747609d7d5
fix(node): remove debug console.log on node host startup
...
Fixes #46411
Fixes #46411
2026-03-14 21:17:48 +01:00
b6d1d0d72d
fix(browser): prefer user profile over chrome relay
2026-03-14 04:15:34 +00:00
f4fef64fc1
Gateway: treat scope-limited probe RPC as degraded reachability ( #45622 )
...
* Gateway: treat scope-limited probe RPC as degraded
* Docs: clarify gateway probe degraded scope output
* test: fix CI type regressions in gateway and outbound suites
* Tests: fix Node24 diffs theme loading and Windows assertions
* Tests: fix extension typing after main rebase
* Tests: fix Windows CI regressions after rebase
* Tests: normalize executable path assertions on Windows
* Tests: remove duplicate gateway daemon result alias
* Tests: stabilize Windows approval path assertions
* Tests: fix Discord rate-limit startup fixture typing
* Tests: use Windows-friendly relative exec fixtures
---------
Co-authored-by: Mainframe <mainframe@MainfraacStudio.localdomain>
2026-03-13 23:13:33 -05:00
5c40c1c78a
fix(browser): add browser session selection
2026-03-14 03:46:44 +00:00
d0337a18b6
fix: clear typecheck backlog
2026-03-13 22:09:06 +00:00
8f852ef82f
refactor: share system run success delivery
2026-03-13 21:40:54 +00:00
a879ad7547
test: share node host credential assertions
2026-03-13 21:40:54 +00:00
eec1b3a512
refactor: share system run deny cases
2026-03-13 20:37:53 +00:00
07e5fc19bd
refactor: share system run plan test fixtures
2026-03-13 20:19:38 +00:00
be8d51c301
fix(node-host): harden perl approval binding
2026-03-13 13:09:36 +00:00
2f03de029c
fix(node-host): harden pnpm approval binding
2026-03-13 12:59:55 +00:00
ddcaec89e9
fix(node-host): fail closed on ruby approval preload flags
2026-03-12 23:23:54 +00:00
33ba3ce951
fix(node-host): harden ambiguous approval operand binding ( #44247 )
...
* fix(node-host): harden approval operand binding
* test(node-host): cover approval parser hardening
* docs(changelog): note approval hardening GHSA cluster
* Update CHANGELOG.md
* fix(node-host): remove dead approval parser entries
* test(node-host): cover bunx approval wrapper
* fix(node-host): unwrap pnpm shim exec forms
* test(node-host): cover pnpm shim wrappers
2026-03-12 13:28:35 -04:00
b7a37c2023
fix(node-host): extend script-runner set and add fail-closed guard for mutable-file approval
...
tsx, jiti, ts-node, ts-node-esm, vite-node, and esno were not recognized
as interpreter-style script runners in invoke-system-run-plan.ts. These
runners produced mutableFileOperand: null, causing invoke-system-run.ts
to skip revalidation entirely. A mutated script payload would execute
without the approval binding check that node ./run.js already enforced.
Two-part fix:
- Add tsx, jiti, and related TypeScript/ESM loaders to the known script
runner set so they produce a valid mutableFileOperand from the planner
- Add a fail-closed runtime guard in invoke-system-run.ts that denies
execution when a script run should have a mutable-file binding but the
approval plan is missing it, preventing unknown future runners from
silently bypassing revalidation
Fixes GHSA-qc36-x95h-7j53
2026-03-12 01:34:35 +01:00
0ab8d20917
docs(changelog): note interpreter approval hardening
2026-03-11 02:45:10 +00:00
daaf211e20
fix(node-host): fail closed on unbound interpreter approvals
2026-03-11 02:36:38 +00:00
68c674d37c
refactor(security): simplify system.run approval model
2026-03-11 01:43:06 +00:00
7289c19f1a
fix(security): bind system.run approvals to exact argv text
2026-03-11 01:25:31 +00:00
989ee21b24
ui: fix sessions table collapse on narrow widths ( #12175 )
...
Merged via squash.
Prepared head SHA: b1fcfba868
2026-03-09 23:14:07 -05:00
de49a8b72c
Telegram: exec approvals for OpenCode/Codex ( #37233 )
...
Merged via squash.
Prepared head SHA: f243379094
2026-03-09 23:04:35 -04:00
cc0f30f5fb
test: fix windows runtime and restart loop harnesses
2026-03-09 07:22:23 +00:00
912aa8744a
test: fix Windows fake runtime bin fixtures
2026-03-09 06:50:52 +00:00
cf3a479bd1
fix(node-host): bind bun and deno approval scripts
2026-03-09 05:59:32 +00:00
362248e559
refactor: harden browser relay CDP flows
2026-03-08 23:46:10 +00:00
fcb990e369
Node Host: allowlist password precedence labels
2026-03-07 16:43:22 -08:00
25252ab5ab
gateway: harden shared auth resolution across systemd, discord, and node host
2026-03-07 18:28:32 -06:00
8a469a12b2
test(exec): dedupe wrapper boundary regressions
2026-03-08 00:12:08 +00:00
2fc95a7cfc
fix(exec): close dispatch-wrapper boundary drift
2026-03-07 23:40:38 +00:00
1d1757b16f
fix(exec): recognize PowerShell encoded commands
2026-03-07 23:15:46 +00:00
c76d29208b
fix(node-host): bind approved script operands
2026-03-07 23:04:00 +00:00
3c71e2bd48
refactor(core): extract shared dedup helpers
2026-03-07 10:41:05 +00:00
c8ebd48e0f
fix(node-host): sync rawCommand with hardened argv after executable path pinning ( #33137 )
...
Merged via squash.
Prepared head SHA: a7987905f7
2026-03-04 11:30:33 -05:00
806803b7ef
feat(secrets): expand SecretRef coverage across user-supplied credentials ( #29580 )
...
* feat(secrets): expand secret target coverage and gateway tooling
* docs(secrets): align gateway and CLI secret docs
* chore(protocol): regenerate swift gateway models for secrets methods
* fix(config): restore talk apiKey fallback and stabilize runner test
* ci(windows): reduce test worker count for shard stability
* ci(windows): raise node heap for test shard stability
* test(feishu): make proxy env precedence assertion windows-safe
* fix(gateway): resolve auth password SecretInput refs for clients
* fix(gateway): resolve remote SecretInput credentials for clients
* fix(secrets): skip inactive refs in command snapshot assignments
* fix(secrets): scope gateway.remote refs to effective auth surfaces
* fix(secrets): ignore memory defaults when enabled agents disable search
* fix(secrets): honor Google Chat serviceAccountRef inheritance
* fix(secrets): address tsgo errors in command and gateway collectors
* fix(secrets): avoid auth-store load in providers-only configure
* fix(gateway): defer local password ref resolution by precedence
* fix(secrets): gate telegram webhook secret refs by webhook mode
* fix(secrets): gate slack signing secret refs to http mode
* fix(secrets): skip telegram botToken refs when tokenFile is set
* fix(secrets): gate discord pluralkit refs by enabled flag
* fix(secrets): gate discord voice tts refs by voice enabled
* test(secrets): make runtime fixture modes explicit
* fix(cli): resolve local qr password secret refs
* fix(cli): fail when gateway leaves command refs unresolved
* fix(gateway): fail when local password SecretRef is unresolved
* fix(gateway): fail when required remote SecretRefs are unresolved
* fix(gateway): resolve local password refs only when password can win
* fix(cli): skip local password SecretRef resolution on qr token override
* test(gateway): cast SecretRef fixtures to OpenClawConfig
* test(secrets): activate mode-gated targets in runtime coverage fixture
* fix(cron): support SecretInput webhook tokens safely
* fix(bluebubbles): support SecretInput passwords across config paths
* fix(msteams): make appPassword SecretInput-safe in onboarding/token paths
* fix(bluebubbles): align SecretInput schema helper typing
* fix(cli): clarify secrets.resolve version-skew errors
* refactor(secrets): return structured inactive paths from secrets.resolve
* refactor(gateway): type onboarding secret writes as SecretInput
* chore(protocol): regenerate swift models for secrets.resolve
* feat(secrets): expand extension credential secretref support
* fix(secrets): gate web-search refs by active provider
* fix(onboarding): detect SecretRef credentials in extension status
* fix(onboarding): allow keeping existing ref in secret prompt
* fix(onboarding): resolve gateway password SecretRefs for probe and tui
* fix(onboarding): honor secret-input-mode for local gateway auth
* fix(acp): resolve gateway SecretInput credentials
* fix(secrets): gate gateway.remote refs to remote surfaces
* test(secrets): cover pattern matching and inactive array refs
* docs(secrets): clarify secrets.resolve and remote active surfaces
* fix(bluebubbles): keep existing SecretRef during onboarding
* fix(tests): resolve CI type errors in new SecretRef coverage
* fix(extensions): replace raw fetch with SSRF-guarded fetch
* test(secrets): mark gateway remote targets active in runtime coverage
* test(infra): normalize home-prefix expectation across platforms
* fix(cli): only resolve local qr password refs in password mode
* test(cli): cover local qr token mode with unresolved password ref
* docs(cli): clarify local qr password ref resolution behavior
* refactor(extensions): reuse sdk SecretInput helpers
* fix(wizard): resolve onboarding env-template secrets before plaintext
* fix(cli): surface secrets.resolve diagnostics in memory and qr
* test(secrets): repair post-rebase runtime and fixtures
* fix(gateway): skip remote password ref resolution when token wins
* fix(secrets): treat tailscale remote gateway refs as active
* fix(gateway): allow remote password fallback when token ref is unresolved
* fix(gateway): ignore stale local password refs for none and trusted-proxy
* fix(gateway): skip remote secret ref resolution on local call paths
* test(cli): cover qr remote tailscale secret ref resolution
* fix(secrets): align gateway password active-surface with auth inference
* fix(cli): resolve inferred local gateway password refs in qr
* fix(gateway): prefer resolvable remote password over token ref pre-resolution
* test(gateway): cover none and trusted-proxy stale password refs
* docs(secrets): sync qr and gateway active-surface behavior
* fix: restore stability blockers from pre-release audit
* Secrets: fix collector/runtime precedence contradictions
* docs: align secrets and web credential docs
* fix(rebase): resolve integration regressions after main rebase
* fix(node-host): resolve gateway secret refs for auth
* fix(secrets): harden secretinput runtime readers
* gateway: skip inactive auth secretref resolution
* cli: avoid gateway preflight for inactive secret refs
* extensions: allow unresolved refs in onboarding status
* tests: fix qr-cli module mock hoist ordering
* Security: align audit checks with SecretInput resolution
* Gateway: resolve local-mode remote fallback secret refs
* Node host: avoid resolving inactive password secret refs
* Secrets runtime: mark Slack appToken inactive for HTTP mode
* secrets: keep inactive gateway remote refs non-blocking
* cli: include agent memory secret targets in runtime resolution
* docs(secrets): sync docs with active-surface and web search behavior
* fix(secrets): keep telegram top-level token refs active for blank account tokens
* fix(daemon): resolve gateway password secret refs for probe auth
* fix(secrets): skip IRC NickServ ref resolution when NickServ is disabled
* fix(secrets): align token inheritance and exec timeout defaults
* docs(secrets): clarify active-surface notes in cli docs
* cli: require secrets.resolve gateway capability
* gateway: log auth secret surface diagnostics
* secrets: remove dead provider resolver module
* fix(secrets): restore gateway auth precedence and fallback resolution
* fix(tests): align plugin runtime mock typings
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-03-03 02:58:20 +00:00
dc825e59f5
refactor: unify system.run approval cwd revalidation
2026-03-02 23:46:54 +00:00
500d7cb107
fix: revalidate approval cwd before system.run execution
2026-03-02 23:42:10 +00:00
9617ac9dd5
refactor: dedupe agent and reply runtimes
2026-03-02 19:57:33 +00:00
aee27d0e38
refactor(security): table-drive wrapper approval pinning tests
2026-03-02 17:30:48 +00:00
dded569626
fix(security): preserve system.run wrapper approval semantics
2026-03-02 17:20:52 +00:00
18f8393b6c
fix: harden sandbox writes and centralize atomic file writes
2026-03-02 16:45:12 +00:00
7b5a410b83
fix(node-host): decode Windows exec output with active code page (openclaw#30652) thanks @Sid-Qin
...
Verified:
- pnpm vitest run src/node-host/invoke.sanitize-env.test.ts src/node-host/invoke-system-run.test.ts
Co-authored-by: Sid-Qin <53659198+Sid-Qin@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
2026-03-02 07:50:17 -06:00
b02b94673f
refactor: dedupe runtime and helper flows
2026-03-02 12:55:47 +00:00
29c3ce9454
[AI-assisted] test: fix typing and test fixture issues ( #31444 )
...
* test: fix typing and test fixture issues
* Fix type-test harness issues from session routing and mock typing
* Add routing regression test for session.mainKey precedence
2026-03-02 00:41:21 -08:00
1443bb9a84
chore(tsgo/lint): fix CI errors
2026-03-02 03:03:11 -05:00
d3e0c0b29c
test(gateway): dedupe gateway and infra test scaffolds
2026-03-02 07:13:10 +00:00
155118751f
refactor!: remove versioned system-run approval contract
2026-03-02 01:12:53 +00:00
d06632ba45
refactor(gateway): share node command catalog
2026-02-26 22:01:06 +01:00
d82c042b09
refactor(node-host): split system.run plan and allowlist internals
2026-02-26 22:01:01 +01:00
78a7ff2d50
fix(security): harden node exec approvals against symlink rebind
2026-02-26 21:47:45 +01:00
f789f880c9
fix(security): harden approval-bound node exec cwd handling
2026-02-26 04:14:11 +01:00
42f455739f
fix(security): clarify denyCommands exact-match guidance
2026-02-26 00:55:35 +01:00
Andrew Demczuk
Peter Steinberger
Josh Avant
Vincent Koc
Robin Waslander
Benji Peng
Harold Hunt
Sid
Gustavo Madeira Santana