#22308: feat(zulip): add Zulip channel plugin

## Summary Adds first-party support for [Zulip](https://zulip.com/), the open-source threaded team chat. ## Features - **Real-time messaging**: Receive messages from Zulip streams and DMs via event queue long-polling - **Send messages**: Send to streams (with topics) or direct messages - **Media support**: Upload and send files/attachments - **Multiple accounts**: Configure multiple Zulip bots - **Security policies**: DM allowlists, group policies, mention requirements ## Configuration ```json { "channels": { "zulip": { "enabled": true, "baseUrl": "https://your-org.zulipchat.com", "email": "bot@your-org.zulipchat.com", "apiKey": "your-api-key", "requireMention": true, "dmPolicy": "pairing" } } } ``` ## Implementation Follows the same patterns as the Mattermost extension: - Config schema with Zod validation - Event queue long-polling for real-time messages - Standard channel plugin interface - Environment variable support ## Testing Tested with self-hosted Zulip instance with 9 agent accounts. --- Happy to make any changes needed! <!-- greptile_comment --> <h3>Greptile Summary</h3> Adds first-party Zulip channel plugin following the established Mattermost extension patterns. The implementation provides real-time message polling via Zulip's event queue API, stream and DM support with topics, media uploads, and multiple account configuration. **Key Changes:** - New Zulip channel plugin in `extensions/zulip/` with complete TypeScript implementation - Event queue long-polling for real-time message reception - Stream and DM message routing with topic support - HTTP Basic Auth with Zulip API - Config schema with Zod validation matching other channel plugins - Multiple account support with environment variable fallback **Note on PR Scope:** This PR includes unrelated upstream changes (MCP client extension, Mumble extension, DuckDuckGo search provider, TTS providers, and other core changes). These are from upstream syncs (`be214626` and earlier commits) merged into the author's feature branch. The actual Zulip implementation is isolated to commit `4a4c8b9e` which only touches `extensions/zulip/` files. **Areas for verification:** - Message routing in `monitor.ts:171-174` uses `enqueueSystemEvent` but doesn't explicitly pass sender IDs or check security policies (dmPolicy, groupPolicy, requireMention) before routing. The README claims these policies are supported, but the monitor implementation doesn't show where mention detection or allowlist filtering occurs. This differs from Mattermost's approach which explicitly checks mentions and policies before routing (see `extensions/mattermost/src/mattermost/monitor.ts:550-573`). - Consider verifying that OpenClaw's routing system automatically applies the channel plugin's security configuration, or if explicit checks are needed in the monitor. <h3>Confidence Score: 3/5</h3> - This PR is safe to merge with verification of security policy enforcement - The Zulip implementation follows established patterns from Mattermost and has clean, well-structured code. However, the score is moderate because: (1) security policy enforcement (dmPolicy, groupPolicy, requireMention) isn't visibly implemented in the monitor, requiring verification that the routing system handles it, and (2) the PR includes significant unrelated upstream changes (MCP client, Mumble, DuckDuckGo search, TTS providers) merged from main, though the actual Zulip commit is clean and isolated - Pay close attention to `extensions/zulip/src/zulip/monitor.ts` for security policy enforcement verification _{Last reviewed commit: 4a4c8b9} <!-- greptile_other_comments_section --> <!-- /greptile_comment -->