Hybrid relay-broker integration: best of #412 + #404#415
Merged
khaliqgant merged 10 commits intomainfrom Feb 13, 2026
Merged
Conversation
Pull relay-broker directory from relay-broker-integration branch as the foundation for the hybrid approach. Will apply bug fixes from PR #412 on top. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Prevent agents from spoofing human identity by naming themselves "human:..." to bypass release ACL checks. When sender_kind is explicitly Agent, immediately return false regardless of name string. Cherry-picked from PR #412. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
When base URL already ends with /stream (e.g. wss://rt.relaycast.dev/stream), avoid appending /v1/stream which produced invalid double-path URLs like wss://host/stream/v1/stream. Now correctly preserves the existing /stream path. Cherry-picked from PR #412. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Rename ensure_reaycast_mcp_config to ensure_relaycast_mcp_config (missing 'l' in relaycast). Updated all call sites in main.rs. Cherry-picked from PR #412. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Without a body-size bound, a burst of large messages from the same sender within the coalesce window would concatenate without limit, potentially causing large memory allocations. Add MAX_COALESCED_BODY_SIZE (32 KiB) check that flushes the current group when exceeded. Cherry-picked from PR #412. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Make terminate_child public so it can be reused from main.rs instead of being duplicated inline, reducing code duplication. Cherry-picked from PR #412. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Replace committed rk_live_... key with environment variable placeholder. The exposed key (rk_live_b00fd0ddeca96468d72140c9c4b3a910) must be rotated immediately. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
![devin-ai-integration[bot]](https://avatars.githubusercontent.com/in/811515?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Devin Review found 3 potential issues.
🐛 1 issue in files not directly in the diff
🐛 Panic on multi-byte UTF-8 in listen-mode message truncation (relay-broker/src/main.rs:1168)
In main.rs listen mode, relay message text is truncated using byte-level slicing &mapped.text[..120] which will panic if byte 120 falls in the middle of a multi-byte UTF-8 character.
Root Cause
At relay-broker/src/main.rs:1167-1168, the code checks mapped.text.len() > 120 (byte length) and then slices at byte 120:
if mapped.text.len() > 120 {
format!("{}…", &mapped.text[..120]) // PANIC if byte 120 is mid-character
}The mapped.text field contains user-generated relay messages which commonly include emoji (👋, 🚀), CJK characters, or other multi-byte UTF-8 content. When such a message exceeds 120 bytes, the byte-level slice will panic with byte index 120 is not a char boundary.
Note that the codebase already has a floor_char_boundary helper function defined at relay-broker/src/main.rs:2864-2873 that correctly handles this case, but it's not used here.
Impact: Any relay message in listen mode containing multi-byte UTF-8 characters that exceeds 120 bytes will crash the broker.
View 11 additional findings in Devin Review.
Fix potential panics when truncating multi-byte UTF-8 strings (emoji, CJK, accented characters) in conversation_log.rs and main.rs listen mode. Adds floor_char_boundary helper to conversation_log.rs and applies it to truncate(), pad_or_truncate(), and short_id(). Also fixes the same pattern in main.rs listen-mode message display. Addresses Devin review finding on PR #415. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
khaliqgant
added a commit
that referenced
this pull request
Feb 13, 2026
khaliqgant
added a commit
that referenced
this pull request
Feb 13, 2026
Fix potential panics when truncating multi-byte UTF-8 strings (emoji, CJK, accented characters) in conversation_log.rs and main.rs listen mode. Adds floor_char_boundary helper to conversation_log.rs and applies it to truncate(), pad_or_truncate(), and short_id(). Also fixes the same pattern in main.rs listen-mode message display. Addresses Devin review finding on PR #415. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Integrates the Rust relay-broker into the main repo using a hybrid approach that combines the best code quality from PR #412 with the backward compatibility of PR #404.
relay-broker/Rust binary from PR start broker integration #404 (additive, preserves all existing TS packages)Bug fixes from PR #412:
human:...to bypass release ACL checks/streambase produced invalidhost/stream/v1/streamensure_reaycast_mcp_config→ensure_relaycast_mcp_configMAX_COALESCED_BODY_SIZEcapterminate_childas pub instead of duplicating inlineCompatibility shims:
@agent-relay/utils/relay-pty-pathre-exported as alias foragent-relay-pathRelayPtyOrchestratorre-exported as alias forRelayBrokerOrchestratorAGENT_RELAY_BINARYenv var with legacyRELAY_PTY_BINARYfallbackSecurity:
rk_live_b00fd0ddeca96468d72140c9c4b3a910(was committed in PR start broker integration #404, removed in this PR but still in git history)Validation Matrix
Context: Why hybrid?
Collaborators
This PR was produced by a multi-agent team coordinated via Agent Relay:
Decisions and reasoning recorded via
trail— see.trajectories/for full trajectory.Test plan
🤖 Generated with Claude Code