- _hangman_display compared uppercase word chars against lowercase
guessed_letters set, so letters were never revealed after correct guesses
- Word guess wrong path now shows the board and remaining guesses
- Winner display now includes the guesser's name on correct word guess
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Add _WYR_POLLS dict keyed by poll event_id to accumulate votes
- record_wyr_vote() called from callbacks.reaction() on every reaction
- reveal() reads actual vote counts and announces winner with percentage
- Handles tie and zero-vote cases
- Remove the useless 'check the reactions above' message
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
phi4-mini can queue behind other requests and take >20s under load,
causing TimeoutError and silent failures in wyr/riddle/hangman/scramble.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
hangman, scramble, riddle, and wyr all used api/generate which has no
system role. The model would wrap JSON in prose or markdown fences,
causing json.loads() to throw and the command to silently die after
the 'Generating...' message.
Fix for all four: switch to api/chat with a system message enforcing
raw JSON output, strip markdown fences, and use regex to extract the
JSON object even if surrounded by extra text.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Switch to api/chat with a system prompt for better JSON compliance,
and use regex extraction to find the JSON object even if the model
wraps it in extra text or markdown fences.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Switch from api/generate to api/chat so we can set a system role that
instructs the model to be genuinely savage. Add a few-shot example so
it knows what a roast looks like vs a backhanded compliment.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Reframe prompt as a consented comedy roast between friends so the
model doesn't refuse on safety grounds
- Add lore for lonely (Cole, 23, dishwasher, gamer) and
natcofragomatic (Nathan, DCO Tech 3 at AWS, ginger, tape-drive nerd)
- Use a lookup table (_ROAST_LORE) so adding new users is one line
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- !hangman: AI picks a 5-8 letter word with hint; players !guess letters/words, 6 wrong = dead
- !scramble: AI picks a word, scrambles it; first correct answer in chat wins (45s timeout)
- !wyr: AI generates Would You Rather with 🅰️/🅱️ reaction voting, 30s reveal
- !riddle: AI generates riddle monitored for 60s, substring match in chat wins
- !roast: AI roasts a target using BALL_MODEL with special Jared/Wynter lore
- !story: collaborative story with !story add <line> and !story end (AI conclusion, max 10 lines)
- !debate: AI writes FOR/AGAINST arguments for any topic using ASK_MODEL
- callbacks.py: route all non-command messages through scramble/riddle answer checkers
- help: updated categories to include all new commands
- Replace flat fallback list with per-category fallback dict so
!trivia music never shows a gaming question when AI is down
- Always show "via <model>" tag on AI questions; show warning tag
on static fallbacks so users know AI was unavailable
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
New categories: anime, sports, food, history, geography, nature,
mythology, tv (14 total).
Add _trivia_recent dict that tracks the last 20 questions per
category and injects them into the LLM prompt as a avoid list,
preventing duplicate questions within a session.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
When Wynter asks a romantic question about Jared ("is he in love
with me", "does he miss me", etc.) the LLM fallback now explicitly
denies the premise instead of giving a generic Jared-wins response.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Add explicit Jared/Wynter no-romance lore to all four branch
bio_contexts and prompts — prevents model from implying romantic
feelings between them
- Add _implies_jared_wynter_romance() validator; responses that
suggest romantic connection fall back to the static fallback
- Replace random-list responses for non-Jared/Wynter senders with
AI-generated magic 8-ball predictions via BALL_MODEL
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
The python-build-standalone tarball ships pip 24.1.2 and setuptools
70.3.0 which have known CVEs. Upgrade them first so --local audit
only sees current, patched versions.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
The standalone Python 3.10 binary's venv ensurepip step exits 127.
Workaround: install requirements + pip-audit into the same env,
then audit with --local (no internal venv creation).
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Debian Bullseye only ships Python 3.9 and python3.10 is not in its
repos. python-dotenv 1.2.2 (vuln fix) requires Python >=3.10.
Use indygreg/python-build-standalone to get a self-contained Python
3.10.15 binary that works on any glibc Linux runner.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
lotusllm, lotusllmben, and llama3.3 70B have been removed from
Ollama on LXC 130 to free ~44 GB disk space.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- BALL_MODEL: huihui_ai/llama3.2-abliterate:3b (abliterated 3B,
follows complex persona instructions without censorship)
- ASK_MODEL + OLLAMA_MODEL: phi4-mini:latest (Phi-4 Mini 3.8B,
best instruction-following model available within GPU VRAM)
- Update _MODEL_DISPLAY for new model names
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Fix about_jared/about_wynter using substring match — "they" matched
"he", "theme" matched "he", etc., routing Wynter's questions to the
wrong branch. Now uses \b word boundaries via re.search.
- Switch BALL_MODEL default from sadiq-bd 1B uncensored to
llama3.2:latest (3B) — the 1B model hallucinates, ignores persona
instructions, and mentions Jared randomly. GPU is now working on
Arc A380 at ~25 tok/s so the larger model is practical.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
gemma3:latest produces garbage output on the Vulkan backend (Intel Arc A380).
llama3.2:latest runs correctly at 100% GPU. Timeout bumped to 120s to handle
cold model loads (~22s) without timing out.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
8ball is only AI-powered for specific users (Wynter/Jared); for everyone
else it's a random static response. Games is the correct category.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Model attribution is now only shown when the LLM actually generated the
response. If the model refused or gave an invalid answer and we fell back
to the static response, no 'via ...' line is shown.
Fallback responses for all three Wynter branches are now randomised pools
so the bot doesn't always give the same flat yes/no phrase regardless of
what Wynter actually typed.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
help: grouped into AI / Games / Random / Server categories with Option B
purple header; descriptions auto-pulled from the command registry.
Model attribution: added _MODEL_DISPLAY map so 'via lotusllm' becomes
'via Llama 3.2 1B', 'via gemma3:latest' becomes 'via Gemma 3 4B', etc.
Config: OLLAMA_MODEL switched from lotusllm to llama3.2:latest; added
BALL_MODEL (sadiq-bd/llama3.2-1b-uncensored) as a dedicated config var
for the 8ball so it stays on the uncensored model without affecting fortune.
Descriptions: fortune -> AI-generated fortune cookie; ask -> Ask LotusBot;
health -> Bot health & stats (admin only).
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Responding 'Wynter is too busy...' in third person to someone who just
asked 'will I...' feels disconnected. Changed the prompt to speak
directly to Wynter using you/your, with her name used only for emphasis.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
The LLM was responding with 'She's far too busy...' instead of using
'Wynter' by name. Added explicit instruction to both Wynter branches
to always refer to her by name and never use she/her pronouns.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
8ball: color-coded answer text (green=positive, red=negative, amber=neutral)
for both the random and Jared/Wynter AI branches; question shown as small
italic below the answer; AI responses include model attribution.
fortune: teal header, answer in blockquote italics, model attribution shown
only when response came from the LLM (not the static fallback list).
ask: purple header, question in italic, response in blockquote, model
attribution at bottom.
trivia: blue header with category, green reveal answer, model attribution
shown only for LLM-generated questions (not static fallbacks).
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Priority Order is stale project tracking that doesn't belong in a README.
vCPUs removed from the infrastructure table — containers are HA and can
migrate between physical hosts so pinning a CPU model is misleading.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Each !ask call is stateless — no context is retained between commands,
so ending a response with a question is misleading. Added explicit
instruction to the system prompt to prevent this.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
fortune: generates a fresh witty one-liner via Ollama on every call,
falls back to static list if LLM is unavailable.
ask: switched to /api/chat endpoint with a system prompt for better
conversational quality; now uses ASK_MODEL (default: gemma3:latest)
separately from the 8ball OLLAMA_MODEL so each can be tuned independently.
trivia: LLM generates a fresh question each time (no more repeating the
same 25 questions); supports !trivia <category> with six categories
(gaming, tech, general, movies, music, science); falls back to static
questions if JSON generation fails.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Remove unused imports: logging from bot.py and config.py, RoomMessageText/
UnknownEvent from callbacks.py, functools.partial and MAX_INPUT_LENGTH from
commands.py. Rename unused local variables to _ (resp in cmd_ping, symbols in
render_keyboard_plain, guesses_left in two wordle functions). Move wordle import
to top of commands.py to fix E402.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- ruff: add --strip-components=1 to tar extract; the tarball puts the
binary inside ruff-x86_64-unknown-linux-gnu/ not at the root
- gitleaks: path-based allowlists are broken in v8.21.2 --no-git mode
(tested down to bare substrings — still fires). Switched to scanning
only application code directories (matrixbot/, hookshot/, .gitea/,
systemd/, cinny/, landing/) which excludes deploy/ where the
intentional Gitea webhook HMAC secrets live. Also removed the
.gitleaks-baseline.json from the repo (it was flagging itself).
The .gitleaks.toml is kept for any future per-rule overrides.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- ruff: download standalone binary instead of using python3 -m ruff
(runner image lacks the PATH entry for pip-installed bin scripts)
- pip-audit: add python3-venv to apt install (pip-audit creates a venv
internally to resolve deps; ensurepip was missing)
- gitleaks: switch from stopwords allowlist to --baseline-path approach.
Stopwords don't suppress findings from git history scans. The baseline
records the 4 known-intentional webhook HMAC secrets; CI now only
fails on findings NOT in the baseline (i.e. newly introduced secrets)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- All Python jobs now install python3-pip via apt first (runner image
has no pip by default)
- Added secret-scan job: gitleaks v8.21.2 scans full git history on
every push/PR with --redact to avoid leaking found secrets in logs
- Added .gitleaks.toml allowlisting deploy/hooks-lxc*.json files
(webhook HMAC secrets are intentional config, not leaks)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- python3 -m pip works in the act runner where bare 'pip' isn't in PATH
- Added python-audit job: pip-audit checks matrixbot/requirements.txt
against the OSV database for known CVEs on every push/PR
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- When Jared asks a question containing Wynter's name, it now uses a
dedicated mock-Wynter prompt instead of the generic positive-Jared
one. The _is_positive_about_jared guard is also skipped for this
branch so negative words aimed at Wynter don't trigger the fallback.
Fallback changed from "Jared is absolutely right!" (nonsensical for
Wynter questions) to "Sounds about right — Wynter had it coming."
- Added ruff Python lint job to .gitea/workflows/lint.yml covering
matrixbot/ on every push and PR.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Removed standalone matrixbot/deploy.sh — deploy is handled by the existing
webhook system. Added matrixbot/ block to deploy/lxc151-hookshot.sh: on push,
if any matrixbot/ file changed, source files are synced to /opt/matrixbot and
matrixbot.service is restarted automatically.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
All bot source files from LXC 151 (/opt/matrixbot) are now tracked here.
Secrets (.env, credentials.json), venv dirs, and runtime state files
(nio_store, welcome_state.json, wordle_stats.json) are excluded via .gitignore.
Includes deploy.sh to sync files to /opt/matrixbot and restart the service.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Previously require_at_registration=true caused Cinny to silently complete
the m.login.terms UIA step during registration (~34ms), meaning users were
auto-consented without ever seeing the ToS page.
Setting require_at_registration=false removes the UIA step from registration.
New users start with NULL consent and are blocked by block_events_error on
first message send. Synapse sends a Server Notice DM with the /_matrix/consent
URL, which they must explicitly visit and submit before messaging is unblocked.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
jared