nyrn
/
openclaw
mirror of https://github.com/openclaw/openclaw.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
12,894 Commits 712 Branches 79 Tags 2.1 GiB
Commit Graph

12894 Commits

Author SHA1 Message Date
Harold Hunt 02ac5b59d1
Skills: add SonosCLI troubleshooting guidance (openclaw#21316) thanks @huntharo 
Verified:
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: huntharo <5617868+huntharo@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-20 19:52:42 -06:00
jackheuberger feccac6723
fix: sanitize thinking blocks for GitHub Copilot Claude models (openclaw#19459) thanks @jackheuberger 
Verified:
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: jackheuberger <12731288+jackheuberger@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-20 19:48:09 -06:00
Mars a4e7e952e1
fix(ui): strip injected inbound metadata from user messages in history (#22142) 
* fix(ui): strip injected inbound metadata from user messages in history

Fixes #21106
Fixes #21109
Fixes #22116

OpenClaw prepends structured metadata blocks ("Conversation info",
"Sender:", reply-context) to user messages before sending them to the
LLM. These blocks are intentionally AI-context-only and must never reach
the chat history that users see.

Root cause:
`buildInboundUserContextPrefix` in `inbound-meta.ts` prepends the
blocks directly to the stored user message content string, so they are
persisted verbatim and later shown in webchat, TUI, and every other
rendering surface.

Fix:
• `src/auto-reply/reply/strip-inbound-meta.ts` — new utility with a
  6-sentinel fast-path strip (zero-alloc on miss) + 9-test suite.
• `src/tui/tui-session-actions.ts` — wraps `chatLog.addUser(...)` with
  `stripInboundMetadata()` so the TUI never stores the prefix.
• `ui/src/ui/chat/message-normalizer.ts` — strips user-role text content
  items during normalisation so webchat renders clean messages.

* fix(ui): strip inbound metadata for user messages in display path

* test: fix discord component send test spread typing

* fix: strip inbound metadata from mac chat history decode

* fix: align Swift metadata stripping parser with TS implementation

* fix: normalize line endings in inbound metadata stripper

* chore: document Swift/TS metadata-sentinel ownership

* chore: update changelog for inbound metadata strip fix

* changelog: credit Mellowambience for 22142

---------

Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
 2026-02-20 17:35:13 -08:00
Shadow f555835b09
Channels: add thread-aware model overrides 2026-02-20 19:26:25 -06:00
Shadow ee8dd40509
Discord/Telegram: emit edit system events (#22310) 2026-02-20 19:20:07 -06:00
Shadow 105a6307cc
Tests: fix discord components loadConfig mock 2026-02-20 18:37:32 -06:00
Shadow eedea6cf34
Discord: add trusted channel topics on new sessions 2026-02-20 18:22:13 -06:00
Tyler Yust 2dba150c16
Fix path-root flaky tests and restore status emoji defaults (#22274) 2026-02-20 15:45:33 -08:00
Tyler Yust fe57bea088
Subagents: restore announce chain + fix nested retry/drop regressions (#22223) 
* Subagents: restore announce flow and fix nested delivery retries

* fix: prep subagent announce + docs alignment (#22223) (thanks @tyler6204)
 2026-02-20 15:39:09 -08:00
Shadow 086af56867
Discord: keep DM component sessions 2026-02-20 17:37:44 -06:00
Harold Hunt 0f1b2ad962
chore: Reduce app-specific docker image size by ~50% / ~900 MB (AI assisted) (#22019) 
* chore: Reduce docker image size by 50%

* Changelog: note Docker build ownership

---------

Co-authored-by: Shadow <hi@shadowing.dev>
 2026-02-20 17:32:48 -06:00
Shadow 3e1ed0032d
Docs: add Discord forum thread docs 2026-02-20 17:20:24 -06:00
Shadow 68fd8ed866
clankers are dumb 2026-02-20 16:51:12 -06:00
Shadow 1eec2aee4f
Discord: ingest inbound stickers 2026-02-20 16:47:47 -06:00
Shadow 64c29c3755
Discord: avoid reply spam on chunked sends 2026-02-20 16:37:28 -06:00
Shadow df002ef840
Workflow: clarify dirty PR response 2026-02-20 16:32:05 -06:00
Shadow ab27d7b05a
Discord: fix voice command typing 2026-02-20 16:31:41 -06:00
Shadow 4ab946eebf
Discord VC: voice channels, transcription, and TTS (#18774) 2026-02-20 16:06:07 -06:00
Shadow 3100b77f12
Agents: clarify authorized sender prompt (Closes #19794) 2026-02-20 15:55:36 -06:00
Shadow 30a0d3fce1
Status reactions: fix stall timers and gating (#22190) 
* feat: add shared status reaction controller

* feat: add statusReactions config schema

* feat: wire status reactions for Discord and Telegram

* fix: restore original 10s/30s stall defaults for Discord compatibility

* Status reactions: fix stall timers and gating

* Format status reaction imports

---------

Co-authored-by: Matt <mateus.carniatto@gmail.com>
 2026-02-20 15:27:42 -06:00
Tyler Yust 47f3979758 Gateway: force loopback self-connections for local binds 2026-02-20 13:08:26 -08:00
Shadow c378439246
Security: harden tool media paths 2026-02-20 13:32:49 -06:00
Mariano 67edc7790f
iOS: gate capabilities by permissions and add settings controls (#22135) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 92c2660d08
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
 2026-02-20 19:26:30 +00:00
Shadow 39816e61b0
Security: restrict canvas jsonlPath file reads 2026-02-20 13:21:55 -06:00
Shadow 0692927ccd
Changelog: note canvas auth hardening 2026-02-20 13:11:55 -06:00
Mariano f52476f18c
iOS Watch: bridge mirrored notification actions into quick replies (#22123) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 401fbe8a7a
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
 2026-02-20 19:04:58 +00:00
Mariano 9476dda9f6
iOS Chat: clean UI noise and format tool outputs (#22122) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 34dd87b0c0
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
 2026-02-20 19:01:03 +00:00
Mariano 5828708343
iOS/Gateway: harden pairing resolution and settings-driven capability refresh (#22120) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 55b8a93a99
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
 2026-02-20 18:57:04 +00:00
Shadow 61f646c41f
Daemon: harden systemd unit env rendering 2026-02-20 12:51:14 -06:00
Shadow 84281abd4b
Docker: drop root in test images 2026-02-20 12:45:34 -06:00
Shadow 8c9f35cdb5
Agents: sanitize skill env overrides 2026-02-20 12:38:54 -06:00
Shadow 09e6970386
Discord: implement stream preview mode (#22111) 
* Discord: implement stream preview mode

* Changelog: note Discord stream preview mode

* Tests: type discord draft stream mocks

* Docs: document Discord stream preview
 2026-02-20 12:37:15 -06:00
Mariano 5dd304d1c6
fix(gateway): clear pairing state on device token mismatch (#22071) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: ad38d1a529
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
 2026-02-20 18:21:13 +00:00
Mariano 094dbdaf2b
fix(gateway): require loopback proxy IP for trusted-proxy + bind=loopback (#22082) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 6ff3ca9b5d
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
 2026-02-20 18:03:53 +00:00
Xinhua Gu 9c5249714d
fix(gateway): trusted-proxy auth rejected when bind=loopback (#20097) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 8de62f1a8f
Co-authored-by: xinhuagu <562450+xinhuagu@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
 2026-02-20 17:51:35 +00:00
Nachx639 868fe48d58
fix(gateway): allow health method for all authenticated roles (#19699) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: b976443267
Co-authored-by: Nachx639 <71144023+Nachx639@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
 2026-02-20 17:48:44 +00:00
Marcus Castro c8ee33c162
fix(gateway): include export name in hook transform cache key (#13855) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: a9eea919b8
Co-authored-by: mcaxtr <7562095+mcaxtr@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
 2026-02-20 17:44:51 +00:00
Marcus Castro 618b36f07a
fix(gateway): return 404 for missing static assets instead of SPA fallback (#12060) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 32d2ca7a13
Co-authored-by: mcaxtr <7562095+mcaxtr@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
 2026-02-20 17:41:57 +00:00
Coy Geek 914a7c5359
fix: Device Token Scope Escalation via Rotate Endpoint (#20703) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 4f2c2ecef4
Co-authored-by: coygeek <65363919+coygeek@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
 2026-02-20 17:38:58 +00:00
Coy Geek 40a292619e
fix: Control UI Insecure Auth Bypass Allows Token-Only Auth Over HTTP (#20684) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: ad9be4b4d6
Co-authored-by: coygeek <65363919+coygeek@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
 2026-02-20 17:34:34 +00:00
Mariano fe3215092c
test(ios): cover IPv4-mapped IPv6 loopback in manual TLS policy (#22045) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: ec952f0a80
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
 2026-02-20 17:23:33 +00:00
Mariano fd8c6d1f77
iOS: refresh phone/watch app icons with lobster assets (#21997) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: d41caeff38
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
 2026-02-20 16:41:41 +00:00
Mariano 738b011624
iOS/watch: add actionable watch approvals and quick replies (#21996) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 3c2a01f903
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
 2026-02-20 16:39:13 +00:00
Mariano 8e4f6c0384
fix(browser): block upload symlink escapes (#21972) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 4381ef9a4d
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
 2026-02-20 16:36:25 +00:00
Mariano 774d73b458
fix(macos): reject insecure non-loopback ws remote gateway urls (#21971) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 9e8cdbf095
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
 2026-02-20 16:34:00 +00:00
Mariano ebae6f918e
fix(shared): reject insecure non-loopback gateway deep links (#21970) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 279173c7db
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
 2026-02-20 16:31:40 +00:00
Mariano 8fa46d709a
fix(ios): force tls for non-loopback manual gateway hosts (#21969) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 9fb39f566e
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
 2026-02-20 16:28:47 +00:00
Sebastian 72e937a591
fix(gitignore): add mise configuration files and correct .agents entries 2026-02-20 10:17:31 -05:00
Seb Slight 1b886e7378
docs(ui): add animated underline for nav tabs (#21912) 
Add a responsive, animated underline indicator for navigation tabs to
improve visual focus and active-state feedback.

- Introduce CSS for .nav-tabs, .nav-tabs-item and a .nav-tabs-underline
  element, including transitions, positioning, and dark mode color.
- Hide default first h1 in #content to keep header layout consistent.
- Add docs/nav-tabs-underline.js to create and manage the underline
  element, observe DOM mutations, and update underline position/width on
  changes, resize, and when fonts load.
- Preserve last known underline position/width across re-initializations
  to avoid visual jumps.

This change makes active tab state visible with smooth movement and
ensures the underline stays synchronized with dynamic content.
 2026-02-20 09:33:46 -05:00
Seb Slight 7bee4ea336
fix(gitignore): include top-level .agents directory (#21886) 
Add a .agents entry to .gitignore to ensure the repository
ignores a top-level directory named ".agents" in addition to the
existing .agents/ pattern and other agent-related files.
 2026-02-20 08:59:07 -05:00