From a6126f9662ecef24ad5da24dcf7252557219b608 Mon Sep 17 00:00:00 2001
From: yodamaster726 <yodamaster726@gmail.com>
Date: Fri, 22 Nov 2024 18:18:48 -0500
Subject: [PATCH 1/3] fix: ollamaModel unused variable.  fix security.md

---
 packages/plugin-node/src/services/llama.ts | 29 +++++++++++++++++++---
 1 file changed, 26 insertions(+), 3 deletions(-)

diff --git a/packages/plugin-node/src/services/llama.ts b/packages/plugin-node/src/services/llama.ts
index 720972278f3..d4982e6bc6d 100644
--- a/packages/plugin-node/src/services/llama.ts
+++ b/packages/plugin-node/src/services/llama.ts
@@ -486,9 +486,32 @@ export class LlamaService extends Service {
             throw new Error("Model not initialized. Call initialize() first.");
         }
 
-        const embeddingContext = await this.model.createEmbeddingContext();
-        const embedding = await embeddingContext.getEmbeddingFor(input);
-        return embedding?.vector ? [...embedding.vector] : undefined;
+        const ollamaModel = process.env.OLLAMA_MODEL;
+        const ollamaUrl =
+            process.env.OLLAMA_SERVER_URL || "http://localhost:11434";
+        const embeddingModel =
+            process.env.OLLAMA_EMBEDDING_MODEL || "mxbai-embed-large";
+        elizaLogger.info(
+            `Using Ollama API for embeddings with model ${embeddingModel} (base: ${ollamaModel})`
+        );
+
+        const response = await fetch(`${ollamaUrl}/api/embeddings`, {
+            method: "POST",
+            headers: {
+                "Content-Type": "application/json",
+            },
+            body: JSON.stringify({
+                input: input,
+                model: embeddingModel,
+            }),
+        });
+
+        if (!response.ok) {
+            throw new Error(`Failed to get embedding: ${response.statusText}`);
+        }
+
+        const embedding = await response.json();
+        return embedding.vector;
     }
 }
 

From 93608e02a6c2d793af5f7fcb6d1154215ba4eac5 Mon Sep 17 00:00:00 2001
From: yodamaster726 <yodamaster726@gmail.com>
Date: Fri, 22 Nov 2024 18:19:22 -0500
Subject: [PATCH 2/3] fix: security.md failed to commit

---
 SECURITY.md | 97 ++++++++++++++++++++++++++++-------------------------
 1 file changed, 51 insertions(+), 46 deletions(-)

diff --git a/SECURITY.md b/SECURITY.md
index a08255046e3..95045cf7a38 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -17,74 +17,79 @@ We take the security of Eliza seriously. If you believe you have found a securit
 
 1. **DO NOT** create a public GitHub issue for the vulnerability
 2. Send an email to security@eliza.builders with:
-   - A detailed description of the vulnerability
-   - Steps to reproduce the issue
-   - Potential impact of the vulnerability
-   - Any possible mitigations you've identified
+    - A detailed description of the vulnerability
+    - Steps to reproduce the issue
+    - Potential impact of the vulnerability
+    - Any possible mitigations you've identified
 
 ### What to Expect
 
-- **Initial Response**: Within 48 hours, you will receive an acknowledgment of your report
-- **Updates**: We will provide updates every 5 business days about the progress
-- **Resolution Timeline**: We aim to resolve critical issues within 15 days
-- **Disclosure**: We will coordinate with you on the public disclosure timing
+-   **Initial Response**: Within 48 hours, you will receive an acknowledgment of your report
+-   **Updates**: We will provide updates every 5 business days about the progress
+-   **Resolution Timeline**: We aim to resolve critical issues within 15 days
+-   **Disclosure**: We will coordinate with you on the public disclosure timing
 
 ## Security Best Practices
 
 ### For Contributors
 
 1. **API Keys and Secrets**
-   - Never commit API keys, passwords, or other secrets to the repository
-   - Use environment variables as described in our secrets management guide
-   - Rotate any accidentally exposed credentials immediately
+
+    - Never commit API keys, passwords, or other secrets to the repository
+    - Use environment variables as described in our secrets management guide
+    - Rotate any accidentally exposed credentials immediately
 
 2. **Dependencies**
-   - Keep all dependencies up to date
-   - Review security advisories for dependencies regularly
-   - Use `pnpm audit` to check for known vulnerabilities
+
+    - Keep all dependencies up to date
+    - Review security advisories for dependencies regularly
+    - Use `pnpm audit` to check for known vulnerabilities
 
 3. **Code Review**
-   - All code changes must go through pull request review
-   - Security-sensitive changes require additional review
-   - Enable branch protection on main branches
+    - All code changes must go through pull request review
+    - Security-sensitive changes require additional review
+    - Enable branch protection on main branches
 
 ### For Users
 
 1. **Environment Setup**
-   - Follow our [secrets management guide](docs/guides/secrets-management.md) for secure configuration
-   - Use separate API keys for development and production
-   - Regularly rotate credentials
+
+    - Follow our [secrets management guide](docs/guides/secrets-management.md) for secure configuration
+    - Use separate API keys for development and production
+    - Regularly rotate credentials
 
 2. **Model Provider Security**
-   - Use appropriate rate limiting for API calls
-   - Monitor usage patterns for unusual activity
-   - Implement proper authentication for exposed endpoints
+
+    - Use appropriate rate limiting for API calls
+    - Monitor usage patterns for unusual activity
+    - Implement proper authentication for exposed endpoints
 
 3. **Platform Integration**
-   - Use separate bot tokens for different environments
-   - Implement proper permission scoping for platform APIs
-   - Regular audit of platform access and permissions
+    - Use separate bot tokens for different environments
+    - Implement proper permission scoping for platform APIs
+    - Regular audit of platform access and permissions
 
 ## Security Features
 
 ### Current Implementation
 
-- Environment variable based secrets management
-- Type-safe API implementations
-- Automated dependency updates via Renovate
-- Continuous Integration security checks
+-   Environment variable based secrets management
+-   Type-safe API implementations
+-   Automated dependency updates via Renovate
+-   Continuous Integration security checks
 
 ### Planned Improvements
 
 1. **Q4 2024**
-   - Automated security scanning in CI pipeline
-   - Enhanced rate limiting implementation
-   - Improved audit logging
+
+    - Automated security scanning in CI pipeline
+    - Enhanced rate limiting implementation
+    - Improved audit logging
 
 2. **Q1 2025**
-   - Security-focused documentation improvements
-   - Enhanced platform permission management
-   - Automated vulnerability scanning
+    - Security-focused documentation improvements
+    - Enhanced platform permission management
+    - Automated vulnerability scanning
 
 ## Vulnerability Disclosure Policy
 
@@ -100,21 +105,21 @@ We follow a coordinated disclosure process:
 
 We believe in recognizing security researchers who help improve our security. Contributors who report valid security issues will be:
 
-- Credited in our security acknowledgments (unless they wish to remain anonymous)
-- Added to our security hall of fame
-- Considered for our bug bounty program (coming soon)
+-   Credited in our security acknowledgments (unless they wish to remain anonymous)
+-   Added to our security hall of fame
+-   Considered for our bug bounty program (coming soon)
 
 ## License Considerations
 
 As an MIT licensed project, users should understand:
 
-- The software is provided "as is"
-- No warranty is provided
-- Users are responsible for their own security implementations
-- Contributors grant perpetual license to their contributions
+-   The software is provided "as is"
+-   No warranty is provided
+-   Users are responsible for their own security implementations
+-   Contributors grant perpetual license to their contributions
 
 ## Contact
 
-- Security Issues: security@eliza.builders
-- General Questions: Join our [Discord](https://discord.gg/ai16z)
-- Updates: Follow our [security advisory page](https://github.com/ai16z/eliza/security/advisories)
+-   Security Issues: security@eliza.builders
+-   General Questions: Join our [Discord](https://discord.gg/ai16z)
+-   Updates: Follow our [security advisory page](https://github.com/ai16z/eliza/security/advisories)

From 644ebb2f2d3dc6dcfc76d011670d9e189b76dcd3 Mon Sep 17 00:00:00 2001
From: yodamaster726 <yodamaster726@gmail.com>
Date: Fri, 22 Nov 2024 19:20:31 -0500
Subject: [PATCH 3/3] fix: missing updates for logger.ts

---
 packages/core/src/logger.ts | 45 ++++++++++++++++++++++++++++---------
 1 file changed, 34 insertions(+), 11 deletions(-)

diff --git a/packages/core/src/logger.ts b/packages/core/src/logger.ts
index f8172d0b6ca..ae9b3a19852 100644
--- a/packages/core/src/logger.ts
+++ b/packages/core/src/logger.ts
@@ -1,4 +1,11 @@
-class ElizaLogger {
+import settings from "./settings.ts";
+import { Logger, ILogObjMeta, ILogObj } from "tslog";
+
+interface IElizaLogger extends Logger<IElizaLogger> {
+    progress(message: string): void;
+}
+
+class ElizaLogger implements IElizaLogger {
     constructor() {
         // Check if we're in Node.js environment
         this.isNode =
@@ -7,7 +14,7 @@ class ElizaLogger {
             process.versions.node != null;
 
         // Set verbose based on environment
-        this.verbose = this.isNode ? process.env.verbose === "true" : false;
+        this.verbose = this.isNode ? settings.VERBOSE === "true" : false;
     }
 
     private isNode: boolean;
@@ -173,6 +180,7 @@ class ElizaLogger {
         }
     }
 
+    // @ts-ignore - custom implementation
     log(...strings) {
         this.#logWithStyle(strings, {
             fg: "white",
@@ -182,6 +190,7 @@ class ElizaLogger {
         });
     }
 
+    // @ts-ignore - custom implementation
     warn(...strings) {
         this.#logWithStyle(strings, {
             fg: "yellow",
@@ -191,6 +200,7 @@ class ElizaLogger {
         });
     }
 
+    // @ts-ignore - custom implementation
     error(...strings) {
         this.#logWithStyle(strings, {
             fg: "red",
@@ -200,6 +210,7 @@ class ElizaLogger {
         });
     }
 
+    // @ts-ignore - custom implementation
     info(...strings) {
         this.#logWithStyle(strings, {
             fg: "blue",
@@ -209,15 +220,7 @@ class ElizaLogger {
         });
     }
 
-    success(...strings) {
-        this.#logWithStyle(strings, {
-            fg: "green",
-            bg: "",
-            icon: "\u2713",
-            groupTitle: ` ${this.successesTitle}`,
-        });
-    }
-
+    // @ts-ignore - custom implementation
     debug(...strings) {
         if (!this.verbose) return;
         this.#logWithStyle(strings, {
@@ -228,6 +231,15 @@ class ElizaLogger {
         });
     }
 
+    success(...strings) {
+        this.#logWithStyle(strings, {
+            fg: "green",
+            bg: "",
+            icon: "\u2713",
+            groupTitle: ` ${this.successesTitle}`,
+        });
+    }
+
     assert(...strings) {
         this.#logWithStyle(strings, {
             fg: "cyan",
@@ -236,6 +248,17 @@ class ElizaLogger {
             groupTitle: ` ${this.assertsTitle}`,
         });
     }
+
+    progress(message: string) {
+        if (this.isNode) {
+            // Clear the current line and move cursor to beginning
+            process.stdout.clearLine(0);
+            process.stdout.cursorTo(0);
+            process.stdout.write(message);
+        } else {
+            console.log(message);
+        }
+    }
 }
 
 export const elizaLogger = new ElizaLogger();