. Also handles YAML 1.1 bare 'off' (parsed as boolean False) correctly. Top-level discord.reply_to_mode takes precedence over discord.extra.reply_to_mode; a pre-existing DISCORD_REPLY_TO_MODE env var is never overwritten.
4e880c8 to
eb03ac7
Compare
Contributor
Author
teknium1
pushed a commit
that referenced
this pull request
May 5, 2026
…egram The YAML-to-env-var bridge in load_gateway_config() mapped every Discord and Telegram config key (require_mention, auto_thread, reactions, etc.) except reply_to_mode. Users setting discord.reply_to_mode or telegram.reply_to_mode in ~/.hermes/config.yaml got no effect — the adapter only read the env var, which nothing populated from YAML. Add the missing bridge for both platforms, following the existing pattern. Top-level <platform>.reply_to_mode preferred, falls back to <platform>.extra.reply_to_mode, env var never overwritten. Handles YAML 1.1 bare `off` → Python False coercion. This is a re-submission of the work from #9837 and #13930, which both implemented the same fix but neither landed (see co-authors below). Co-authored-by: Matteo De Agazio <hypnosis.mda@gmail.com> Co-authored-by: ishardo <239075732+ishardo@users.noreply.github.com>
teknium1
pushed a commit
that referenced
this pull request
May 5, 2026
…egram The YAML-to-env-var bridge in load_gateway_config() mapped every Discord and Telegram config key (require_mention, auto_thread, reactions, etc.) except reply_to_mode. Users setting discord.reply_to_mode or telegram.reply_to_mode in ~/.hermes/config.yaml got no effect — the adapter only read the env var, which nothing populated from YAML. Add the missing bridge for both platforms, following the existing pattern. Top-level <platform>.reply_to_mode preferred, falls back to <platform>.extra.reply_to_mode, env var never overwritten. Handles YAML 1.1 bare `off` → Python False coercion. This is a re-submission of the work from #9837 and #13930, which both implemented the same fix but neither landed (see co-authors below). Co-authored-by: Matteo De Agazio <hypnosis.mda@gmail.com> Co-authored-by: ishardo <239075732+ishardo@users.noreply.github.com>
teknium1
pushed a commit
that referenced
this pull request
May 5, 2026
…egram The YAML-to-env-var bridge in load_gateway_config() mapped every Discord and Telegram config key (require_mention, auto_thread, reactions, etc.) except reply_to_mode. Users setting discord.reply_to_mode or telegram.reply_to_mode in ~/.hermes/config.yaml got no effect — the adapter only read the env var, which nothing populated from YAML. Add the missing bridge for both platforms, following the existing pattern. Top-level <platform>.reply_to_mode preferred, falls back to <platform>.extra.reply_to_mode, env var never overwritten. Handles YAML 1.1 bare `off` → Python False coercion. This is a re-submission of the work from #9837 and #13930, which both implemented the same fix but neither landed (see co-authors below). Co-authored-by: Matteo De Agazio <hypnosis.mda@gmail.com> Co-authored-by: ishardo <239075732+ishardo@users.noreply.github.com>
nickdlkk
pushed a commit
to nickdlkk/hermes-agent
that referenced
this pull request
May 11, 2026
…egram The YAML-to-env-var bridge in load_gateway_config() mapped every Discord and Telegram config key (require_mention, auto_thread, reactions, etc.) except reply_to_mode. Users setting discord.reply_to_mode or telegram.reply_to_mode in ~/.hermes/config.yaml got no effect — the adapter only read the env var, which nothing populated from YAML. Add the missing bridge for both platforms, following the existing pattern. Top-level <platform>.reply_to_mode preferred, falls back to <platform>.extra.reply_to_mode, env var never overwritten. Handles YAML 1.1 bare `off` → Python False coercion. This is a re-submission of the work from NousResearch#9837 and NousResearch#13930, which both implemented the same fix but neither landed (see co-authors below). Co-authored-by: Matteo De Agazio <hypnosis.mda@gmail.com> Co-authored-by: ishardo <239075732+ishardo@users.noreply.github.com>
rmulligan
pushed a commit
to rmulligan/hermes-agent
that referenced
this pull request
May 11, 2026
…egram The YAML-to-env-var bridge in load_gateway_config() mapped every Discord and Telegram config key (require_mention, auto_thread, reactions, etc.) except reply_to_mode. Users setting discord.reply_to_mode or telegram.reply_to_mode in ~/.hermes/config.yaml got no effect — the adapter only read the env var, which nothing populated from YAML. Add the missing bridge for both platforms, following the existing pattern. Top-level <platform>.reply_to_mode preferred, falls back to <platform>.extra.reply_to_mode, env var never overwritten. Handles YAML 1.1 bare `off` → Python False coercion. This is a re-submission of the work from NousResearch#9837 and NousResearch#13930, which both implemented the same fix but neither landed (see co-authors below). Co-authored-by: Matteo De Agazio <hypnosis.mda@gmail.com> Co-authored-by: ishardo <239075732+ishardo@users.noreply.github.com>
JinyuID
pushed a commit
to JinyuID/hermes-agent
that referenced
this pull request
May 11, 2026
…egram The YAML-to-env-var bridge in load_gateway_config() mapped every Discord and Telegram config key (require_mention, auto_thread, reactions, etc.) except reply_to_mode. Users setting discord.reply_to_mode or telegram.reply_to_mode in ~/.hermes/config.yaml got no effect — the adapter only read the env var, which nothing populated from YAML. Add the missing bridge for both platforms, following the existing pattern. Top-level <platform>.reply_to_mode preferred, falls back to <platform>.extra.reply_to_mode, env var never overwritten. Handles YAML 1.1 bare `off` → Python False coercion. This is a re-submission of the work from NousResearch#9837 and NousResearch#13930, which both implemented the same fix but neither landed (see co-authors below). Co-authored-by: Matteo De Agazio <hypnosis.mda@gmail.com> Co-authored-by: ishardo <239075732+ishardo@users.noreply.github.com>
02356abc
pushed a commit
to 02356abc/hermes-agent
that referenced
this pull request
May 14, 2026
…egram The YAML-to-env-var bridge in load_gateway_config() mapped every Discord and Telegram config key (require_mention, auto_thread, reactions, etc.) except reply_to_mode. Users setting discord.reply_to_mode or telegram.reply_to_mode in ~/.hermes/config.yaml got no effect — the adapter only read the env var, which nothing populated from YAML. Add the missing bridge for both platforms, following the existing pattern. Top-level <platform>.reply_to_mode preferred, falls back to <platform>.extra.reply_to_mode, env var never overwritten. Handles YAML 1.1 bare `off` → Python False coercion. This is a re-submission of the work from NousResearch#9837 and NousResearch#13930, which both implemented the same fix but neither landed (see co-authors below). Co-authored-by: Matteo De Agazio <hypnosis.mda@gmail.com> Co-authored-by: ishardo <239075732+ishardo@users.noreply.github.com>
jsboige
pushed a commit
to jsboige/hermes-agent
that referenced
this pull request
May 14, 2026
…egram The YAML-to-env-var bridge in load_gateway_config() mapped every Discord and Telegram config key (require_mention, auto_thread, reactions, etc.) except reply_to_mode. Users setting discord.reply_to_mode or telegram.reply_to_mode in ~/.hermes/config.yaml got no effect — the adapter only read the env var, which nothing populated from YAML. Add the missing bridge for both platforms, following the existing pattern. Top-level <platform>.reply_to_mode preferred, falls back to <platform>.extra.reply_to_mode, env var never overwritten. Handles YAML 1.1 bare `off` → Python False coercion. This is a re-submission of the work from NousResearch#9837 and NousResearch#13930, which both implemented the same fix but neither landed (see co-authors below). Co-authored-by: Matteo De Agazio <hypnosis.mda@gmail.com> Co-authored-by: ishardo <239075732+ishardo@users.noreply.github.com>
gweeteve
pushed a commit
to gweeteve/hermes-agent
that referenced
this pull request
Jun 2, 2026
…egram The YAML-to-env-var bridge in load_gateway_config() mapped every Discord and Telegram config key (require_mention, auto_thread, reactions, etc.) except reply_to_mode. Users setting discord.reply_to_mode or telegram.reply_to_mode in ~/.hermes/config.yaml got no effect — the adapter only read the env var, which nothing populated from YAML. Add the missing bridge for both platforms, following the existing pattern. Top-level <platform>.reply_to_mode preferred, falls back to <platform>.extra.reply_to_mode, env var never overwritten. Handles YAML 1.1 bare `off` → Python False coercion. This is a re-submission of the work from NousResearch#9837 and NousResearch#13930, which both implemented the same fix but neither landed (see co-authors below). Co-authored-by: Matteo De Agazio <hypnosis.mda@gmail.com> Co-authored-by: ishardo <239075732+ishardo@users.noreply.github.com>
Egavasyug
pushed a commit
to Egavasyug/hermes-agent
that referenced
this pull request
Jun 10, 2026
…egram The YAML-to-env-var bridge in load_gateway_config() mapped every Discord and Telegram config key (require_mention, auto_thread, reactions, etc.) except reply_to_mode. Users setting discord.reply_to_mode or telegram.reply_to_mode in ~/.hermes/config.yaml got no effect — the adapter only read the env var, which nothing populated from YAML. Add the missing bridge for both platforms, following the existing pattern. Top-level <platform>.reply_to_mode preferred, falls back to <platform>.extra.reply_to_mode, env var never overwritten. Handles YAML 1.1 bare `off` → Python False coercion. This is a re-submission of the work from NousResearch#9837 and NousResearch#13930, which both implemented the same fix but neither landed (see co-authors below). Co-authored-by: Matteo De Agazio <hypnosis.mda@gmail.com> Co-authored-by: ishardo <239075732+ishardo@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
discord.reply_to_mode(anddiscord.extra.reply_to_mode) set inconfig.yamlwas silently ignored. The gateway only honoured theDISCORD_REPLY_TO_MODEenvironment variable, so users who configured the value via YAML got no effect and the adapter always fell back to the default (first).The same YAML-to-env-var bridge already exists for
require_mention,auto_thread,free_response_channels,reactions,ignored_channels,allowed_channels, andno_thread_channels—reply_to_modewas the only Discord config key missing it.Fix
gateway/config.py— addreply_to_modeto the Discord YAML env-var bridge block (lines ~583-614), following the existing pattern. Two lookup paths are supported for backwards compatibility:discord.reply_to_mode(preferred, top-level)discord.extra.reply_to_mode(legacy, for configs that placed it underextra:)Top-level takes precedence. An existing
DISCORD_REPLY_TO_MODEenv var is never overwritten.YAML 1.1 edge case handled: bare
offin YAML is parsed as booleanFalseby PyYAML. The fix detectsFalseand normalises it to the string"off"before setting the env var.Tests
5 new tests added to
tests/gateway/test_discord_reply_mode.py(TestYamlConfigLoading):test_top_level_reply_to_mode_off— bareoff(YAML boolean False) →"off"test_top_level_reply_to_mode_all— stringall→"all"test_extra_reply_to_mode_off— quoted"off"underextra:→"off"test_env_var_takes_precedence_over_yaml— pre-existing env var not overwrittentest_top_level_takes_precedence_over_extra— top-level wins overextra:All 33 tests in the file pass.