Add user-configurable timezone and 12/24-hour preferences, then wire them through settings, runtime snapshots, scheduler payloads, wait handling, notifications, backups, memory, plugin metadata, and frontend formatters.
Keep UTC as the boundary for absolute instants while serializing user-facing dates in the configured or browser-resolved timezone. Preserve scheduler wall-clock inputs in the selected timezone, propagate TZ into desktop/runtime process environments, and restart active desktop sessions when the runtime timezone changes.
Cover the risky paths with timezone regression tests for settings normalization, auto and fixed timezone resolution, scheduler round-trips, memory timestamp conversion, and desktop timezone sync.
Remove the scan queue mechanism that serialized plugin scans. Each scan now runs in its own temporary chat context immediately upon request, allowing multiple scans to execute in parallel. Update UI to reflect that scans are no longer queued and remove the "queued" state tracking from store and API.
Add a built-in Plugin Validator core plugin (_plugin_validator) that validates
plugins against manifest, structure, code patterns, and security/index conventions.
Supports three input sources (local installed plugins, Git URL, ZIP upload) via
a dedicated UI with Local/Git/ZIP tabs. Exposes queue/start and sync run APIs,
mirroring the plugin scanner. Integrates into the installer flow by adding
extension anchors to the Git and ZIP install screens so plugins can be validated
before installation.
ZIP validation: backend endpoint extracts uploaded archives with path traversal
checks, discovers plugin root via plugin.yaml, and returns a temporary path for
agent validation; prompt instructs the agent to clean up afterward.
Scanner hardening: switch scan prompt/config loading to lazy loaders to avoid
import-time failures; add fetchText/fetchJson helpers with clear error reporting;
introduce poll-loop timeout (10 min) and stale queue-entry guard; log cleanup
failures instead of swallowing them in plugin_scan_run and plugin_validator_run.
align scan/validator errors with toastFrontendError
- remove backend logger usage from plugin scan and validator run/prompt helpers
- switch plugin scan user-facing failures to toastFrontendError
- drop the inline scan error block from the scan modal UI
- keep the installer extension integration unchanged
plugin git/zip install view css polish
harden agent-facing security scan API to dispose used context
