#16327: fix(bluebubbles): enforce dmPolicy for DMs; block unknown senders when pairing/allowlist
channel: bluebubbles
size: S
Cluster:
WhatsApp Pairing Enhancements
When allowFrom was empty, isAllowedBlueBubblesSender always returned true, so
pairing/allowlist were never applied. Now pass dmPolicy and return false for
empty allowFrom when dmPolicy is "pairing" or "allowlist".
Fixes #16108
<!-- greptile_comment -->
<h3>Greptile Summary</h3>
This PR aims to fix a bug where `isAllowedBlueBubblesSender` always returned `true` when `allowFrom` was empty, bypassing "pairing" and "allowlist" DM policies. The fix passes `dmPolicy` into the function and returns `false` for empty `allowFrom` when the policy requires restriction.
- **Blocker: Unresolved merge conflict markers** in `extensions/bluebubbles/src/targets.ts` (lines 334-386) — the file contains `<<<<<<<`, `=======`, and `>>>>>>>` markers, making it uncompilable. The merge with `main` was not properly resolved.
- The branch-side resolution duplicates all matching logic from the shared `isAllowedParsedChatSender` helper in `src/plugin-sdk/allow-from.ts`. A cleaner fix would add the `dmPolicy` guard *before* delegating to the shared helper, keeping the codebase DRY.
- The call sites in `monitor-processing.ts` correctly pass the new `dmPolicy` parameter.
- Test coverage is solid, covering pairing/allowlist blocking, backward compatibility, handle matching, and wildcard support.
<h3>Confidence Score: 1/5</h3>
- This PR cannot be merged — it contains unresolved git merge conflict markers that will cause a compilation failure.
- Score of 1 reflects the presence of unresolved merge conflict markers in targets.ts (lines 334-386), which is a compile-breaking issue. The intended logic change is sound, but the file is not in a valid state. Additionally, the implementation duplicates shared SDK logic rather than composing with it.
- extensions/bluebubbles/src/targets.ts — contains unresolved merge conflict markers that must be resolved before this PR can be merged.
<sub>Last reviewed commit: 51c4a2b</sub>
<!-- greptile_other_comments_section -->
<!-- /greptile_comment -->
Most Similar PRs
#22636: fix(whatsapp): skip pairing store merge when dmPolicy is allowlist (#…
by anillBhoi · 2026-02-21
77.8%
#14789: fix: per-account dmPolicy ignored in checkInboundAccessControl
by croll83 · 2026-02-12
74.1%
#23483: fix(bluebubbles): key debounce by chat+sender instead of messageId
by saucesteals · 2026-02-22
73.0%
#15240: fix(bluebubbles): URL dropped when sent in same iMessage bubble as ...
by yinghaosang · 2026-02-13
72.7%
#6567: fix: include paired users in WhatsApp group sender allowlist
by giannisanni · 2026-02-01
72.3%
#21174: fix(bluebubbles): trim leading newlines from message text
by cosmopax · 2026-02-19
72.1%
#17513: fix(discord): respect groupPolicy in channel config fallback (#4555)
by aronchick · 2026-02-15
72.1%
#14249: slack: add DM policy matrix regressions (open/allowlist/pairing/dis...
by davidahmann · 2026-02-11
71.6%
#16304: fix(bluebubbles): accept webhook message fields at top level
by MisterGuy420 · 2026-02-14
71.4%
#11600: fix(bluebubbles): always use private-api method for sending
by coletebou · 2026-02-08
71.1%