72af92ba4e
qqbot: require explicit allowlist for /bot-logs to prevent info disclosure ( #58895 )
...
* qqbot: harden /bot-logs authorization fallback
* fix(qqbot): harden bot logs allowlist guard
* fix(qqbot): normalize bot logs allowlist entries
2026-04-01 18:40:46 +09:00
07c60ae461
fix(agent): treat webchat exec approvals as native UI ( #58904 )
...
* fix(agent): treat webchat exec approvals as native UI
* docs(changelog): note webchat exec approval UI fix
* test(agent): cover webchat native approval guidance
2026-04-01 18:36:21 +09:00
8b2d24b62b
docs(security): clarify node pairing trust boundary
2026-04-01 18:27:23 +09:00
29784af1e2
style(gateway): normalize node reconnect formatting
2026-04-01 18:27:06 +09:00
f6317fb747
fix(gateway): stop pinning node commands to pairing state
2026-04-01 18:27:06 +09:00
fe57ee513f
test: drop stale task boundary allowlist entries
2026-04-01 10:17:47 +01:00
d005cc8b42
test: align cron abort regression with #58833
2026-04-01 10:17:47 +01:00
92f1772e93
test: allow boundary test on main
2026-04-01 10:17:47 +01:00
f559ea126d
fix: land slash command metadata parsing ( #58725 ) (thanks @Mlightsnow)
2026-04-01 10:17:47 +01:00
3b1f8e3461
fix: strip inbound metadata before slash command detection ( #58674 )
...
Slash commands like /model and /new were silently ignored when the inbound
message body included metadata prefix blocks (Conversation info, Sender info,
timestamps) injected by buildInboundUserContextPrefix. The command detection
functions (hasControlCommand, isControlCommandMessage, parseSendPolicyCommand)
now call stripInboundMetadata before normalizeCommandBody so embedded slash
commands are correctly recognized.
2026-04-01 10:17:20 +01:00
fb28b02540
fix: preserve bundled channel plugin compat ( #58873 )
...
* fix: preserve bundled channel plugin compat
* fix: preserve bundled channel plugin compat (#58873 )
* fix: scope channel plugin compat to bundled plugins (#58873 )
2026-04-01 14:42:36 +05:30
2d53ffdec1
fix(exec): resolve remote approval regressions ( #58792 )
...
* fix(exec): restore remote approval policy defaults
* fix(exec): handle headless cron approval conflicts
* fix(exec): make allow-always durable
* fix(exec): persist exact-command shell trust
* fix(doctor): match host exec fallback
* fix(exec): preserve blocked and inline approval state
* Doctor: surface allow-always ask bypass
* Doctor: match effective exec policy
* Exec: match node durable command text
* Exec: tighten durable approval security
* Exec: restore owner approver fallback
* Config: refresh Slack approval metadata
---------
Co-authored-by: scoootscooob <zhentongfan@gmail.com>
2026-04-01 02:07:20 -07:00
4ceb01f9ed
docs(gateway): document node pairing repair flow
2026-04-01 18:02:56 +09:00
db0cea5689
refactor(gateway): extract node pairing reconciliation
2026-04-01 18:02:31 +09:00
4590ac31cc
fix: note exec approval continuation in changelog ( #58860 ) (thanks @Nanako0129)
2026-04-01 17:56:55 +09:00
7f53c1ca00
test(exec): cover delayed Discord approval continuation
2026-04-01 17:56:55 +09:00
63da2c7034
fix(exec): resume agent session after approval completion
2026-04-01 17:56:55 +09:00
4fa11632b4
fix: escalate to model fallback after rate-limit profile rotation cap ( #58707 )
...
* fix: escalate to model fallback after rate-limit profile rotation cap
Per-model rate limits (e.g. Anthropic Sonnet-only quotas) are not
relieved by rotating auth profiles — if all profiles share the same
model quota, cycling between them loops forever without falling back
to the next model in the configured fallbacks chain.
Apply the same rotation-cap pattern introduced for overloaded_error
(#58348 ) to rate_limit errors:
- Add `rateLimitedProfileRotations` to auth.cooldowns config (default: 1)
- After N profile rotations on a rate_limit error, throw FailoverError
to trigger cross-provider model fallback
- Add `resolveRateLimitProfileRotationLimit` helper following the same
pattern as `resolveOverloadProfileRotationLimit`
Fixes #58572
* fix: cap prompt-side rate-limit failover (#58707 ) (thanks @Forgely3D)
* fix: restore latest-main gates for #58707
---------
Co-authored-by: Ember (Forgely3D) <ember@forgely.co>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-04-01 17:54:10 +09:00
8fce663861
fix(subagents): harden task-registry lifecycle writes ( #58869 )
...
* fix(subagents): harden task-registry lifecycle writes
* chore(changelog): note subagent task-registry hardening
* fix(subagents): align lifecycle terminal timestamps
* fix(subagents): sanitize lifecycle warning metadata
2026-04-01 17:50:52 +09:00
1ce410a7be
fix(sandbox): use browser image for browser runtime matching ( #58759 )
...
* fix(sandbox): compare browser runtimes against sandbox browser image
* refactor(sandbox): route docker runtime matching by config label kind
* fix(sandbox): tag browser runtime removals correctly
* test(sandbox): share docker backend test config
* fix(sandbox): normalize browser runtime image matching
---------
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-04-01 17:44:52 +09:00
10750fb80e
Cron: avoid busy-wait drift for recurring main jobs ( #58872 )
2026-04-01 01:31:21 -07:00
2b67f96895
docs(anthropic): note oauth context1m fallback
2026-04-01 09:21:49 +01:00
32f392eda4
refactor(core): drop old anthropic stream wrapper file
2026-04-01 09:21:48 +01:00
59c23dee09
refactor(anthropic): move stream wrappers into plugin
2026-04-01 09:21:48 +01:00
2bc8a0d67c
refactor: add doctor cron migration helpers
2026-04-01 17:06:24 +09:00
19d0c2dd1d
refactor: remove cron legacy delivery from runtime
2026-04-01 17:06:01 +09:00
2d79c9cb16
docs: add WhatsApp reactionLevel and Feishu Drive comment actions
2026-04-01 16:56:47 +09:00
95182d51cc
fix: harden bundled plugin runtime deps
2026-04-01 08:55:00 +01:00
edfac5f2df
docs(changelog): note line runtime packaging fix
2026-04-01 13:20:50 +05:30
d4643e06bd
fix(line): resolve dist runtime contract path
2026-04-01 13:20:50 +05:30
facdeb3432
feat(tasks): add chat-native task board ( #58828 )
2026-04-01 16:48:36 +09:00
7cf8ccf9b3
fix: avoid startup gateway reload loop ( #58678 ) (thanks @yelog)
2026-04-01 16:47:55 +09:00
71f341c4b4
docs: add /tasks chat command, cleanup-aware status, and QQ Bot troubleshooting
2026-04-01 16:46:04 +09:00
f5431bc07e
docs: clarify doctor cron migration guidance
2026-04-01 16:44:10 +09:00
802bdb099e
refactor: move cron legacy delivery migration to doctor
2026-04-01 16:44:10 +09:00
31ed09bc96
fix: run bundled deps postinstall for global npm
2026-04-01 08:38:24 +01:00
cfa307baed
fix(status): keep task snapshots pure
2026-04-01 16:36:57 +09:00
5a95d65f1e
fix: restore bundled runtime dependency provisioning ( #58782 ) (thanks @obviyus)
...
* fix: restore bundled runtime dependency provisioning
* fix: ship npm runner in packed installs
* fix: address bundled runtime staging review feedback
* fix: include npm runner in docker build contexts
* fix: restore bundled runtime dependency provisioning (#58782 ) (thanks @obviyus)
* fix: allow caret specs through windows npm cmd (#58782 ) (thanks @obviyus)
2026-04-01 13:03:36 +05:30
86b519850e
refactor: consolidate cron delivery boundary parsing
2026-04-01 16:31:51 +09:00
340c99d657
fix(status): filter stale task rows from status cards ( #58810 )
...
* fix(status): filter stale task rows
* test(status): use real task snapshot semantics
* fix(status): prefer failure task context in recent failures
2026-04-01 16:19:02 +09:00
9ab3352b1a
fix: avoid duplicate discord resolve logs
2026-04-01 08:14:54 +01:00
622b91d04e
fix: queue model switches behind busy runs
2026-04-01 16:14:10 +09:00
6776306387
fix: preserve telegram topic delivery routing ( #58489 ) (thanks @cwmine)
2026-04-01 16:13:24 +09:00
e643ba2f5e
fix: preserve telegram topic routing in announce and delivery context
2026-04-01 16:13:24 +09:00
1b94e8ca14
feat: feishu comment event ( #58497 )
...
Merged via squash.
Prepared head SHA: a9dfeb0d62
2026-04-01 00:12:38 -07:00
cad3da52c9
fix(memory): prefer --mask over --glob for qmd collection pattern flag ( #58736 )
...
* fix(memory): prefer --mask over --glob for qmd collection pattern flag
qmd 2.0.1 silently ignores the --glob flag when creating collections,
causing all patterns (e.g. MEMORY.md, memory.md) to fall back to the
default **/*.md glob. This leads to collection conflicts when multiple
collections target the same workspace directory with different patterns.
The existing flag negotiation logic in addCollection() tries --glob
first (when collectionPatternFlag is null), and since qmd accepts the
flag without error, OpenClaw never falls back to --mask. The result is
that memory-root-{agent} gets created with **/*.md instead of MEMORY.md,
and memory-alt-{agent} fails with a duplicate path+pattern conflict.
Fix: default collectionPatternFlag to '--mask' so the working flag is
tried first. The fallback to --glob is preserved for older qmd versions
that may not support --mask.
* docs(changelog): note qmd collection flag fix
---------
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-04-01 16:11:56 +09:00
bd6c017192
fix: skip failing gateway HTTP stages ( #58746 ) (thanks @yelog)
2026-04-01 16:09:36 +09:00
ffa1e5fa92
test: assert console.error in async-rejection stage test
2026-04-01 16:09:36 +09:00
0a636aef24
fix: catch per-stage errors in HTTP request pipeline to prevent cascade 500s ( #58689 )
2026-04-01 16:09:36 +09:00
d9a2690535
test: trim mattermost setup cases
2026-04-01 08:03:26 +01:00
Vincent Koc
Peter Steinberger
HansY
Ayaan Zaidi
nanakotsai
Forgely3D
sandpile
scoootscooob
yi-bot
wittam-01
chi
yelog