nyrn
/
openclaw
mirror of https://github.com/openclaw/openclaw.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
23,814 Commits 925 Branches 94 Tags 6.2 GiB
Commit Graph

15 Commits

Author SHA1 Message Date
Peter Steinberger 7f373823b0
refactor: separate exec policy and execution targets 2026-03-23 19:36:44 -07:00
Peter Steinberger d8cef14eb1 fix: split exec and policy resolution for wrapper trust (#53134) (thanks @vincentkoc) 2026-03-23 19:04:04 -07:00
Vincent Koc 32e89b4687 Infra: preserve wrapper executable for multiplexer trust 2026-03-23 19:04:04 -07:00
Peter Steinberger 0b40ec38ab
refactor(exec): share wrapper trust planning 2026-03-22 23:18:54 -07:00
Peter Steinberger 0ac939059e
refactor(exec): split safe-bin semantics 2026-03-22 10:14:46 -07:00
Peter Steinberger 6c2a3b74e3
fix(exec): harden jq safe-bin policy 2026-03-22 10:04:40 -07:00
Peter Steinberger 55a2d12f40 refactor: split inbound and reload pipelines into staged modules 2026-03-02 21:55:01 +00:00
Peter Steinberger 5f0cbd0edc refactor(gateway): dedupe auth and discord monitor suites 2026-03-02 21:31:36 +00:00
User 8da8756f76 fix(exec): escape regex literals in allowlist path matching 2026-03-02 21:26:24 +00:00
Peter Steinberger b02b94673f refactor: dedupe runtime and helper flows 2026-03-02 12:55:47 +00:00
Peter Steinberger 155118751f refactor!: remove versioned system-run approval contract 2026-03-02 01:12:53 +00:00
Peter Steinberger 07f653ffc8 fix: polish bare wildcard allowlist handling (#25250) (thanks @widingmarcus-cyber) 2026-02-24 14:20:11 +00:00
Marcus Widing 0f0b2c0255 fix(exec): match bare * wildcard in allowlist entries (#25082) 
The matchAllowlist() function skipped patterns without path separators
(/, \, ~), causing a bare "*" wildcard entry to never reach the glob
matcher. Since glob's single * maps to [^/]*, it would also fail against
absolute paths. Handle bare "*" as a special case that matches any
resolved executable path.

Closes #25082
 2026-02-24 14:20:11 +00:00
Peter Steinberger a1c4bf07c6 fix(security): harden exec wrapper allowlist execution parity 2026-02-24 01:52:17 +00:00
Peter Steinberger 862975507a refactor(exec): split command resolution and trusted-dir normalization 2026-02-22 23:00:33 +01:00