Skip to content

MulmoClaude

v0.4.0 Security

This release includes 3 security fixes for security teams reviewing exposed deployments.

Published 1mo LLM Frameworks
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →
This release patches 3 known CVEs

Summary

AI summary

Updates Highlights, default, and ChatInput across a mixed release.

Full changelog

Highlights

📬 13 new messaging bridges — total bridge count 20+

The bot now talks to Mastodon, Bluesky, Chatwork, XMPP / Jabber, Rocket.Chat, Signal, Microsoft Teams, Viber, LINE Works, Nostr, plus three generic connectors (Webhook / Twilio SMS / IMAP-SMTP Email). All shipped as @mulmobridge/<platform>@0.1.0 on npm — npx @mulmobridge/<name> after setting the platform's creds, no server change needed.

🔗 Path-based URLs everywhere

Wiki (/wiki/index, /wiki/pages/<slug>), Files (/files/<path>), History (/history), Chat (/chat/:id, lands on the latest session when naked). Back / forward / bookmark / copy-paste all work the way you'd expect — the browser history is the navigation source of truth now, not component state.

🌏 Internationalization goes live — 8 shipping locales

vue-i18n wired in (#559), navigator.language auto-detection when VITE_LOCALE is unset, and en / ja / zh / ko / es / pt-BR / fr / de ship out of the box. Seventeen batches of string extraction cleared hard-coded text out of ChatInput, SessionTabBar, SessionHistoryPanel, RightSidebar, SidebarHeader, FileTreePane, SettingsModal, NotificationToast, CanvasViewToggle, SettingsMcpTab, SettingsWorkspaceDirsTab, SettingsReferenceDirsTab, PluginLauncher, FileContentHeader, FileContentRenderer, LockStatusPopup, FileTree, the whole Todo / Scheduler / Wiki / TextResponse / Spreadsheet / manageSkills / manageRoles / manageSource / markdown / presentMulmoScript plugin views, plus App shell and SuggestionsPanel.

🕐 Agent respects the user's timezone

Every agent request now carries Intl.DateTimeFormat().resolvedOptions().timeZone, and the system prompt tells the model to interpret bare times ("15:00") in that zone without re-asking every turn. The scheduler UI mirrors the change — daily triggers render in the viewer's local zone (Daily 05:00 GMT+9) instead of the engine's UTC (Daily 20:00 UTC). Server-side validation uses an IANA regex + Intl.DateTimeFormat round-trip so a hostile client can't inject prompt text through a crafted timezone string.

🐱 Favicon rebuilt around the mascot

Mascot logo sits inside a rounded frame, the background color now carries the agent state (idle gray / running blue / done green / error red), and a red unread dot lights up when any session (not just the active one) has new messages. White pixels in the mascot PNG are punched to transparency on first load so the state color shows through cleanly.

🛠️ Dev-server port fallback

yarn dev no longer crashes when port 3001 is already in use — it walks forward up to 20 slots. The probe + walk logic now lives in a shared server/utils/port.mjs so the dev server and the npx mulmoclaude launcher use exactly the same implementation. Explicit PORT=3099 still exits on conflict (respects the user's choice).

Added

  • Bridges (all v0.1.0): @mulmobridge/mastodon, /bluesky, /chatwork, /xmpp, /rocketchat, /signal, /teams, /webhook, /twilio-sms, /email, /line-works, /nostr, /viber. See the new packages/bridges/*/README.md files for setup.
  • Wiki: per-page chat composer on /wiki/pages/<slug> that spawns a new session scoped to the page; back-arrow walks browser history; exact-title lookup for non-ASCII pages; slug path-traversal rejection.
  • Files: path-based URL /files/<path> with query-form backward compatibility; internal workspace link router routes markdown-embedded links to the correct view.
  • History: promoted to its own /history route; "unread only" filter pill; session-origin filter (human / scheduler / skill / bridge).
  • Chat: naked /chat lands on the most recent session; MulmoClaude logo/title click resumes the latest chat.
  • UI: mascot-based favicon with state-colored background + red unread dot; scheduler frequency hints in the Tasks tab; ChatInput attach-file discoverability; source labels on preview cards; tool-result card timestamps overlaid on top border.
  • Canvas: PNG file as source of truth so drawings survive reload; POST /api/canvas + PUT /api/images/:filename endpoints.
  • Prompt: compact plugin bullets, per-section size monitoring + warn threshold, summary-only inlining for large help files.
  • Tests: E2E right-sidebar visibility on plugin views, /files/<path> character coverage, workspace link routing, ChatInput attach discoverability, internal-link-navigation, regression tests for session behavior fixes.
  • CLAUDE.md: i18n rule — all 8 locales must move in lockstep; id-length lint promoted to error.

Changed

  • @mulmobridge/slack (v0.2.0 → v0.3.0): SLACK_SESSION_GRANULARITY=thread auto-creates a Slack thread on the first bot reply to a top-level channel post — unrelated top-level messages get one thread per topic. channel (default) and auto unchanged; DMs unaffected. Closes #658 (#661).
  • @mulmobridge/client (v0.1.1 → v0.1.2): exports chunkText from ./text; required by every new bridge.
  • @mulmobridge/mock-server (v0.1.0 → v0.1.1): internal refactor + README catch-up.
  • @mulmobridge/relay (v0.1.0 → v0.2.0): four new platform plugins — WhatsApp (HMAC-SHA256 webhook + Cloud API send), Messenger (Meta HMAC + Messenger Send API), Google Chat (JWT/OIDC inbound + optional service-account async reply), Microsoft Teams (Bot Framework inbound + adapter.continueConversationAsync for push). Plus Durable Object hibernation recovery, subpath exports.
  • Dev server port resolution unified with npm launcher via server/utils/port.mjs.
  • Scheduler daily triggers render in the viewer's local timezone.
  • Agent system prompt: new ## Time & Timezone section; "Today's date" computed in the viewer's zone when available.
  • Wiki tabs styled to match PluginLauncher; PDF download button aligned with TextResponse view; index rows condensed to single line.
  • Bridges moved from packages/<name>/ into packages/bridges/<name>/ subdirectory.
  • ChatInput: focus expansion dropped, padding tightened, buttons equalized.

Fixed

  • Wiki: back arrow walks browser history; same-origin markdown links don't trigger full page reloads; relative links in text-response don't navigate the SPA; cross-route query bleed; redundant mount fetch on /wiki cancelled; navError hoisted above the immediate URL watcher; originating page retained in history when starting a chat.
  • Session: role switch from a non-chat page no longer creates a phantom session; sidebar preview links don't spawn new sessions; re-selecting the active session from a non-chat page navigates correctly; fall back to a new session when top-session resume fails; URL session id read directly to avoid watcher timing race.
  • Right sidebar: hidden along with its toggle on non-chat views (#652).
  • Mastodon: image-only DMs no longer dropped; chunked replies chain into one readable thread; fail loudly on a create-status response missing id.
  • Rocket.Chat: im.history / im.list pagination (previously silently trimmed past 50 / 100 entries); cursor rewind on first DM discovery.
  • Signal: E.164 source validation (UUID-only senders would 400 on reply); backoffMs module-scoped so reconnect actually backs off; dataMessage.groupV2.id / groupInfo.groupId routing so groups don't collapse into the sender's DM.
  • Nostr: auto-resubscribe every 5 min to survive relay WebSocket drops; last-seen cursor persisted so a >60 s restart doesn't lose DMs.
  • Bluesky: cursor-at-startup so DMs delivered while the bridge was down flow in on first poll.
  • i18n: pluginWiki schema drift across pt-BR / fr / de / es / ko / zh fixed in multiple rounds; literal @ in stdio argsPlaceholder escaped (the Intl linked-message compiler was crashing on @modelcontextprotocol/...); missing chatPlaceholder / chatSend / pdf keys aligned across all locales.
  • E2E: IME Enter test deflaked by collapsing compositionstart → compositionend → keydown into a single page.evaluate() (per-hop latency was blowing past the 30 ms race window on CI webkit).

Security

  • @mulmobridge/relay — Teams webhook auth hardened against SSRF and impersonation: serviceurl JWT claim cross-checked against activity body, channelId === "msteams" enforced, JWK endorsements checked for MultiTenant keys, allowlist made fail-closed when aadObjectId is missing.
  • @mulmobridge/nostr — IANA regex + Intl.DateTimeFormat round-trip validation on any timezone string before it reaches the system prompt.
  • @mulmobridge/signal — E.164 source validation; UUID-only senders dropped cleanly instead of attempting an invalid send.
  • Agent prompt — same IANA sanitisation for browser-supplied timezone.

Packages published during this cycle

Full changelog

See docs/CHANGELOG.md for the complete list.

📦 npm: [email protected]

One-liner to try it:

npx mulmoclaude

Security Fixes

  • @mulmobridge/relay Teams webhook auth hardened against SSRF and impersonation
  • @mulmobridge/nostr timezone string validation with IANA regex + Intl.DateTimeFormat round‑trip
  • @mulmobridge/signal E.164 source validation to drop invalid UUID‑only senders
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track MulmoClaude

Get notified when new releases ship.

Sign up free

About MulmoClaude

All releases →

Related context

Earlier breaking changes

  • v0.6.4 `General` role split into lean `General` and new `Personal` role; Encore seed role pinned to Personal.

Beta — feedback welcome: [email protected]