nyrn
/
openclaw
mirror of https://github.com/openclaw/openclaw.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
14,416 Commits 750 Branches 79 Tags 3.2 GiB
Commit Graph

584 Commits

Author SHA1 Message Date
Peter Steinberger b5881d9ef4 fix: avoid WhatsApp silent turns with final-only delivery (#24962) (thanks @SidQin-cyber) 2026-02-24 03:47:20 +00:00
SidQin-cyber 3d22af692c fix(whatsapp): suppress reasoning/thinking content from WhatsApp delivery 
The deliver callback in process-message.ts was forwarding all payload
kinds (tool, block, final) to WhatsApp. Block payloads contain the
model's reasoning/thinking content, which should only be visible in
the internal web UI. This caused chain-of-thought to leak to end users
as separate WhatsApp messages.

Add an early return for non-final payloads so only the actual response
is delivered to the WhatsApp channel, matching how Telegram already
filters by info.kind === "final".

Fixes #24954
Fixes #24605

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-24 03:47:20 +00:00
Coy Geek aef45b2abb fix(logging): redact phone numbers and message content from WhatsApp logs 
Apply redactIdentifier() (SHA-256 hashing) to all recipient JIDs and
phone numbers logged by sendMessageWhatsApp, sendReactionWhatsApp,
sendPollWhatsApp, and runWebHeartbeatOnce. Remove poll question text
and message preview content from log entries, replacing with character
counts where useful for debugging.

The existing redactIdentifier() utility in src/logging/redact-identifier.ts
was already implemented but not wired into any WhatsApp logging path.
This commit connects it to all affected call sites while leaving
functional parameters (actual send calls, event emitters) untouched.

Closes #24957
 2026-02-24 03:36:29 +00:00
Peter Steinberger 0bdcca2f35 test(whatsapp): add log redaction coverage 2026-02-24 03:34:31 +00:00
Glucksberg 1e23d2ecea
fix(whatsapp): respect selfChatMode config in access-control (#24738) 
The selfChatMode config field was resolved by accounts.ts but never
consumed in the access-control logic. Use nullish coalescing so an
explicit true/false from config takes precedence over the allowFrom
heuristic, while undefined falls back to the existing behavior.

Fixes #23788

Co-authored-by: Claude <noreply@anthropic.com>
 2026-02-24 03:33:21 +00:00
Peter Steinberger f97c0922e1 fix(security): harden account-key handling against prototype pollution 2026-02-24 01:09:31 +00:00
Peter Steinberger a430e1722b test(channels): reduce media test runtime and polling 2026-02-24 00:31:58 +00:00
Peter Steinberger 8b192beaaf test: combine web reconnect progression assertions 2026-02-23 21:57:30 +00:00
Peter Steinberger 1c753ea786 test: dedupe fixtures and test harness setup 2026-02-23 05:45:54 +00:00
Peter Steinberger b534dfa3e0 fix(slack,web): harden thread hints and monitor tuning 2026-02-22 22:06:01 +00:00
Peter Steinberger 7c109f5737 fix: resolve ci type errors and reconnect test flake 2026-02-22 21:35:20 +00:00
Peter Steinberger 2dcb244985 refactor(test): dedupe gateway and web scaffolding 2026-02-22 20:04:51 +00:00
Peter Steinberger 0e4f3ccbdf refactor: dedupe media and request-body test scaffolding 2026-02-22 18:37:25 +00:00
Peter Steinberger 24ea941e28 test: dedupe auto-reply web and signal flows 2026-02-22 17:11:54 +00:00
Peter Steinberger 7626503965 test: reduce web auto-reply watchdog timer churn 2026-02-22 17:06:35 +00:00
Peter Steinberger 1cf8f41134 test: dedupe expensive web auto-reply compression coverage 2026-02-22 14:44:19 +00:00
Peter Steinberger 2c0b72acb8 test: speed up slow media and synology suites 2026-02-22 14:18:44 +00:00
Peter Steinberger d116bcfb14 refactor(runtime): consolidate followup, gateway, and provider dedupe paths 2026-02-22 14:08:51 +00:00
Peter Steinberger adfbbcf1f6 chore: merge origin/main into main 2026-02-22 13:42:52 +00:00
Peter Steinberger 6dd36a6b77 refactor(channels): reuse runtime group policy helpers 2026-02-22 12:44:23 +01:00
Peter Steinberger 85e5ed3f78 refactor(channels): centralize runtime group policy handling 2026-02-22 12:35:41 +01:00
Peter Steinberger 42f62821db fix: include shared runtime group-policy helper and coverage (#23367) (thanks @bmendonca3) 2026-02-22 12:21:04 +01:00
Peter Steinberger 777817392d fix: fail closed missing provider group policy across message channels (#23367) (thanks @bmendonca3) 2026-02-22 12:21:04 +01:00
Peter Steinberger 4a2492496e test: move browser and web auto-reply local suites out of e2e 2026-02-22 11:05:26 +00:00
Frank Yang 1051f42f96 fix(stability): patch regex retries and timeout abort handling 2026-02-22 10:59:34 +01:00
Peter Steinberger 6c2e999776 refactor(security): unify secure id paths and guard weak patterns 2026-02-22 10:16:19 +01:00
Peter Steinberger 4f7032fbd9 test(utils): share temp-dir helper across cli and web tests 2026-02-22 07:44:57 +00:00
Peter Steinberger 8af676edb3 test: tighten web and cron cli timeout budgets 2026-02-21 23:36:24 +00:00
Peter Steinberger 59563847e4 test(web): table-drive SSRF and voice input rejection cases 2026-02-21 23:30:13 +00:00
Peter Steinberger 4a2ff03f49 test: dedupe channel/web cases and tighten gateway e2e waits 2026-02-21 23:02:44 +00:00
Peter Steinberger 0bd9f0d4ac
fix: enforce strict allowlist across pairing stores (#23017) 2026-02-22 00:00:23 +01:00
Peter Steinberger 42e181dd4b test(web): dedupe inbound cfg fixtures and cover reply/from formatting 2026-02-21 21:40:39 +00:00
Peter Steinberger dc7ec65c8f test(web): dedupe mention assertions and cover diagnostics helpers 2026-02-21 21:40:39 +00:00
Peter Steinberger d6c2fd5453 test(web): dedupe logout fixture setup and cover non-legacy oauth removal 2026-02-21 21:40:39 +00:00
Peter Steinberger 626d8e9f62 test(web): dedupe temp dir setup in web auto-reply utils tests 2026-02-21 21:40:38 +00:00
Peter Steinberger d982893490 refactor(test): use env helper for web auto-reply timezone test 2026-02-21 19:13:47 +00:00
Vincent Koc d94d21f9b0
test: isolate local media regression fixtures to allowed roots (#22369) 
* fix(tui): strip inbound metadata blocks from user text

* chore: clean up metadata-strip format and changelog credit

* chore: format tui metadata-strip tests

* test(web): isolate local media fixture paths to allow-listed roots
 2026-02-20 21:50:50 -05:00
Shadow f555835b09
Channels: add thread-aware model overrides 2026-02-20 19:26:25 -06:00
Tyler Yust 2dba150c16
Fix path-root flaky tests and restore status emoji defaults (#22274) 2026-02-20 15:45:33 -08:00
Shadow c378439246
Security: harden tool media paths 2026-02-20 13:32:49 -06:00
Nimrod Gutman 741435aacd fix(web): remove unrelated login changes 2026-02-20 14:47:20 +02:00
Nimrod Gutman ac0c1c26b1 fix: preserve ios bg refresh plist key and handle web login retry failures 2026-02-20 14:47:20 +02:00
Peter Steinberger a1cb700a05 test: dedupe and optimize test suites 2026-02-19 15:19:38 +00:00
Peter Steinberger b4792c7362 style: format fs-safe and web media 2026-02-19 09:25:12 +00:00
Peter Steinberger bf3f8ec428 refactor(media): unify safe local file reads 2026-02-19 10:21:20 +01:00
Peter Steinberger a82a41236e test(web): dedupe creds-update trigger helper in session tests 2026-02-19 07:52:32 +00:00
Peter Steinberger 1d71c21aac test(web): dedupe media-failure setup in deliver reply tests 2026-02-19 07:27:47 +00:00
Peter Steinberger d16621f608 fix(test): annotate mock web listener return type 2026-02-18 17:33:25 +00:00
Peter Steinberger e8e47ff00e perf(test): replace manual log polling with vi.waitFor 2026-02-18 17:26:05 +00:00
Peter Steinberger 64a10e64e4 perf(test): replace reconnect polling sleeps with waitFor 2026-02-18 17:22:18 +00:00