nyrn
/
openclaw
mirror of https://github.com/openclaw/openclaw.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
19,105 Commits 712 Branches 79 Tags 2.1 GiB
Commit Graph

241 Commits

Author SHA1 Message Date
scoootscooob d9c285e930
Fix configure startup stalls from outbound send-deps imports (#46301) 
* fix: avoid configure startup plugin stalls

* fix: credit configure startup changelog entry
 2026-03-14 09:58:03 -07:00
scoootscooob 7764f717e9
refactor: make OutboundSendDeps dynamic with channel-ID keys (#45517) 
* refactor: make OutboundSendDeps dynamic with channel-ID keys

Replace hardcoded per-channel send fields (sendTelegram, sendDiscord,
etc.) with a dynamic index-signature type keyed by channel ID. This
unblocks moving channel implementations to extensions without breaking
the outbound dispatch contract.

- OutboundSendDeps and CliDeps are now { [channelId: string]: unknown }
- Each outbound adapter resolves its send fn via bracket access with cast
- Lazy-loading preserved via createLazySender with module cache
- Delete 6 deps-send-*.runtime.ts one-liner re-export files
- Harden guardrail scan against deleted-but-tracked files


* fix: preserve outbound send-deps compatibility

* style: fix formatting issues (import order, extra bracket, trailing whitespace)



* fix: resolve type errors from dynamic OutboundSendDeps in tests and extension

* fix: remove unused OutboundSendDeps import from deliver.test-helpers
 2026-03-14 02:42:21 -07:00
Peter Steinberger 49a2ff7d01
build: sync plugins for 2026.3.14 2026-03-14 06:05:39 +00:00
Peter Steinberger 38b09866b8 test: share directory runtime helpers 2026-03-14 02:40:27 +00:00
Peter Steinberger b61bc4948e refactor: share dual text command gating 2026-03-14 01:41:17 +00:00
Peter Steinberger 017c0dce32 test: dedupe msteams attachment redirects 2026-03-13 23:35:27 +00:00
Peter Steinberger 2ebc7e3ded test: dedupe msteams revoked thread context 2026-03-13 23:35:27 +00:00
Peter Steinberger a9d8518e7c test: dedupe msteams consent auth fixtures 2026-03-13 21:54:39 +00:00
Peter Steinberger f2300f4522 test: dedupe msteams policy route fixtures 2026-03-13 21:54:39 +00:00
Peter Steinberger d4d0091760 test: share msteams safe fetch assertions 2026-03-13 21:40:53 +00:00
Peter Steinberger 6b04ab1e35 refactor: share teams drive upload flow 2026-03-13 16:51:59 +00:00
Peter Steinberger 16ececf0a6
chore: bump version to 2026.3.13 2026-03-13 04:38:32 +00:00
Peter Steinberger de3e6a8c5b fix(routing): require ids for slack and msteams allowlists 2026-03-13 01:44:42 +00:00
Peter Steinberger c25e46a433
chore: prepare 2026.3.12 release 2026-03-13 01:38:20 +00:00
Peter Steinberger ce5dd742f8
build: sync versions to 2026.3.11 2026-03-12 04:01:57 +00:00
Peter Steinberger 0e397e62b7 chore: bump version to 2026.3.10 2026-03-11 23:29:53 +00:00
Brad Groux 568b0a22bb
fix(msteams): use General channel conversation ID as team key for Bot Framework compatibility (#41838) 
* fix(msteams): use General channel conversation ID as team key for Bot Framework compatibility

Bot Framework sends `activity.channelData.team.id` as the General channel's
conversation ID (e.g. `19:abc@thread.tacv2`), not the Graph API group GUID
(e.g. `fa101332-cf00-431b-b0ea-f701a85fde81`). The startup resolver was
storing the Graph GUID as the team config key, so runtime matching always
failed and every channel message was silently dropped.

Fix: always call `listChannelsForTeam` during resolution to find the General
channel, then use its conversation ID as the stored `teamId`. When a specific
channel is also configured, reuse the same channel list rather than issuing a
second API call. Falls back to the Graph GUID if the General channel cannot
be found (renamed/deleted edge case).

Fixes #41390

* fix(msteams): handle listChannelsForTeam failure gracefully

* fix(msteams): trim General channel ID and guard against empty string

* fix: document MS Teams allowlist team-key fix (#41838) (thanks @BradGroux)

---------

Co-authored-by: bradgroux <bradgroux@users.noreply.github.com>
Co-authored-by: Onur <onur@textcortex.com>
 2026-03-10 09:13:41 +01:00
Peter Steinberger f6d0712f50 build: sync plugin versions for 2026.3.9 2026-03-09 08:39:52 +00:00
Peter Steinberger 5fca4c0de0 chore: prepare 2026.3.8-beta.1 release 2026-03-09 07:09:37 +00:00
Peter Steinberger 88aee9161e fix(msteams): enforce sender allowlists with route allowlists 2026-03-09 05:52:19 +00:00
Peter Steinberger 141738f717 refactor: harden browser runtime profile handling 2026-03-09 00:25:43 +00:00
Peter Steinberger 8d7778d1d6 refactor: dedupe plugin runtime stores 2026-03-08 23:38:24 +00:00
Peter Steinberger 64d4d9aabb refactor: move bundled extension gap allowlists into manifests 2026-03-08 18:26:35 +00:00
Peter Steinberger 05217845a7 build: bump version to 2026.3.8 2026-03-08 05:59:04 +00:00
Vincent Koc 6035677545 Teams: use scoped plugin SDK allowlist imports 2026-03-07 16:26:59 -08:00
Vincent Koc 6b2adf663e Teams: use scoped plugin SDK channel imports 2026-03-07 16:26:59 -08:00
Peter Steinberger 2b54070526 refactor: share allowlist provider warning resolution 2026-03-08 00:05:24 +00:00
Peter Steinberger f319ec2dac refactor: share onboarding allowlist entry parsing 2026-03-08 00:05:24 +00:00
Peter Steinberger c9128e1f3f refactor: share trimmed list normalization in provider helpers 2026-03-07 23:27:51 +00:00
Peter Steinberger 8c15b8600c refactor: share sender group policy evaluation 2026-03-07 23:27:51 +00:00
Peter Steinberger feac26c3b7 refactor: share allowFrom formatter scaffolding 2026-03-07 23:27:51 +00:00
Peter Steinberger 5bbca5be91 refactor: share sender-scoped group policy derivation 2026-03-07 23:27:51 +00:00
Peter Steinberger b7d03ea1f5 refactor: centralize open group-policy warning flow collectors 2026-03-07 23:27:51 +00:00
Peter Steinberger 7230b96cc7 refactor: unify extension allowlist resolver and directory scaffolding 2026-03-07 23:27:51 +00:00
Peter Steinberger 8e0e76697a refactor: unify channel open-group-policy warning builders 2026-03-07 23:27:51 +00:00
Peter Steinberger 27dad962fe refactor: normalize runtime group sender gating decisions 2026-03-07 23:27:51 +00:00
Peter Steinberger 6b1c82c4f1 refactor: unify onboarding dm/group policy scaffolding 2026-03-07 23:27:51 +00:00
Vincent Koc e4d80ed556
CI: restore main detect-secrets scan (#38438) 
* Tests: stabilize detect-secrets fixtures

* Tests: fix rebased detect-secrets false positives

* Docs: keep snippets valid under detect-secrets

* Tests: finalize detect-secrets false-positive fixes

* Tests: reduce detect-secrets false positives

* Tests: keep detect-secrets pragmas inline

* Tests: remediate next detect-secrets batch

* Tests: tighten detect-secrets allowlists

* Tests: stabilize detect-secrets formatter drift
 2026-03-07 10:06:35 -08:00
Peter Steinberger 1aa77e4603 refactor(extensions): reuse shared helper primitives 2026-03-07 10:41:05 +00:00
Peter Steinberger 997a9f5b9e chore: bump version to 2026.3.7 2026-03-07 10:09:02 +00:00
Ayaan Zaidi 4ed5febc38 chore(extensions): sync plugin versions 2026-03-06 22:26:15 +05:30
Gustavo Madeira Santana adb400f9b1 Plugins/msteams: migrate to scoped plugin-sdk imports 2026-03-04 02:35:12 -05:00
Gustavo Madeira Santana 10bd6ae3c8 Extensions: migrate msteams plugin-sdk imports 2026-03-04 01:21:30 -05:00
Josh Avant 646817dd80
fix(outbound): unify resolved cfg threading across send paths (#33987) 2026-03-04 00:20:44 -06:00
Gustavo Madeira Santana 1278ee9248 plugin-sdk: add channel subpaths and migrate bundled plugins 2026-03-03 22:07:03 -05:00
Josh Avant 1c200ca7ae
follow-up: align ingress, atomic paths, and channel tests with credential semantics (#33733) 
Merged via squash.

Prepared head SHA: c290c2ab6a
Co-authored-by: joshavant <830519+joshavant@users.noreply.github.com>
Co-authored-by: joshavant <830519+joshavant@users.noreply.github.com>
Reviewed-by: @joshavant
 2026-03-03 20:29:46 -06:00
Josh Avant 806803b7ef
feat(secrets): expand SecretRef coverage across user-supplied credentials (#29580) 
* feat(secrets): expand secret target coverage and gateway tooling

* docs(secrets): align gateway and CLI secret docs

* chore(protocol): regenerate swift gateway models for secrets methods

* fix(config): restore talk apiKey fallback and stabilize runner test

* ci(windows): reduce test worker count for shard stability

* ci(windows): raise node heap for test shard stability

* test(feishu): make proxy env precedence assertion windows-safe

* fix(gateway): resolve auth password SecretInput refs for clients

* fix(gateway): resolve remote SecretInput credentials for clients

* fix(secrets): skip inactive refs in command snapshot assignments

* fix(secrets): scope gateway.remote refs to effective auth surfaces

* fix(secrets): ignore memory defaults when enabled agents disable search

* fix(secrets): honor Google Chat serviceAccountRef inheritance

* fix(secrets): address tsgo errors in command and gateway collectors

* fix(secrets): avoid auth-store load in providers-only configure

* fix(gateway): defer local password ref resolution by precedence

* fix(secrets): gate telegram webhook secret refs by webhook mode

* fix(secrets): gate slack signing secret refs to http mode

* fix(secrets): skip telegram botToken refs when tokenFile is set

* fix(secrets): gate discord pluralkit refs by enabled flag

* fix(secrets): gate discord voice tts refs by voice enabled

* test(secrets): make runtime fixture modes explicit

* fix(cli): resolve local qr password secret refs

* fix(cli): fail when gateway leaves command refs unresolved

* fix(gateway): fail when local password SecretRef is unresolved

* fix(gateway): fail when required remote SecretRefs are unresolved

* fix(gateway): resolve local password refs only when password can win

* fix(cli): skip local password SecretRef resolution on qr token override

* test(gateway): cast SecretRef fixtures to OpenClawConfig

* test(secrets): activate mode-gated targets in runtime coverage fixture

* fix(cron): support SecretInput webhook tokens safely

* fix(bluebubbles): support SecretInput passwords across config paths

* fix(msteams): make appPassword SecretInput-safe in onboarding/token paths

* fix(bluebubbles): align SecretInput schema helper typing

* fix(cli): clarify secrets.resolve version-skew errors

* refactor(secrets): return structured inactive paths from secrets.resolve

* refactor(gateway): type onboarding secret writes as SecretInput

* chore(protocol): regenerate swift models for secrets.resolve

* feat(secrets): expand extension credential secretref support

* fix(secrets): gate web-search refs by active provider

* fix(onboarding): detect SecretRef credentials in extension status

* fix(onboarding): allow keeping existing ref in secret prompt

* fix(onboarding): resolve gateway password SecretRefs for probe and tui

* fix(onboarding): honor secret-input-mode for local gateway auth

* fix(acp): resolve gateway SecretInput credentials

* fix(secrets): gate gateway.remote refs to remote surfaces

* test(secrets): cover pattern matching and inactive array refs

* docs(secrets): clarify secrets.resolve and remote active surfaces

* fix(bluebubbles): keep existing SecretRef during onboarding

* fix(tests): resolve CI type errors in new SecretRef coverage

* fix(extensions): replace raw fetch with SSRF-guarded fetch

* test(secrets): mark gateway remote targets active in runtime coverage

* test(infra): normalize home-prefix expectation across platforms

* fix(cli): only resolve local qr password refs in password mode

* test(cli): cover local qr token mode with unresolved password ref

* docs(cli): clarify local qr password ref resolution behavior

* refactor(extensions): reuse sdk SecretInput helpers

* fix(wizard): resolve onboarding env-template secrets before plaintext

* fix(cli): surface secrets.resolve diagnostics in memory and qr

* test(secrets): repair post-rebase runtime and fixtures

* fix(gateway): skip remote password ref resolution when token wins

* fix(secrets): treat tailscale remote gateway refs as active

* fix(gateway): allow remote password fallback when token ref is unresolved

* fix(gateway): ignore stale local password refs for none and trusted-proxy

* fix(gateway): skip remote secret ref resolution on local call paths

* test(cli): cover qr remote tailscale secret ref resolution

* fix(secrets): align gateway password active-surface with auth inference

* fix(cli): resolve inferred local gateway password refs in qr

* fix(gateway): prefer resolvable remote password over token ref pre-resolution

* test(gateway): cover none and trusted-proxy stale password refs

* docs(secrets): sync qr and gateway active-surface behavior

* fix: restore stability blockers from pre-release audit

* Secrets: fix collector/runtime precedence contradictions

* docs: align secrets and web credential docs

* fix(rebase): resolve integration regressions after main rebase

* fix(node-host): resolve gateway secret refs for auth

* fix(secrets): harden secretinput runtime readers

* gateway: skip inactive auth secretref resolution

* cli: avoid gateway preflight for inactive secret refs

* extensions: allow unresolved refs in onboarding status

* tests: fix qr-cli module mock hoist ordering

* Security: align audit checks with SecretInput resolution

* Gateway: resolve local-mode remote fallback secret refs

* Node host: avoid resolving inactive password secret refs

* Secrets runtime: mark Slack appToken inactive for HTTP mode

* secrets: keep inactive gateway remote refs non-blocking

* cli: include agent memory secret targets in runtime resolution

* docs(secrets): sync docs with active-surface and web search behavior

* fix(secrets): keep telegram top-level token refs active for blank account tokens

* fix(daemon): resolve gateway password secret refs for probe auth

* fix(secrets): skip IRC NickServ ref resolution when NickServ is disabled

* fix(secrets): align token inheritance and exec timeout defaults

* docs(secrets): clarify active-surface notes in cli docs

* cli: require secrets.resolve gateway capability

* gateway: log auth secret surface diagnostics

* secrets: remove dead provider resolver module

* fix(secrets): restore gateway auth precedence and fallback resolution

* fix(tests): align plugin runtime mock typings

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
 2026-03-03 02:58:20 +00:00
Peter Steinberger 0750fc2de1 test: consolidate extension runtime mocks and split bluebubbles webhook auth suite 2026-03-03 02:37:23 +00:00
Peter Steinberger 866bd91c65 refactor: harden msteams lifecycle and attachment flows 2026-03-02 21:19:23 +00:00
Peter Steinberger 089a8785b9 fix: harden msteams revoked-context fallback delivery (#27224) (thanks @openperf) 2026-03-02 20:49:03 +00:00