nyrn
/
openclaw
mirror of https://github.com/openclaw/openclaw.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
14,854 Commits 754 Branches 79 Tags 4.5 GiB
Commit Graph

14854 Commits

Author SHA1 Message Date
Peter Steinberger 069bbf9741 fix(slack): land #26878 allowlist channel ID case-insensitive match (thanks @lbo728) 
Land contributor PR #26878 from @lbo728; include changelog credit and regression tests.

Co-authored-by: lbo728 <extreme0728@gmail.com>
 2026-02-26 02:21:02 +00:00
Ayaan Zaidi 958cafc54f fix: add changelog note for android startup perf (#26659) (thanks @obviyus) 2026-02-26 07:50:09 +05:30
Ayaan Zaidi 410ba918fb fix(android): hydrate gateway token state on init 2026-02-26 07:50:09 +05:30
Ayaan Zaidi 3175640ea2 docs(android): add perf CLI workflow docs 2026-02-26 07:50:09 +05:30
Ayaan Zaidi b49c2cbdd9 perf(android): tighten startup path and add perf tooling 2026-02-26 07:50:09 +05:30
Ayaan Zaidi 4a07c89816 perf(android): make gateway token writes async 2026-02-26 07:50:09 +05:30
Ayaan Zaidi 8d68199793 perf(android): cache device identity and speed hex encoding 2026-02-26 07:50:09 +05:30
Ayaan Zaidi 00fc1f56f1 perf(android): remove startup bc provider registration 2026-02-26 07:50:09 +05:30
Peter Steinberger b8bb8ab3ca docs: clarify personal-by-default onboarding security notice 2026-02-26 02:59:34 +01:00
Peter Steinberger 347f7b9550 fix(msteams): bind file consent invokes to conversation 2026-02-26 02:49:50 +01:00
Peter Steinberger 1f004e6640 refactor(tmp): simplify trusted tmp dir state checks 2026-02-26 02:46:53 +01:00
Ramez acbb93be48
fix(agents): comprehensive quota fallback fixes - session overrides + surgical cooldown logic (#23816) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: e6f2b4742b
Co-authored-by: ramezgaberiel <844893+ramezgaberiel@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-02-25 20:35:40 -05:00
Peter Steinberger 0cc3e8137c refactor(gateway): centralize trusted-proxy control-ui bypass policy 2026-02-26 02:26:52 +01:00
sten moocow 95c6b3a912 fix(telegram): recover polling after prolonged network outages 
When grammY's runner exceeds maxRetryTime during a network outage,
runner.task() resolves cleanly. Previously, the polling loop treated
this as an intentional stop and exited permanently — killing Telegram
polling for the lifetime of the gateway process.

Now the outer loop detects this case and restarts with exponential
backoff, so polling recovers once connectivity is restored.

Also bumps maxRetryTime from 5 minutes to 60 minutes so the runner
itself survives longer outages (e.g. scheduled internet downtime)
without needing the outer loop restart path.
 2026-02-26 01:25:02 +00:00
Peter Steinberger ce8c67c314 fix(slack): gate interactive system events by sender auth 2026-02-26 02:11:50 +01:00
Peter Steinberger 5e1bfb2ce2 docs(changelog): add followup typing fix note (#26881) 2026-02-26 01:07:32 +00:00
Peter Steinberger 8c701ba1ff test(gateway): add hooks bind-host hardening coverage 2026-02-26 00:54:39 +00:00
Peter Steinberger 3cd3d489f4 docs(changelog): note trusted-proxy control-ui hardening 2026-02-26 01:54:32 +01:00
Peter Steinberger ec45c317f5 fix(gateway): block trusted-proxy control-ui node bypass 2026-02-26 01:54:19 +01:00
codexGW 6fb082e131
fix(typing): call markDispatchIdle in followup runner to prevent stuck indicator (#26881) 
The followup runner (used for queued messages, inter-agent sends,
heartbeat followups, etc.) only called typing.markRunComplete() in
its finally block.  The typing controller requires BOTH markRunComplete
AND markDispatchIdle to trigger cleanup — but markDispatchIdle was
only wired through the buffered dispatcher path, which followup turns
bypass entirely.

This caused the typing indicator to persist indefinitely on channels
like Telegram when the agent replied with NO_REPLY or produced empty
payloads, because the keepalive loop was never stopped.

Adds markDispatchIdle() alongside markRunComplete() in the followup
runner's finally block, and four test cases covering NO_REPLY, empty
payloads, agent errors, and successful delivery.

Complements #26295 which addressed the channel-level callback layer.

Fixes #26595

Co-authored-by: Samantha <samantha@Samanthas-Mac-mini.local>
 2026-02-26 00:53:38 +00:00
Peter Steinberger 70e31c6f68 fix(gateway): harden hooks URL parsing (#26864) 2026-02-26 00:47:35 +00:00
Aleksandrs Tihenko c0026274d9
fix(auth): distinguish revoked API keys from transient auth errors (#25754) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 8f9c07a200
Co-authored-by: rrenamed <87486610+rrenamed@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-02-25 19:47:16 -05:00
Peter Steinberger f312222159 test: preserve config exports in agent handler mock 2026-02-26 00:42:51 +00:00
Peter Steinberger aaeed3c4ea test(agents): add missing announce delivery regressions 2026-02-26 00:38:34 +00:00
Peter Steinberger 20c2db2103 refactor(gateway): split browser auth hardening paths 2026-02-26 01:37:00 +01:00
Peter Steinberger 8f8e46d898 refactor: unify reaction ingress policy guards across channels 2026-02-26 01:34:47 +01:00
Peter Steinberger 876018f322 chore(deps): update dependencies and lockfile 2026-02-26 01:31:36 +01:00
Peter Steinberger 4258a3307f refactor(agents): unify subagent announce delivery pipeline 
Co-authored-by: Smith Labs <SmithLabsLLC@users.noreply.github.com>
Co-authored-by: Do Cao Hieu <docaohieu2808@users.noreply.github.com>
 2026-02-26 00:30:44 +00:00
Peter Steinberger aedf62ac7e fix: harden discord and slack reaction ingress authorization 2026-02-26 01:26:47 +01:00
Peter Steinberger c736f11a16 fix(gateway): harden browser websocket auth chain 2026-02-26 01:22:49 +01:00
Peter Steinberger f41715a18f refactor(browser): split act route modules and dedupe path guards 2026-02-26 01:21:34 +01:00
Peter Steinberger 046feb6b0e refactor: simplify telegram event authorization flow 2026-02-26 01:14:05 +01:00
Peter Steinberger 496a76c03b fix(security): harden browser trace/download temp path handling 2026-02-26 01:04:05 +01:00
Peter Steinberger e56b0cf1a0 fix: enforce telegram reaction authorization 2026-02-26 01:03:03 +01:00
Peter Steinberger c6dfa26f03 refactor(signal): unify reaction auth flow and table-drive tests 2026-02-26 01:02:05 +01:00
Shakker f83719937a Changelog: note Discord embed fallback coverage 2026-02-25 23:58:42 +00:00
Shakker a0a229a3bb Discord: align embed fallback in thread starter parsing 2026-02-25 23:58:42 +00:00
User 39cc547f74 fix(discord): include embed title in fallback text (#26907) 2026-02-25 23:58:42 +00:00
Peter Steinberger b090d6019b test(agent-runner): add overflow empty-payload regression coverage (#26905) 2026-02-25 23:57:58 +00:00
Peter Steinberger 42f455739f fix(security): clarify denyCommands exact-match guidance 2026-02-26 00:55:35 +01:00
Peter Steinberger eb73e87f18 fix(session): prevent silent overflow on parent thread forks (#26912) 
Lands #26912 from @markshields-tl with configurable session.parentForkMaxTokens and docs/tests/changelog updates.

Co-authored-by: Mark Shields <239231357+markshields-tl@users.noreply.github.com>
 2026-02-25 23:54:02 +00:00
Peter Steinberger 8d1481cb4a fix(gateway): require pairing for unpaired operator device auth 2026-02-26 00:52:50 +01:00
Peter Steinberger 2aa7842ade fix(signal): enforce auth before reaction notification enqueue 2026-02-26 00:44:46 +01:00
Peter Steinberger ef326f5cd0 fix(browser): revalidate upload paths at use time 2026-02-26 00:40:56 +01:00
Youyou972 15cfba7075
fix: cron model fallback to agent defaults when payload.model fails (#26717) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 06454bd55b
Co-authored-by: Youyou972 <50808411+Youyou972@users.noreply.github.com>
Co-authored-by: shakkernerd <165377636+shakkernerd@users.noreply.github.com>
Reviewed-by: @shakkernerd
 2026-02-25 23:34:31 +00:00
Peter Steinberger 2011edc9e5 fix(gateway): preserve agentId through gateway send path 
Landed from #23249 by @Sid-Qin.
Includes extra regression tests for agentId precedence + blank fallback.

Co-authored-by: Sid <201593046+Sid-Qin@users.noreply.github.com>
 2026-02-25 23:31:35 +00:00
Peter Steinberger 125f4071bc fix(gateway): block agents.files symlink escapes 2026-02-26 00:31:08 +01:00
Peter Steinberger 45d59971e6 docs(changelog): clarify macOS beta scope for oauth fix 2026-02-26 00:26:54 +01:00
Peter Steinberger 5325ed90b2 refactor(nextcloud-talk): extract webhook pipeline and shared test harness 2026-02-26 00:23:36 +01:00
Peter Steinberger f60d9591ef docs(changelog): add macOS auth fix note for setup-token path 2026-02-26 00:23:24 +01:00