nyrn
/
openclaw
mirror of https://github.com/openclaw/openclaw.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
22,372 Commits 874 Branches 89 Tags 9.2 GiB
Commit Graph

259 Commits

Author SHA1 Message Date
Jacob Tomlinson f92c92515b
fix(extensions): route fetch calls through fetchWithSsrFGuard (#53929) 
* fix(extensions): route fetch calls through fetchWithSsrFGuard

Replace raw fetch() with fetchWithSsrFGuard in BlueBubbles, Mattermost,
Nextcloud Talk, and Thread Ownership extensions so outbound requests go
through the shared DNS-pinning and network-policy layer.

BlueBubbles: thread allowPrivateNetwork from account config through all
fetch call sites (send, chat, reactions, history, probe, attachments,
multipart). Add _setFetchGuardForTesting hook for test overrides.

Mattermost: add guardedFetchImpl wrapper in createMattermostClient that
buffers the response body before releasing the dispatcher. Handle
null-body status codes (204/304).

Nextcloud Talk: wrap both sendMessage and sendReaction with
fetchWithSsrFGuard and try/finally release.

Thread Ownership: add fetchWithSsrFGuard and ssrfPolicyFromAllowPrivateNetwork
to the plugin SDK surface; use allowPrivateNetwork:true for the
Docker-internal forwarder.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix(extensions): improve null-body handling and test harness cleanup

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix(bluebubbles): default to strict SSRF policy when allowPrivateNetwork is unset

Callers that omit allowPrivateNetwork previously got undefined policy,
which caused blueBubblesFetchWithTimeout to fall through to raw fetch
and bypass the SSRF guard entirely.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix(bluebubbles): thread allowPrivateNetwork through action and monitor call sites

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix(mattermost,nextcloud-talk): add allowPrivateNetwork config for self-hosted/LAN deployments

* fix: regenerate config docs baseline for new allowPrivateNetwork fields

---------

Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-26 02:04:54 -07:00
Mathias Nagler 39fbfd9b28
fix(mattermost): thread resolved cfg through reply delivery send calls (#48347) 
Merged via squash.

Prepared head SHA: 7ca468e365
Co-authored-by: mathiasnagler <9951231+mathiasnagler@users.noreply.github.com>
Co-authored-by: mukhtharcm <56378562+mukhtharcm@users.noreply.github.com>
Reviewed-by: @mukhtharcm
 2026-03-26 01:31:12 +00:00
Peter Steinberger 43058c021e test: collapse setup and monitor channel suites 2026-03-25 04:25:02 +00:00
Ayaan Zaidi 69b9e44762
fix: declare typebox runtime dep for mattermost plugin 2026-03-23 17:39:30 +05:30
Ayaan Zaidi 8f8b79496f fix: keep message-tool buttons optional for Telegram and Mattermost (#52589) (thanks @tylerliu612) 2026-03-23 14:43:41 +05:30
Peter Steinberger 5c8ea0a175 refactor: share channel setup status helpers 2026-03-23 01:56:01 +00:00
Vincent Koc 9a07187339 style(format): fix extension test drift 2026-03-22 18:53:22 -07:00
create aaba1ae653 fix(mattermost): honor replyToMode off for threaded messages 2026-03-22 18:42:56 -07:00
Vincent Koc 6e9cf81a8b test(mattermost): cover directory discovery 2026-03-22 18:42:43 -07:00
Peter Steinberger f3650b466f
style: format mattermost slash monitor test 2026-03-22 18:36:56 -07:00
Vincent Koc a40f781cbe test(mattermost): cover slash and resources 2026-03-22 18:34:54 -07:00
Vincent Koc bad9c8c223 style(format): fix channel test drift 2026-03-22 18:32:07 -07:00
Vincent Koc f580b68380 test(mattermost): cover onchar parsing 2026-03-22 18:30:23 -07:00
Peter Steinberger ecdf5d457a
test: fix latest main test regressions 2026-03-22 18:28:13 -07:00
Vincent Koc 0a329b2c9f Revert "style(format): fix check drift in provider tests" 
This reverts commit 2619f5fe55.
 2026-03-22 18:25:07 -07:00
Vincent Koc 2619f5fe55 style(format): fix check drift in provider tests 2026-03-22 18:24:40 -07:00
Vincent Koc 1b53918d4f test(mattermost): cover monitor auth gates 2026-03-22 18:23:46 -07:00
Vincent Koc 05088eebdc test(mattermost): cover setup surface 2026-03-22 18:01:24 -07:00
Vincent Koc fdcf26ffd3 test(mattermost): cover setup adapter 2026-03-22 17:59:04 -07:00
Vincent Koc a61e5d17f0
deps: update fast-xml-parser and markdown-it (#52541) 
* style: format test files

* deps: bump fast-xml-parser override
 2026-03-22 17:55:47 -07:00
Vincent Koc 7dc1389d55 test(mattermost): cover routing helpers 2026-03-22 17:49:35 -07:00
Peter Steinberger 4cc0d05cfb refactor: share channel runtime state defaults 2026-03-22 23:37:12 +00:00
Peter Steinberger 3a949646da refactor: simplify builder pairing adapters 2026-03-22 22:45:06 +00:00
Peter Steinberger dcd5473283 refactor: adopt shared chat plugin builder 2026-03-22 21:37:32 +00:00
Peter Steinberger 99462776d1 refactor: compose shared channel security adapters 2026-03-22 21:37:31 +00:00
Peter Steinberger 87b2672126 refactor: centralize computed channel status adapters 2026-03-22 21:37:31 +00:00
Peter Steinberger 87722d6327 refactor: extend shared account status snapshot helpers 2026-03-22 20:55:16 +00:00
Peter Steinberger 00b2f10dec refactor: share account snapshot descriptions 2026-03-22 20:55:16 +00:00
Peter Steinberger fa13c2960e refactor: share scoped account accessor adapters 2026-03-22 20:30:21 +00:00
Peter Steinberger ff941b0193 refactor: share nested account config merges 2026-03-22 19:53:51 +00:00
Peter Steinberger c74a50e4f1 refactor: share merged account config helper 2026-03-22 19:01:52 +00:00
Peter Steinberger 017d295edb refactor: adopt shared account merge helpers 2026-03-22 19:01:52 +00:00
Peter Steinberger 412a3eb1ac
build: bump version to 2026.3.22 2026-03-22 11:58:33 -07:00
Vincent Koc 3ce5a8366a
fix(plugins): enforce minimum host versions for installable plugins (#52094) 
* fix(plugins): enforce min host versions

* fix(plugins): tighten min host version validation

* chore(plugins): trim dead min host version code

* fix(plugins): handle malformed min host metadata

* fix(plugins): key manifest cache by host version
 2026-03-22 09:12:08 -07:00
Peter Steinberger 49091ebcbd
chore: update dependencies except carbon 2026-03-22 08:37:03 -07:00
Peter Steinberger b4656f193a test: strengthen regression coverage and trim low-value checks 2026-03-22 07:38:01 +00:00
Vincent Koc 2b4c3c2057
fix(plugin-sdk): remove relative extension boundary escapes (#51939) 
* fix(plugin-sdk): remove relative extension boundary escapes

* Gate new plugin-sdk subpaths on host version

* Add changelog entry for #51939

* Fix local staging for plugin-sdk host version gate

* Raise host floor for line and googlechat plugins

---------

Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-03-21 20:03:18 -05:00
Peter Steinberger 62ddc9d9e0 refactor: consolidate plugin sdk surface 2026-03-20 19:24:10 +00:00
Peter Steinberger 18fa2992f9 fix: restore plugin sdk runtime barrels 2026-03-20 16:46:34 +00:00
Peter Steinberger 50ce9ac1c6 refactor: privatize bundled sdk facades 2026-03-20 15:56:14 +00:00
Tak Hoffman 5b7b5529f1
Plugins: remove shared extension boundary debt 2026-03-18 22:58:40 -05:00
Peter Steinberger 83c5bc946d fix: restore full gate stability 2026-03-19 03:36:03 +00:00
Vincent Koc f19cb738af fix(plugin-sdk): restore public runtime subpaths 2026-03-18 17:38:49 -07:00
Peter Steinberger c70837f07d refactor: converge plugin sdk channel helpers 2026-03-19 00:25:19 +00:00
Peter Steinberger 07d9f725b6 refactor: unify plugin sdk primitives 2026-03-18 23:58:56 +00:00
Peter Steinberger 46f49eb6eb refactor: shrink plugin sdk public surface 2026-03-18 23:31:08 +00:00
Peter Steinberger 62edfdffbd refactor: deduplicate reply payload handling 2026-03-18 18:14:57 +00:00
Peter Steinberger 8d73bc77fa refactor: deduplicate reply payload helpers 2026-03-18 17:30:25 +00:00
Peter Steinberger 27f655ed11 refactor: deduplicate channel runtime helpers 2026-03-18 16:37:27 +00:00
Peter Steinberger c0c3c4824d fix: checkpoint gate fixes before rebase 2026-03-18 15:36:18 +00:00