nyrn
/
openclaw
mirror of https://github.com/openclaw/openclaw.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
15,221 Commits 712 Branches 79 Tags 2.1 GiB
Commit Graph

15221 Commits

Author SHA1 Message Date
Peter Steinberger 80d44c983f chore(release): cut 2026.2.26-beta.1 2026-02-26 23:10:47 +01:00
Peter Steinberger 90c6744925 docs(changelog): reorder docker gateway fix by user impact 2026-02-26 23:06:40 +01:00
Philipp Spiess a29b18c003 Protocol: regenerate Swift models for systemRunPlanV2 2026-02-26 23:05:23 +01:00
Peter Steinberger 45d868685f fix: enforce dm allowFrom inheritance across account channels (#27936) (thanks @widingmarcus-cyber) 2026-02-26 22:04:16 +00:00
Marcus Widing 0fdac31383 fix: skip allowFrom validation at account level (inherits from parent) 
Account configs inherit channel-level fields at runtime (e.g.,
resolveTelegramAccount shallow-merges top-level and account values).
An account can set dmPolicy='allowlist' and rely on the parent's
allowFrom, so validating allowFrom on the account object alone
incorrectly rejects valid multi-account configs.

Removes requireAllowlistAllowFrom and requireOpenAllowFrom from all
account-level schemas (Telegram, Signal, IRC, iMessage, BlueBubbles).
Top-level config schemas still enforce the validation.

Addresses Codex review feedback on #27936.
 2026-02-26 22:04:16 +00:00
Marcus Widing cbed0e065c fix: reject dmPolicy="allowlist" with empty allowFrom across all channels 
When dmPolicy is set to "allowlist" but allowFrom is missing or empty,
all DMs are silently dropped because no sender can match the empty
allowlist. This is a common pitfall after upgrades that change how
allowlist files are handled (e.g., external allowlist-dm.json files
being deprecated in favor of inline allowFrom arrays).

Changes:
- Add requireAllowlistAllowFrom schema refinement (zod-schema.core.ts)
- Apply validation to all channel schemas: Telegram, Discord, Slack,
  Signal, IRC, iMessage, BlueBubbles, MS Teams, Google Chat, WhatsApp
- Add detectEmptyAllowlistPolicy to doctor-config-flow.ts so
  "openclaw doctor" surfaces a clear warning with remediation steps
- Add 12 test cases covering reject/accept for multiple channels

Fixes #27892
 2026-02-26 22:04:16 +00:00
Peter Steinberger e618794a96 test: align compaction hook usage expectation 2026-02-26 22:03:26 +00:00
Peter Steinberger 39f7dbfe02 fix(cli): make gateway --force resilient to lsof EACCES 2026-02-26 23:02:58 +01:00
Peter Steinberger c03adfb41a test: align compaction hook usage expectation 2026-02-26 22:00:31 +00:00
Peter Steinberger 31c0b04c49 fix(nextcloud-talk): keep startAccount pending until abort (#27897) 2026-02-26 22:00:25 +00:00
Peter Steinberger b1bbf3fff1 fix: harden temp dir perms for umask 0002 (landed from #27860 by @stakeswky) 
Co-authored-by: 不做了睡大觉 <stakeswky@gmail.com>
 2026-02-26 21:59:55 +00:00
Peter Steinberger 53575f2013 fix: add googlechat lifecycle regression test (#27384) (thanks @junsuwhy) 2026-02-26 21:49:26 +00:00
Chang Shu-Huai eb6fa0dacf fix(googlechat): keep startAccount pending until abort to prevent restart loop 2026-02-26 21:49:26 +00:00
Peter Steinberger cb917b7f05 chore: silence onboard warning noise 2026-02-26 22:47:35 +01:00
Peter Steinberger 10c7ae1eca refactor(outbound): split recovery counters and normalize legacy retry entries 2026-02-26 22:42:15 +01:00
Peter Steinberger 5dd264d2fb refactor(daemon): unify runtime binary detection 2026-02-26 22:39:05 +01:00
Peter Steinberger 58171c8918 docs(security): clarify parity-only command-risk reports 2026-02-26 22:37:12 +01:00
Peter Steinberger cceefe833a fix: harden delivery recovery backoff eligibility and tests (#27710) (thanks @Jimmy-xuzimo) 2026-02-26 21:37:00 +00:00
Xu Zimo 0cfd448bab fix(delivery-queue): change break to continue to prevent head-of-line blocking 
When an entry's backoff exceeds the recovery budget, the code was using
break which blocked all subsequent entries from being processed. This
caused permanent queue blockage for any installation with a delivery entry
at retryCount >= 2.

Fix: Changed break to continue so entries whose backoff exceeds the
remaining budget are skipped individually rather than blocking the
entire loop.

Closes #27638
 2026-02-26 21:37:00 +00:00
SidQin-cyber 27f4ab2fb2 fix(models): extend gpt-5.3-codex forward compat to github-copilot 
The codex forward-compat fallback only matched openai-codex, leaving
github-copilot users without gpt-5.3-codex despite the model being
available on the Copilot API.

Made-with: Cursor
 2026-02-26 21:36:57 +00:00
Peter Steinberger 564be6b402 refactor(channels): unify dm pairing policy flows 2026-02-26 22:36:20 +01:00
Peter Steinberger 7e0b3f16e3 fix: preserve assistant usage snapshots during compaction cleanup 2026-02-26 21:35:26 +00:00
Peter Steinberger ca2ae342db fix(cli): accept node24 executable names in argv reparse 2026-02-26 22:35:04 +01:00
Peter Steinberger d33db186d0 docs: reorder unreleased 2026.2.26 changelog entries 2026-02-26 22:30:13 +01:00
Peter Steinberger da61aa8a58 test: fix TS2783 in nodes-utils helper 2026-02-26 21:26:54 +00:00
Peter Steinberger c53b11dccd test: fix pairing/daemon assertion drift 2026-02-26 21:24:50 +00:00
Peter Steinberger a1346a519a refactor(nodes): share default selection and tighten node.list fallback 2026-02-26 22:18:57 +01:00
Peter Steinberger 7ef6623bf3 fix: forward resolved session key in agent delivery (follow-up #27584 by @qualiobra) 
Co-authored-by: Lucas Teixeira Campos Araujo <lucas@MacBook-Pro-de-Lucas.local>
 2026-02-26 21:18:15 +00:00
Peter Steinberger eaa9e1c661 refactor(browser): unify fill field normalization 2026-02-26 22:17:58 +01:00
Peter Steinberger 69b2f8cd8b docs(changelog): credit reporter for pairing isolation fix 2026-02-26 22:14:32 +01:00
Peter Steinberger df65ed7e9e test(gateway): align outbound session assertion shape 2026-02-26 22:14:32 +01:00
Peter Steinberger 2ed9d633b3 fix: browser fill default type parity (#27662) (thanks @Uface11) 2026-02-26 21:14:28 +00:00
Rick a0b12f2ba7 fix(browser): accept fill fields without explicit type 
Default missing fill field type to 'text' in /act route to avoid spurious 'fields are required' failures from relay/tool callers. Add regression test for fill payloads with ref+value only.
 2026-02-26 21:14:28 +00:00
Peter Steinberger 712e231725 fix(agent): forward resolved outbound session context for delivery 2026-02-26 22:14:22 +01:00
Peter Steinberger da9f24dd2e fix: add nodes default-node regression test (#27444) (thanks @carbaj03) 2026-02-26 21:13:19 +00:00
ACV 47bb568cb2 fix(nodes): resolve default node when multiple canvas-capable nodes are connected 
`pickDefaultNode()` returned null when multiple connected canvas-capable
nodes existed and none matched the local Mac heuristic. This caused
"node required" errors for agents (especially sub-agents) calling the
canvas tool without an explicit node parameter.

In multi-node setups, any canvas-capable node is a valid target — the
receiving node broadcasts A2UI surfaces to all other connected devices.
Fall back to the first connected candidate instead of failing.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-02-26 21:13:19 +00:00
Peter Steinberger 4b4718c8df refactor(cli): decompose nodes run approval flow 2026-02-26 22:01:27 +01:00
Peter Steinberger 4e690e09c7 refactor(gateway): centralize system.run approval context and errors 2026-02-26 22:01:16 +01:00
Peter Steinberger d06632ba45 refactor(gateway): share node command catalog 2026-02-26 22:01:06 +01:00
Peter Steinberger d82c042b09 refactor(node-host): split system.run plan and allowlist internals 2026-02-26 22:01:01 +01:00
Peter Steinberger bce643a0bd refactor(security): enforce account-scoped pairing APIs 2026-02-26 21:57:52 +01:00
Peter Steinberger a0c5e28f3b refactor(extensions): use scoped pairing helper 2026-02-26 21:57:52 +01:00
Peter Steinberger 36b6ea1446 docs: enforce repo-relative file refs in AGENTS 2026-02-26 21:57:52 +01:00
Peter Steinberger 192df12d60 test(voice-call): cover verification key and header helpers 2026-02-26 21:54:09 +01:00
Peter Steinberger 535ef8991c refactor(voice-call): enforce verified webhook key contract 2026-02-26 21:54:09 +01:00
Peter Steinberger 6f0b4caa26 refactor(voice-call): share header and guarded api helpers 2026-02-26 21:54:09 +01:00
Peter Steinberger 78a7ff2d50 fix(security): harden node exec approvals against symlink rebind 2026-02-26 21:47:45 +01:00
Peter Steinberger 611dff985d fix(agents): harden embedded pi project settings loading 2026-02-26 21:46:39 +01:00
Peter Steinberger 38b6cee020 feat(config): add embedded pi project settings policy 2026-02-26 21:46:39 +01:00
Peter Steinberger 1aadf26f9a fix(voice-call): bind webhook dedupe to verified request identity 2026-02-26 21:43:51 +01:00