nyrn
/
openclaw
mirror of https://github.com/openclaw/openclaw.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
25,331 Commits 948 Branches 95 Tags 6.4 GiB
Commit Graph

143 Commits

Author SHA1 Message Date
Peter Steinberger 38bd525888
test: align strict inline-eval awk denial expectation 2026-04-02 19:09:39 +01:00
Peter Steinberger 3e452f2671
fix: preserve strict inline-eval approval boundaries (#59780) (thanks @luoyanglang) 2026-04-02 18:30:29 +01:00
Peter Steinberger a406045f2f test: accept Windows exec approval denial path 2026-04-03 02:04:26 +09:00
Vincent Koc 990545181b fix(ci): preserve strict inline-eval denial after durable awk trust 2026-04-03 01:55:01 +09:00
Jacob Tomlinson 176c059b05
node-host: bind pnpm dlx approval scripts (#58374) 
* node-host: bind pnpm dlx approval scripts

* node-host: cover pnpm dlx package alias

* node-host: cover pnpm dlx flag forms

* node-host: fail closed on unsafe pnpm dlx flags

* node-host: narrow pnpm dlx fail-closed guard

* node-host: scan pnpm dlx past global --

* node-host: allow pnpm dlx file args

* node-host: allow pnpm dlx data args

* node-host: fail closed on unknown pnpm dlx flags

* node-host: support pnpm workspace-root flag

* node-host: restrict pnpm dlx tail scan

* node-host: support pnpm parallel flag

* changelog: node-host pnpm dlx approval binding (#58374)
 2026-04-02 09:41:28 -07:00
Peter Steinberger fff6333773 fix(exec): implement Windows argPattern allowlist flow 2026-04-03 00:09:28 +09:00
Vincent Koc 08962b6812
fix(browser): keep static helper seams cold (#59471) 
* fix(browser): keep static helper seams cold

* fix(browser): narrow sandbox helper facade imports

* fix(browser): harden host inspection helpers
 2026-04-02 17:12:32 +09:00
Vincent Koc 2d53ffdec1
fix(exec): resolve remote approval regressions (#58792) 
* fix(exec): restore remote approval policy defaults

* fix(exec): handle headless cron approval conflicts

* fix(exec): make allow-always durable

* fix(exec): persist exact-command shell trust

* fix(doctor): match host exec fallback

* fix(exec): preserve blocked and inline approval state

* Doctor: surface allow-always ask bypass

* Doctor: match effective exec policy

* Exec: match node durable command text

* Exec: tighten durable approval security

* Exec: restore owner approver fallback

* Config: refresh Slack approval metadata

---------

Co-authored-by: scoootscooob <zhentongfan@gmail.com>
 2026-04-01 02:07:20 -07:00
Peter Steinberger 5e30da3cad
fix(exec): restore strict inline-eval allow-always reuse 2026-03-31 23:45:22 +09:00
Jacob Tomlinson 7bd2761b92
Exec approvals: detect command carriers in strict inline eval (#57842) 
* Exec approvals: detect command carriers in strict inline eval

* Exec approvals: cover carrier option edge cases

* Exec approvals: cover make and find carriers

* Exec approvals: catch attached eval flags

* Exec approvals: keep sed -E out of inline eval

* Exec approvals: treat sed in-place flags as optional
 2026-03-31 10:58:17 +01:00
Peter Steinberger b4fe0faf1b test: dedupe config and utility suites 2026-03-28 00:46:53 +00:00
Tak Hoffman f5643544c2
Reduce lint suppressions in core tests and runtime 2026-03-27 02:11:26 -05:00
Peter Steinberger 0ef2a9c8b5 refactor: remove core browser test duplicates 2026-03-26 23:28:34 +00:00
Peter Steinberger d1d0887932 refactor: remove legacy browser bridge entrypoints 2026-03-26 23:11:17 +00:00
Peter Steinberger 09c186d5f9 refactor: remove browser compat shadow tree 2026-03-26 22:53:37 +00:00
Peter Steinberger 83ca6fbfc6 refactor: finish browser compat untangle 2026-03-26 22:42:41 +00:00
Peter Steinberger 8eeb7f0829 refactor: switch browser ownership to bundled plugin 2026-03-26 22:20:40 +00:00
Devin Robison 1b3a1246d0
Block reset-profile on lower-privilege browser request surfaces (#54618) 
* Block reset-profile on lower-privilege browser request surfaces

* add missing tests

* Fix tests

* Test fix
 2026-03-25 13:36:59 -06:00
Peter Steinberger 7f373823b0
refactor: separate exec policy and execution targets 2026-03-23 19:36:44 -07:00
Peter Steinberger d8cef14eb1 fix: split exec and policy resolution for wrapper trust (#53134) (thanks @vincentkoc) 2026-03-23 19:04:04 -07:00
Peter Steinberger eac93507c3
fix(browser): enforce node browser proxy allowProfiles 2026-03-23 00:56:44 -07:00
Peter Steinberger 6b9915a106
refactor!: drop legacy CLAWDBOT env compatibility 2026-03-22 22:13:39 -07:00
Peter Steinberger 1ceaad18a6
test: harden vitest no-isolate coverage 2026-03-22 10:48:21 -07:00
Peter Steinberger a94ec3b79b
fix(security): harden exec approval boundaries 2026-03-22 09:35:25 -07:00
Josh Lehman 2364e45fe4
test: align extension runtime mocks with plugin-sdk (#51289) 
* test: align extension runtime mocks with plugin-sdk

Update stale extension tests to mock the plugin-sdk runtime barrels that production code now imports, and harden the Signal tool-result harness around system-event assertions so the channels lane matches current extension boundaries.

Regeneration-Prompt: |
  Verify the failing channels-lane tests against current origin/main in an isolated worktree before changing anything. If the failures reproduce on main, keep the fix test-only unless production behavior is clearly wrong. Recent extension refactors moved Telegram, WhatsApp, and Signal code onto plugin-sdk runtime barrels, so update stale tests that still mock old core module paths to intercept the seams production code now uses. For Signal reaction notifications, avoid brittle assertions that depend on shared queued system-event state when a direct harness spy on enqueue behavior is sufficient. Preserve scope: only touch the failing tests and their local harness, then rerun the reproduced targeted tests plus the full channels lane and repo check gate.

* test: fix extension test drift on main

* fix: lazy-load bundled web search plugin registry

* test: make matrix sweeper failure injection portable

* fix: split heavy matrix runtime-api seams

* fix: simplify bundled web search id lookup

* test: tolerate windows env key casing
 2026-03-20 15:59:53 -07:00
Josh Avant 7abfff756d
Exec: harden host env override handling across gateway and node (#51207) 
* Exec: harden host env override enforcement and fail closed

* Node host: enforce env override diagnostics before shell filtering

* Env overrides: align Windows key handling and mac node rejection
 2026-03-20 15:44:15 -05:00
Vincent Koc 476d948732
!refactor(browser): remove Chrome extension path and add MCP doctor migration (#47893) 
* Browser: replace extension path with Chrome MCP

* Browser: clarify relay stub and doctor checks

* Docs: mark browser MCP migration as breaking

* Browser: reject unsupported profile drivers

* Browser: accept clawd alias on profile create

* Doctor: narrow legacy browser driver migration
 2026-03-15 23:56:08 -07:00
Peter Steinberger a472f988d8
fix: harden remote cdp probes 2026-03-15 08:23:01 -07:00
Andrew Demczuk 747609d7d5
fix(node): remove debug console.log on node host startup 
Fixes #46411

Fixes #46411
 2026-03-14 21:17:48 +01:00
Peter Steinberger b6d1d0d72d
fix(browser): prefer user profile over chrome relay 2026-03-14 04:15:34 +00:00
Josh Avant f4fef64fc1
Gateway: treat scope-limited probe RPC as degraded reachability (#45622) 
* Gateway: treat scope-limited probe RPC as degraded

* Docs: clarify gateway probe degraded scope output

* test: fix CI type regressions in gateway and outbound suites

* Tests: fix Node24 diffs theme loading and Windows assertions

* Tests: fix extension typing after main rebase

* Tests: fix Windows CI regressions after rebase

* Tests: normalize executable path assertions on Windows

* Tests: remove duplicate gateway daemon result alias

* Tests: stabilize Windows approval path assertions

* Tests: fix Discord rate-limit startup fixture typing

* Tests: use Windows-friendly relative exec fixtures

---------

Co-authored-by: Mainframe <mainframe@MainfraacStudio.localdomain>
 2026-03-13 23:13:33 -05:00
Peter Steinberger 5c40c1c78a
fix(browser): add browser session selection 2026-03-14 03:46:44 +00:00
Peter Steinberger d0337a18b6
fix: clear typecheck backlog 2026-03-13 22:09:06 +00:00
Peter Steinberger 8f852ef82f refactor: share system run success delivery 2026-03-13 21:40:54 +00:00
Peter Steinberger a879ad7547 test: share node host credential assertions 2026-03-13 21:40:54 +00:00
Peter Steinberger eec1b3a512 refactor: share system run deny cases 2026-03-13 20:37:53 +00:00
Peter Steinberger 07e5fc19bd refactor: share system run plan test fixtures 2026-03-13 20:19:38 +00:00
Peter Steinberger be8d51c301
fix(node-host): harden perl approval binding 2026-03-13 13:09:36 +00:00
Peter Steinberger 2f03de029c
fix(node-host): harden pnpm approval binding 2026-03-13 12:59:55 +00:00
Peter Steinberger ddcaec89e9
fix(node-host): fail closed on ruby approval preload flags 2026-03-12 23:23:54 +00:00
Vincent Koc 33ba3ce951
fix(node-host): harden ambiguous approval operand binding (#44247) 
* fix(node-host): harden approval operand binding

* test(node-host): cover approval parser hardening

* docs(changelog): note approval hardening GHSA cluster

* Update CHANGELOG.md

* fix(node-host): remove dead approval parser entries

* test(node-host): cover bunx approval wrapper

* fix(node-host): unwrap pnpm shim exec forms

* test(node-host): cover pnpm shim wrappers
 2026-03-12 13:28:35 -04:00
Robin Waslander b7a37c2023
fix(node-host): extend script-runner set and add fail-closed guard for mutable-file approval 
tsx, jiti, ts-node, ts-node-esm, vite-node, and esno were not recognized
as interpreter-style script runners in invoke-system-run-plan.ts. These
runners produced mutableFileOperand: null, causing invoke-system-run.ts
to skip revalidation entirely. A mutated script payload would execute
without the approval binding check that node ./run.js already enforced.

Two-part fix:
- Add tsx, jiti, and related TypeScript/ESM loaders to the known script
  runner set so they produce a valid mutableFileOperand from the planner
- Add a fail-closed runtime guard in invoke-system-run.ts that denies
  execution when a script run should have a mutable-file binding but the
  approval plan is missing it, preventing unknown future runners from
  silently bypassing revalidation

Fixes GHSA-qc36-x95h-7j53
 2026-03-12 01:34:35 +01:00
Peter Steinberger 0ab8d20917 docs(changelog): note interpreter approval hardening 2026-03-11 02:45:10 +00:00
Peter Steinberger daaf211e20 fix(node-host): fail closed on unbound interpreter approvals 2026-03-11 02:36:38 +00:00
Peter Steinberger 68c674d37c refactor(security): simplify system.run approval model 2026-03-11 01:43:06 +00:00
Peter Steinberger 7289c19f1a fix(security): bind system.run approvals to exact argv text 2026-03-11 01:25:31 +00:00
Benji Peng 989ee21b24
ui: fix sessions table collapse on narrow widths (#12175) 
Merged via squash.

Prepared head SHA: b1fcfba868
Co-authored-by: benjipeng <11394934+benjipeng@users.noreply.github.com>
Co-authored-by: BunsDev <68980965+BunsDev@users.noreply.github.com>
Reviewed-by: @BunsDev
 2026-03-09 23:14:07 -05:00
Harold Hunt de49a8b72c
Telegram: exec approvals for OpenCode/Codex (#37233) 
Merged via squash.

Prepared head SHA: f243379094
Co-authored-by: huntharo <5617868+huntharo@users.noreply.github.com>
Co-authored-by: huntharo <5617868+huntharo@users.noreply.github.com>
Reviewed-by: @huntharo
 2026-03-09 23:04:35 -04:00
Peter Steinberger cc0f30f5fb test: fix windows runtime and restart loop harnesses 2026-03-09 07:22:23 +00:00
Peter Steinberger 912aa8744a test: fix Windows fake runtime bin fixtures 2026-03-09 06:50:52 +00:00