nyrn
/
openclaw
mirror of https://github.com/openclaw/openclaw.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
24,172 Commits 899 Branches 93 Tags 5.7 GiB
Commit Graph

15448 Commits

Author SHA1 Message Date
Peter Steinberger 8bf8baef87
Revert "refactor: move tasks into bundled plugin" 
This reverts commit c75f4695b7.
 2026-04-01 01:30:22 +09:00
Peter Steinberger 759d37635d
Revert "refactor: move tasks behind plugin-sdk seam" 
This reverts commit da6e9bb76f.
 2026-04-01 01:30:22 +09:00
Jacob Tomlinson 6c679e5f04
Gateway: reject mixed trusted-proxy token config (#58371) 
* Gateway: reject mixed trusted-proxy token config

Co-authored-by: boy-hack <w8ay@qq.com>

* Gateway: fail closed for loopback trusted-proxy auth

---------

Co-authored-by: boy-hack <w8ay@qq.com>
 2026-03-31 17:05:03 +01:00
Peter Steinberger aab7335236
fix(media): restore whatsapp outbound compatibility 2026-04-01 01:00:27 +09:00
Jacob Tomlinson 78e74d4a64
Plugins: preserve prompt build system prompt precedence (#58375) 2026-03-31 16:52:09 +01:00
Peter Steinberger a842e34f15
test: require Claude 4.6 for Anthropic live selection 2026-03-31 16:41:50 +01:00
Peter Steinberger 43ef8a5a86
refactor(media): centralize outbound access plumbing 2026-04-01 00:32:53 +09:00
Peter Steinberger 015ab98591
fix: restore ci status fast path and whatsapp tests 2026-03-31 16:21:55 +01:00
Vincent Koc 2a1db0c0f1
fix(gateway): narrow plugin route runtime scopes (#58167) 
* wip(gateway): preserve plugin route scope progress

* test(gateway): cover plugin route runtime scopes

* test(gateway): finish plugin route scope rebase

* fix(gateway): drop scopes from plugin-auth routes
 2026-04-01 00:20:49 +09:00
Peter Steinberger 85611f0021
fix: tighten gateway startup plugin loading 2026-04-01 00:20:06 +09:00
Vincent Koc 1ca12ec8bf
fix(hooks): rebind hook agent session keys to the target agent (#58225) 
* fix(hooks): rebind hook agent session keys

* fix(hooks): preserve scoped hook session keys

* fix(hooks): validate normalized dispatch keys
 2026-04-01 00:16:39 +09:00
Peter Steinberger fc5a2f9293
fix(media): add host media read helper 2026-04-01 00:08:20 +09:00
Peter Steinberger 3bb02d3338
fix(media): align outbound sends with fs read capability 2026-04-01 00:07:50 +09:00
openperf 56b5ba0dcb fix: address security and review feedback 
- Fix CWE-209: use static safe message instead of raw provider error text
- Fix CWE-117: sanitize provider/model in logs via sanitizeForLog
- Hide CLI hints from external channels via shouldSurfaceToControlUi
- Move overload cap check before advanceAuthProfile to save setup latency
- Export MAX_LIVE_SWITCH_RETRIES as module-level constant
- Use exact toBe() assertions in tests
- Correct failover decision label to fallback_model
 2026-03-31 20:25:09 +05:30
openperf 1fcd179d8c fix(gateway): prevent session death loop on overloaded fallback 
- Add MAX_LIVE_SWITCH_RETRIES=2 guard in agent-runner-execution.ts
- Add MAX_OVERLOAD_PROFILE_ROTATIONS=1 cap in run.ts for overloaded errors
- Return kind:final with user-visible error on retry exhaustion
- Escalate to cross-provider fallback instead of exhausting same-provider profiles

Fixes #58348
 2026-03-31 20:25:09 +05:30
Peter Steinberger bf96c67fd1
fix: align skill install security gate 2026-03-31 15:53:29 +01:00
Peter Steinberger 192484ed0a
fix: log malformed tool parameters on failure 2026-03-31 15:50:14 +01:00
Peter Steinberger a1e2d2bf42
test: repair stale task and image mocks 2026-03-31 15:48:00 +01:00
Peter Steinberger c425ef3e74
build: bump version to 2026.3.31 2026-03-31 15:48:00 +01:00
Peter Steinberger 5e30da3cad
fix(exec): restore strict inline-eval allow-always reuse 2026-03-31 23:45:22 +09:00
Peter Steinberger ac6f025c43
refactor(approvals): share telegram account binding 2026-03-31 15:39:59 +01:00
Peter Steinberger 461a3a4052
refactor(approvals): share request filter matching 2026-03-31 15:32:49 +01:00
Peter Steinberger 177687ae29
fix: adapt pi model registry calls to constructor API 2026-03-31 15:28:29 +01:00
Peter Steinberger 0d7f1e2c84
feat(security): fail closed on dangerous skill installs 2026-03-31 23:27:20 +09:00
Vincent Koc 98c0c38186 fix(ci): rebalance telegram channel tails 2026-03-31 23:24:16 +09:00
Peter Steinberger da6e9bb76f
refactor: move tasks behind plugin-sdk seam 2026-03-31 15:22:09 +01:00
Peter Steinberger e1da91791a
build: externalize bundled plugin runtime deps 2026-03-31 15:22:08 +01:00
Peter Steinberger 9537094841
test: refresh plugin sdk baseline 2026-03-31 15:22:08 +01:00
Peter Steinberger c75f4695b7
refactor: move tasks into bundled plugin 2026-03-31 15:22:08 +01:00
Peter Steinberger 584db0aff2
fix(approvals): centralize native request binding 2026-03-31 15:20:47 +01:00
Peter Steinberger 0ed7f1fd22
refactor: remove core WhatsApp runtime channel seam 2026-03-31 15:17:13 +01:00
Peter Steinberger e8cb0b3659
fix: tighten live gateway empty-response skips and outbound harness typing 2026-03-31 15:17:13 +01:00
Peter Steinberger 44b9936136
feat(plugins): add dangerous unsafe install override 2026-03-31 23:16:11 +09:00
Peter Steinberger 4fb373466e
refactor: simplify memory recovery and test setup 2026-03-31 15:02:11 +01:00
Peter Steinberger 0711cb4a05
fix(hooks): reduce registration log noise 2026-03-31 14:59:22 +01:00
Peter Steinberger dc0e0b0f68
docs(security): mark shared-secret HTTP auth as designed 2026-03-31 22:58:09 +09:00
Peter Steinberger c1ea0ae9c8
build: update deps and align pi sdk usage 2026-03-31 22:56:20 +09:00
Peter Steinberger cbfeecfab4
fix(gateway): restore shared-secret HTTP tool invoke auth 2026-03-31 22:55:15 +09:00
Jacob Tomlinson 0c83754246
Exec approvals: reject shell init-file script matches (#58369) 2026-03-31 14:53:43 +01:00
Vincent Koc 0ed4f8a72b
fix(media): reject oversized image inputs before decode (#58226) 
* fix(media): cap oversized image inputs

* chore(changelog): add media input guard note

* fix(media): address input guard review feedback

* fix(media): fail closed on unknown sips dimensions

* fix(media): avoid sips fallback in input guard
 2026-03-31 22:52:55 +09:00
Vincent Koc 2df86cce1c refactor(telegram): narrow native command reply dispatch seam 2026-03-31 22:28:53 +09:00
Peter Steinberger 5a93344d82
fix: ship bundled runtime support packages 2026-03-31 14:25:32 +01:00
Vincent Koc 5b7443d175 perf(whatsapp): narrow reply chunking imports 2026-03-31 22:25:14 +09:00
Vincent Koc 37099dae3e fix(ci): restore matrix monitor import guards and windows npm exit codes 2026-03-31 22:04:35 +09:00
Vincent Koc 675b80c4a4 perf(slack): narrow send chunking imports 2026-03-31 21:58:00 +09:00
Gustavo Madeira Santana 4ea1ca4849
Sessions: parse thread suffixes by channel (#58100) 
Merged via squash.

Prepared head SHA: 2829b9c5b5
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-03-31 08:54:16 -04:00
Vincent Koc 11590eb6ce fix(ci): restore dotenv trust boundary and windows npm exit handling 2026-03-31 21:51:17 +09:00
Vincent Koc 7710579a82 perf(telegram): narrow native command import surface 2026-03-31 21:43:16 +09:00
Vincent Koc 25a3d37970 fix(ci): restore matrix guardrails and windows exec shim 2026-03-31 21:27:43 +09:00
Vincent Koc 4d912e0451
fix(exec): block proxy-style env overrides (#58202) 
* fix(exec): block proxy-style env overrides

* fix(exec): keep trusted host proxy env inherited

* fix(exec): block git tls override env vars

* fix(skills): block dangerous env override keys
 2026-03-31 21:25:36 +09:00