nyrn
/
openclaw
mirror of https://github.com/openclaw/openclaw.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
16,738 Commits 745 Branches 79 Tags 3.1 GiB
Commit Graph

606 Commits

Author SHA1 Message Date
Peter Steinberger fe92113472 test(e2e): isolate module mocks across harnesses 2026-03-03 05:52:14 +00:00
Peter Steinberger ef920f2f39 refactor(channels): dedupe monitor message test flows 2026-03-03 01:06:00 +00:00
Peter Steinberger d7dda4dd1a refactor: dedupe channel outbound and monitor tests 2026-03-03 00:15:15 +00:00
Peter Steinberger ea3b7dfde5 fix(channels): normalize MIME kind parsing and reaction fallbacks 2026-03-02 23:48:11 +00:00
Peter Steinberger 55a2d12f40 refactor: split inbound and reload pipelines into staged modules 2026-03-02 21:55:01 +00:00
Peter Steinberger 6a425d189e refactor(channels): dedupe slack telegram and web monitor tests 2026-03-02 21:32:11 +00:00
Peter Steinberger b782ecb7eb refactor: harden plugin install flow and main DM route pinning 2026-03-02 21:22:38 +00:00
scoootscooob 73e6dc361e fix(whatsapp): propagate fromMe through inbound message pipeline 
The `fromMe` flag from Baileys' WAMessage.key was only used for
access-control filtering and then discarded.  This meant agents
could not distinguish owner-sent messages from contact messages
in DM conversations (everything appeared as from the contact).

Add `fromMe` to `WebInboundMessage`, store it during message
construction, and thread it through `buildInboundLine` →
`formatInboundEnvelope` so DM transcripts prefix owner messages
with `(self):`.

Closes #32061

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-02 21:20:21 +00:00
webdevtodayjason ab0b2c21f3 WhatsApp: guard main DM last-route to single owner 2026-03-02 20:33:59 +00:00
Peter Steinberger 9d30159fcd refactor: dedupe channel and gateway surfaces 2026-03-02 19:57:33 +00:00
Peter Steinberger a13586619b test: move integration-heavy suites to e2e lane 2026-03-02 05:33:07 +00:00
Peter Steinberger bce643a0bd refactor(security): enforce account-scoped pairing APIs 2026-02-26 21:57:52 +01:00
Peter Steinberger d6eefe2e75 style: format auth boundary updates 2026-02-26 18:50:47 +01:00
Peter Steinberger 262bca9bdd fix: restore dm command and self-chat auth behavior 2026-02-26 18:49:16 +01:00
Peter Steinberger 64de4b6d6a fix: enforce explicit group auth boundaries across channels 2026-02-26 18:49:16 +01:00
Peter Steinberger cd80c7e7ff refactor: unify dm policy store reads and reason codes 2026-02-26 17:47:57 +01:00
Peter Steinberger 039713c3e7 fix: suppress reasoning payload leakage in whatsapp replies 2026-02-25 01:36:37 +00:00
Peter Steinberger 196a7dbd24 test(media): add win32 dev=0 local media regression 2026-02-25 00:47:02 +00:00
Mark Musson e22a2d77ba fix(whatsapp): stop retry loop on non-retryable 440 close 2026-02-24 23:52:49 +00:00
damaozi c6bb7b0c04 fix(whatsapp): groupAllowFrom sender filter bypassed when groupPolicy is allowlist (#24670) 
(cherry picked from commit af06ebd9a6)
 2026-02-24 04:20:30 +00:00
Peter Steinberger ebde897bb8 fix: add dmScope route guard regression tests (#24949) (thanks @kevinWangSheng) 2026-02-24 03:55:29 +00:00
shenghui kevin 57783680ad fix(whatsapp): guard updateLastRoute when dmScope isolates DM sessions 
When session.dmScope is set to 'per-channel-peer', WhatsApp DMs correctly
resolve isolated session keys, but updateLastRouteInBackground unconditionally
wrote lastTo to the main session key. This caused reply routing corruption
and privacy violations.

Only update main session's lastRoute when the DM session actually IS
the main session (sessionKey === mainSessionKey).

Fixes #24912
 2026-02-24 03:55:29 +00:00
Peter Steinberger b5881d9ef4 fix: avoid WhatsApp silent turns with final-only delivery (#24962) (thanks @SidQin-cyber) 2026-02-24 03:47:20 +00:00
SidQin-cyber 3d22af692c fix(whatsapp): suppress reasoning/thinking content from WhatsApp delivery 
The deliver callback in process-message.ts was forwarding all payload
kinds (tool, block, final) to WhatsApp. Block payloads contain the
model's reasoning/thinking content, which should only be visible in
the internal web UI. This caused chain-of-thought to leak to end users
as separate WhatsApp messages.

Add an early return for non-final payloads so only the actual response
is delivered to the WhatsApp channel, matching how Telegram already
filters by info.kind === "final".

Fixes #24954
Fixes #24605

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-24 03:47:20 +00:00
Coy Geek aef45b2abb fix(logging): redact phone numbers and message content from WhatsApp logs 
Apply redactIdentifier() (SHA-256 hashing) to all recipient JIDs and
phone numbers logged by sendMessageWhatsApp, sendReactionWhatsApp,
sendPollWhatsApp, and runWebHeartbeatOnce. Remove poll question text
and message preview content from log entries, replacing with character
counts where useful for debugging.

The existing redactIdentifier() utility in src/logging/redact-identifier.ts
was already implemented but not wired into any WhatsApp logging path.
This commit connects it to all affected call sites while leaving
functional parameters (actual send calls, event emitters) untouched.

Closes #24957
 2026-02-24 03:36:29 +00:00
Peter Steinberger 0bdcca2f35 test(whatsapp): add log redaction coverage 2026-02-24 03:34:31 +00:00
Glucksberg 1e23d2ecea
fix(whatsapp): respect selfChatMode config in access-control (#24738) 
The selfChatMode config field was resolved by accounts.ts but never
consumed in the access-control logic. Use nullish coalescing so an
explicit true/false from config takes precedence over the allowFrom
heuristic, while undefined falls back to the existing behavior.

Fixes #23788

Co-authored-by: Claude <noreply@anthropic.com>
 2026-02-24 03:33:21 +00:00
Peter Steinberger f97c0922e1 fix(security): harden account-key handling against prototype pollution 2026-02-24 01:09:31 +00:00
Peter Steinberger a430e1722b test(channels): reduce media test runtime and polling 2026-02-24 00:31:58 +00:00
Peter Steinberger 8b192beaaf test: combine web reconnect progression assertions 2026-02-23 21:57:30 +00:00
Peter Steinberger 1c753ea786 test: dedupe fixtures and test harness setup 2026-02-23 05:45:54 +00:00
Peter Steinberger b534dfa3e0 fix(slack,web): harden thread hints and monitor tuning 2026-02-22 22:06:01 +00:00
Peter Steinberger 7c109f5737 fix: resolve ci type errors and reconnect test flake 2026-02-22 21:35:20 +00:00
Peter Steinberger 2dcb244985 refactor(test): dedupe gateway and web scaffolding 2026-02-22 20:04:51 +00:00
Peter Steinberger 0e4f3ccbdf refactor: dedupe media and request-body test scaffolding 2026-02-22 18:37:25 +00:00
Peter Steinberger 24ea941e28 test: dedupe auto-reply web and signal flows 2026-02-22 17:11:54 +00:00
Peter Steinberger 7626503965 test: reduce web auto-reply watchdog timer churn 2026-02-22 17:06:35 +00:00
Peter Steinberger 1cf8f41134 test: dedupe expensive web auto-reply compression coverage 2026-02-22 14:44:19 +00:00
Peter Steinberger 2c0b72acb8 test: speed up slow media and synology suites 2026-02-22 14:18:44 +00:00
Peter Steinberger d116bcfb14 refactor(runtime): consolidate followup, gateway, and provider dedupe paths 2026-02-22 14:08:51 +00:00
Peter Steinberger adfbbcf1f6 chore: merge origin/main into main 2026-02-22 13:42:52 +00:00
Peter Steinberger 6dd36a6b77 refactor(channels): reuse runtime group policy helpers 2026-02-22 12:44:23 +01:00
Peter Steinberger 85e5ed3f78 refactor(channels): centralize runtime group policy handling 2026-02-22 12:35:41 +01:00
Peter Steinberger 42f62821db fix: include shared runtime group-policy helper and coverage (#23367) (thanks @bmendonca3) 2026-02-22 12:21:04 +01:00
Peter Steinberger 777817392d fix: fail closed missing provider group policy across message channels (#23367) (thanks @bmendonca3) 2026-02-22 12:21:04 +01:00
Peter Steinberger 4a2492496e test: move browser and web auto-reply local suites out of e2e 2026-02-22 11:05:26 +00:00
Frank Yang 1051f42f96 fix(stability): patch regex retries and timeout abort handling 2026-02-22 10:59:34 +01:00
Peter Steinberger 6c2e999776 refactor(security): unify secure id paths and guard weak patterns 2026-02-22 10:16:19 +01:00
Peter Steinberger 4f7032fbd9 test(utils): share temp-dir helper across cli and web tests 2026-02-22 07:44:57 +00:00
Peter Steinberger 8af676edb3 test: tighten web and cron cli timeout budgets 2026-02-21 23:36:24 +00:00