Fix Telegram send failures for oversized messages (#244)

[jmahotiedu]

Description

• Fix Telegram send failures for oversized outputs by splitting outbound content into ordered chunks.
• Preserve placeholder behavior by editing the first chunk and sending remaining chunks sequentially.
• Keep Telegram HTML parse mode with per-chunk plain-text fallback when HTML parsing fails.
• Refactor Telegram split logic to use shared pkg/utils/SplitMessage (aligned with Refactor/base layer message split #436) instead of duplicated local splitting code.
• Add shared message-splitting utility and tests in pkg/utils/message.go and pkg/utils/message_test.go.
• Document and include tool-security hardening changes currently in this branch:
  • Added pkg/tools/network_guard.go to validate web fetch targets and enforce non-private egress rules.
  • Updated pkg/tools/web.go to apply network guard checks on initial and redirect targets.
  • Strengthened filesystem boundary checks in pkg/tools/filesystem.go and tests.
  • Added shell timeout/process-tree cleanup helpers in pkg/tools/shell_process_unix.go and pkg/tools/shell_process_windows.go, plus related shell tests.
  • Updated pkg/tools/README.md and root README.md with security/tooling notes.

Type of Change

• Bug fix (non-breaking change which fixes an issue)
• Documentation update
• Code refactoring (no functional changes, no api changes)

AI Code Generation

• Mostly AI-generated (AI draft, Human verified/modified)

Linked Issue

• Closes Telegram: message too long error on send #244

Technical Context

• Reference: Refactor/base layer message split #436 (shared message split utility extraction to pkg/utils).
• Reasoning: fix Telegram 4096-char failures while consolidating split behavior in a shared utility and documenting all branch-included security/tool helper additions.

Test Environment & Hardware

• Hardware: PC
• OS: Windows 11
• Model/Provider: N/A
• Channels: Telegram

Proof of Work (Optional)

Click to view verification commands

• go test ./pkg/channels ./pkg/utils
• go test ./pkg/tools

Checklist

• My code/docs follow the style of this project.
• I have performed a self-review of my own changes.
• I have updated the documentation accordingly.

[Leeaandrob]

@Zepan Fixes Telegram send failures for oversized messages (#244). At +871 lines, this is larger than expected for a message splitting fix — worth reviewing the scope.

Recommendation: Review carefully. The issue is real (Telegram has a 4096 char limit), but #143 (already merged) addressed Discord splitting. Check if this PR overlaps with the existing implementation or adds Telegram-specific handling.

[Leeaandrob]

@jmahotiedu take look into the conflict.

[jmahotiedu]

@Leeaandrob I resolved the merge conflicts and pushed an update in 02291c7 (Merge origin/main into fix/telegram-message-length-244).

Resolved files:

telegram.go
filesystem.go
filesystem_test.go
I preserved the Telegram chunking/placeholder-edit fix and merged in the latest upstream changes for the tool-security files.
Verification run:

go test ./pkg/channels -run 'Telegram|Base'
go test ./pkg/channels
go test ./pkg/tools
Could you please re-check when you have a chance?

[jmahotiedu]

Quick update on #251:

• merge conflict feedback was addressed in

[huaaudio]

Hi @jmahotiedu, thanks for the PR!
I'm moving the function from #143 to pkg/utils as a shared utility, so it's available to all channel implementations (see #436).
Could you please update telegram.go to call that function instead of duplicating the code? This will help maintain consistency across the codebase.
Thanks!

[jmahotiedu]

Hi @mymmrac, thanks for the review.

Updated telegram.go to use the shared utility in pkg/utils (from #436) instead of duplicating the split logic. I removed the local duplicated helpers and kept only Telegram-specific HTML-length enforcement around the shared function.

Verified with:
go test ./pkg/channels ./pkg/utils

[huaaudio]

Updated telegram.go to use the shared utility in pkg/utils (from #436) instead of duplicating the split logic. I removed the local duplicated helpers and kept only Telegram-specific HTML-length enforcement around the shared function.

Hi @jmahotiedu, I don't see the updated commit, can you check if it's been pushed? Also, I noticed the new network_guard.go util, as well as the scripts and helper functions in pkg/tools. Could you update the PR description to document those per the template? Thanks!

[jmahotiedu]

Hi @huaaudio, thanks for the catch. You were right, the update hadn’t been pushed yet.

I’ve now pushed commit a6c051e to fix/telegram-message-length-244 (telegram now uses the shared pkg/utils splitter from #436). I also updated the PR description per template to document network_guard.go and the related pkg/tools helper/script changes.

Verification run:
go test ./pkg/channels ./pkg/utils ./pkg/tools

[nikolasdehor]

This addresses the Telegram message-too-long bug (#212, #244, #449) but only handles Telegram-specific chunking. #527 implements universal chunking across all channels, which supersedes this and #476. Suggesting consolidation to #527.

[jmahotiedu]

@huaaudio @nikolasdehor @Andyi955 quick unblock proposal to get this finished and merged ASAP:

• #251 is currently mergeable_state: dirty (conflicts with main), so it cannot be merged as-is.
• #527 already targets universal chunking and appears to supersede the channel-specific path here.

Fastest path:

1. Merge #527 as the canonical chunking solution.
2. Close #251 as superseded after confirming any Telegram-specific HTML-length edge handling from this branch is covered in #527.
3. If desired, I can open/keep a separate focused PR for the unrelated tool-security hardening from this branch (filesystem/web/exec) so it can be reviewed independently.

If maintainers prefer keeping #251 instead, I can rebase it immediately and trim it to Telegram-only scope for quick review.

[Andyi955]

@jmahotiedu Thanks for the tag and for looking into this!

To clarify, #527 (this branch) is the one that implements the universal chunking with full []rune support to guarantee perfect Emoji/CJK preservation. I noticed that older approaches (like #251) risk silently corrupting multibyte characters because they operate on raw byte offsets.

In this PR (#527), I have:

• Unicode Safety: Operated strictly on []rune to ensure no emojis or CJK characters are split mid-byte.
• Performance: Optimized chunking to a single-pass O(n) cursor-based offset, avoiding recursive overhead and making it highly efficient for long LLM outputs.
• Reliability: Added robust table-driven tests in pkg/utils/message_test.go asserting Unicode boundaries, split-point detection, and code-block integrity.

Since this branch is clean and all tests are passing, I'd ask the maintainers to review #527 as the canonical solution.

[alexhoshina]

Already fixed in the refactor branch.