nyrn
/
openclaw
mirror of https://github.com/openclaw/openclaw.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
18,239 Commits 763 Branches 79 Tags 4.7 GiB
Commit Graph

11616 Commits

Author SHA1 Message Date
Gustavo Madeira Santana 3d82e38d9d
Build: sync main manifests and harden Matrix reasoning suppression 2026-03-12 16:47:21 +00:00
Gustavo Madeira Santana 2f71349c03
Matrix: harden config threading and binding cleanup 2026-03-12 16:47:21 +00:00
Gustavo Madeira Santana cde0d16316
ACP: drop stale session id import after main rebase 2026-03-12 16:47:21 +00:00
Gustavo Madeira Santana 69dc1528fa
fMatrix: fix remaining typecheck regressions 2026-03-12 16:47:20 +00:00
Gustavo Madeira Santana 9cff461a12
Matrix: harden migration workflow 2026-03-12 16:47:20 +00:00
Gustavo Madeira Santana 450ed87cb0
Matrix: normalize legacy account selection 2026-03-12 16:47:19 +00:00
Gustavo Madeira Santana ede2500137
Matrix: honor env-backed legacy migration config 2026-03-12 16:47:19 +00:00
Gustavo Madeira Santana e3102fcae7
Matrix: add backup reset and fix migration targeting 2026-03-12 16:47:18 +00:00
Gustavo Madeira Santana 4ae8558288
Matrix: fix validated review comments 2026-03-12 16:47:18 +00:00
Gustavo Madeira Santana 2048d5f668
Matrix: fix secrets scan false positives 2026-03-12 16:47:17 +00:00
Gustavo Madeira Santana 229a897b93
Matrix: finish main sync follow-ups 2026-03-12 16:47:17 +00:00
Gustavo Madeira Santana 723e347294
ACP: fix Matrix binding resolution 2026-03-12 16:47:17 +00:00
Gustavo Madeira Santana 6a53c583e4
Matrix: show account-scoped onboarding paths 2026-03-12 16:47:14 +00:00
Gustavo Madeira Santana 6bfbc4a3ff
Matrix: scope onboarding config to selected account 2026-03-12 16:47:14 +00:00
Gustavo Madeira Santana df6b6762c0
Matrix: fix verification client lifecycle and quiet CLI noise 2026-03-12 16:47:10 +00:00
Gustavo Madeira Santana 21f1e903a4
Plugins: scope SDK imports and harden Matrix routing 2026-03-12 16:47:09 +00:00
Gustavo Madeira Santana e80483ff00
poll and profile fixes 2026-03-12 16:47:09 +00:00
Gustavo Madeira Santana 50568f29d5
Matrix: tighten verification trust and expose profile updates 2026-03-12 16:47:09 +00:00
Gustavo Madeira Santana 9101916e53
Matrix: improve migration startup warnings 2026-03-12 16:47:09 +00:00
Gustavo Madeira Santana 0fdc404a2b
Matrix: keep default account device fields scoped 2026-03-12 16:47:08 +00:00
Gustavo Madeira Santana 8e962668ce
Matrix: replace legacy plugin with new implementation 2026-03-12 16:47:08 +00:00
Gustavo Madeira Santana 887e2aca79
matrix-js: require explicit thread-bound spawn config 2026-03-12 16:47:07 +00:00
Gustavo Madeira Santana 94f3b1b57d
matrix-js: add account-aware bindings and ACP routing 2026-03-12 16:47:07 +00:00
Gustavo Madeira Santana d4e3a98613
matrix-js: add startup verification policy 2026-03-12 16:47:07 +00:00
Gustavo Madeira Santana 3eb6c4c8ec
matrix-js: improve thread context and auto-threading 2026-03-12 16:47:06 +00:00
Gustavo Madeira Santana a670c21ab4
matrix-js: harden reaction handling 2026-03-12 16:47:06 +00:00
Gustavo Madeira Santana 00019c73e4
move matrix-js helpers to be locally scoped 2026-03-12 16:47:06 +00:00
Gustavo Madeira Santana e07b6072b5
make matrix-js atomic and add poll voting support 2026-03-12 16:47:06 +00:00
Gustavo Madeira Santana 082a1aedd5
Tests: restore matrix-js bind integration coverage 2026-03-12 16:47:05 +00:00
Gustavo Madeira Santana 5fddbc1d9b
Matrix-js: sync with main plugin-loading standards 2026-03-12 16:47:05 +00:00
Peter Steinberger 9f08af1f06
fix(ci): harden docker builds and unblock config docs 2026-03-12 16:45:29 +00:00
Gustavo Madeira Santana 46f0bfc55b
Gateway: harden custom session-store discovery (#44176) 
Merged via squash.

Prepared head SHA: 52ebbf5188
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-03-12 16:44:46 +00:00
Nimrod Gutman b77b7485e0 feat(push): add iOS APNs relay gateway (#43369) 
* feat(push): add ios apns relay gateway

* fix(shared): avoid oslog string concatenation

# Conflicts:
#	apps/shared/OpenClawKit/Sources/OpenClawKit/GatewayChannel.swift

* fix(push): harden relay validation and invalidation

* fix(push): persist app attest state before relay registration

* fix(push): harden relay invalidation and url handling

* feat(push): use scoped relay send grants

* feat(push): configure ios relay through gateway config

* feat(push): bind relay registration to gateway identity

* fix(push): tighten ios relay trust flow

* fix(push): bound APNs registration fields (#43369) (thanks @ngutman)
 2026-03-12 18:15:35 +02:00
2233admin 9342739d71
fix(providers): respect user-configured baseUrl for kimi-coding (#36647) 
* fix(providers): respect user-configured baseUrl for kimi-coding

The kimi-coding provider was built exclusively from
`buildKimiCodingProvider()` defaults, ignoring any user-specified
`baseUrl` or other overrides in `openclaw.json` providers config.
This caused 404 errors when users configured a custom endpoint.

Now merge `explicitProviders["kimi-coding"]` on top of defaults,
matching the pattern used by ollama/vllm. User's `baseUrl`, `api`,
and `models` take precedence; env/profile API key still wins.

Fixes #36353

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* Tests: use Kimi implicit provider harness

---------

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
 2026-03-12 12:14:07 -04:00
Vincent Koc 3e28e10c2f
Plugins: require explicit trust for workspace-discovered plugins (#44174) 
* Plugins: disable implicit workspace plugin auto-load

* Tests: cover workspace plugin trust gating

* Changelog: note workspace plugin trust hardening

* Plugins: keep workspace trust gate ahead of memory slot defaults

* Tests: cover workspace memory-slot trust bypass
 2026-03-12 12:12:41 -04:00
chengzhichao-xydt 0a8fa0e001
Moonshot: respect explicit baseUrl for CN endpoint so platform.moonshot.cn keys authenticate (#33637) (#33696) 
* Moonshot: respect explicit baseUrl for CN endpoint so platform.moonshot.cn keys authenticate (#33637)

* Moonshot: address review - remove dead constant, import canonical URLs (#33696)
 2026-03-12 12:10:38 -04:00
Jacob Riff 3fa91cd69d
feat: add sessions_yield tool for cooperative turn-ending (#36537) 
Merged via squash.

Prepared head SHA: 75d9204c86
Co-authored-by: jriff <50276+jriff@users.noreply.github.com>
Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com>
Reviewed-by: @jalehman
 2026-03-12 08:46:47 -07:00
Gustavo Madeira Santana e6897c800b
Plugins: fix env-aware root resolution and caching (#44046) 
Merged via squash.

Prepared head SHA: 6e8852a188
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-03-12 15:31:31 +00:00
Rodrigo Uroz 688e3f0863 Compaction Runner: emit transcript updates post-compact (#25558) 
Merged via squash.

Prepared head SHA: 8a858436ed
Co-authored-by: rodrigouroz <384037+rodrigouroz@users.noreply.github.com>
Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com>
Reviewed-by: @jalehman
 2026-03-12 08:22:12 -07:00
Vincent Koc 8ad0ca309e
Subagents: stop retrying external completion timeouts (#41235) (#43847) 
* Changelog: add subagent announce timeout note

* Tests: cover subagent completion timeout no-retry

* Subagents: stop retrying external completion timeouts

* Config: update subagent announce timeout default docs

* Tests: use fake timers for subagent timeout retry guard
 2026-03-12 11:03:06 -04:00
Vincent Koc 7844bc89a1
Security: require Feishu webhook encrypt key (#44087) 
* Feishu: require webhook encrypt key in schema

* Feishu: cover encrypt key webhook validation

* Feishu: enforce encrypt key at startup

* Feishu: add webhook forgery regression test

* Feishu: collect encrypt key during onboarding

* Docs: require Feishu webhook encrypt key

* Changelog: note Feishu webhook hardening

* Docs: clarify Feishu encrypt key screenshot

* Feishu: treat webhook encrypt key as secret input

* Feishu: resolve encrypt key only in webhook mode
 2026-03-12 11:01:00 -04:00
Vincent Koc 99170e2408
Hardening: normalize Unicode command obfuscation detection (#44091) 
* Exec: cover unicode obfuscation cases

* Exec: normalize unicode obfuscation detection

* Changelog: note exec detection hardening

* Exec: strip unicode tag character obfuscation

* Exec: harden unicode suppression and length guards

* Exec: require path boundaries for safe URL suppressions
 2026-03-12 10:57:49 -04:00
Vincent Koc eff0d5a947
Hardening: tighten preauth WebSocket handshake limits (#44089) 
* Gateway: tighten preauth handshake limits

* Changelog: note WebSocket preauth hardening

* Gateway: count preauth frame bytes accurately

* Gateway: cap WebSocket payloads before auth
 2026-03-12 10:55:41 -04:00
Vincent Koc 48cbfdfac0
Hardening: require LINE webhook signatures (#44090) 
* LINE: require webhook signatures in express handler

* LINE: require webhook signatures in node handler

* LINE: update express signature tests

* LINE: update node signature tests

* Changelog: note LINE webhook hardening

* LINE: validate signatures before parsing webhook bodies

* LINE: reject missing signatures before body reads
 2026-03-12 10:50:36 -04:00
Lyle c965049dc6
fix(mattermost): pass mediaLocalRoots through reply delivery (#44021) 
Merged via squash.

Prepared head SHA: 856f11f129
Co-authored-by: LyleLiu666 <31182860+LyleLiu666@users.noreply.github.com>
Co-authored-by: mukhtharcm <56378562+mukhtharcm@users.noreply.github.com>
Reviewed-by: @mukhtharcm
 2026-03-12 20:13:51 +05:30
Altay b0f717aa02 build: align Node 22 guidance with 22.16 minimum 2026-03-12 20:07:44 +05:30
Altay 0a8d2b6200 build: raise Node 22 compatibility floor to 22.16 2026-03-12 20:07:44 +05:30
Altay deada7edd3 build: default to Node 24 and keep Node 22 compat 2026-03-12 20:07:44 +05:30
Vincent Koc 2f037f0930 Agents: adapt pi-ai oauth and payload hooks 2026-03-12 10:19:14 -04:00
0x4C33 f3be1c828c
fix(status): resolve context window by provider-qualified key, prefer max on bare-id collision, solve #35976 (#36389) 
Merged via squash.

Prepared head SHA: f8cf752c59
Co-authored-by: haoruilee <60883781+haoruilee@users.noreply.github.com>
Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com>
Reviewed-by: @jalehman
 2026-03-12 07:00:36 -07:00