nyrn
/
openclaw
mirror of https://github.com/openclaw/openclaw.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
23,250 Commits 897 Branches 89 Tags 9.2 GiB
Commit Graph

14 Commits

Author SHA1 Message Date
Vincent Koc d88c68fec1
perf(core): narrow sandbox status imports for error helpers (#51897) 
* perf(core): narrow sandbox status imports for error helpers

* fix(build): add runtime boundaries for reply understanding

Add missing lazy-load runtime shim files required by get-reply.ts.

* fix(debug): remove duplicate spacing in ingress logs

Use logIngressStage suffix spacing consistently for media and link understanding debug lines.
 2026-03-21 15:40:45 -07:00
Peter Steinberger d06ad6bc55 chore: remove verified dead code paths 2026-02-22 09:21:09 +01:00
Peter Steinberger d51929ecb5 fix: block ISATAP SSRF bypass via shared host/ip guard 2026-02-19 09:59:47 +01:00
Peter Steinberger b8b43175c5 style: align formatting with oxfmt 0.33 2026-02-18 01:34:35 +00:00
Peter Steinberger 31f9be126c style: run oxfmt and fix gate failures 2026-02-18 01:29:02 +00:00
cpojer d0cb8c19b2
chore: wtf. 2026-02-17 13:36:48 +09:00
Sebastian ed11e93cf2 chore(format) 2026-02-16 23:20:16 -05:00
cpojer 90ef2d6bdf
chore: Update formatting. 2026-02-17 09:18:40 +09:00
AI-Reviewer-QS 649826e435
fix(security): block private/loopback/metadata IPs in link-understanding URL detection (#15604) 
* fix(security): block private/loopback/metadata IPs in link-understanding URL detection

isAllowedUrl() only blocked 127.0.0.1, leaving localhost, ::1, 0.0.0.0,
private RFC1918 ranges, link-local (169.254.x.x including cloud metadata),
and CGNAT (100.64.0.0/10) accessible for SSRF via link-understanding.

Add comprehensive hostname/IP blocking consistent with the SSRF guard
already used by media/fetch.ts.

* fix(security): harden link-understanding SSRF host checks

* fix: note link-understanding SSRF hardening in changelog (#15604) (thanks @AI-Reviewer-QS)

---------

Co-authored-by: Yi LIU <yi@quantstamp.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
 2026-02-13 18:38:40 +01:00
cpojer f06dd8df06
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts. 2026-02-01 10:03:47 +09:00
cpojer 5ceff756e1
chore: Enable "curly" rule to avoid single-statement if confusion/errors. 2026-01-31 16:19:20 +09:00
Peter Steinberger 9a7160786a refactor: rename to openclaw 2026-01-30 03:16:21 +01:00
Peter Steinberger 6d16a658e5 refactor: rename clawdbot to moltbot with legacy compat 2026-01-27 12:21:02 +00:00
Richard Pinedo 426168a338
Add link understanding tool support (#1637) 
* Add

* Fix

---------

Co-authored-by: Richard <dasilva333@DESKTOP-74E3GJO.localdomain>
 2026-01-25 00:15:54 +00:00