nyrn
/
openclaw
mirror of https://github.com/openclaw/openclaw.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
14,699 Commits 763 Branches 79 Tags 4.7 GiB
Commit Graph

520 Commits

Author SHA1 Message Date
Vignesh f72b881276
docs: fix formal verification route (#2583) 2026-01-26 20:50:11 -08:00
vignesh07 39260e7055 docs(security): publish formal verification page under gateway/security 2026-01-26 20:32:12 -08:00
Peter Steinberger e7fdccce39 refactor: route browser control via gateway/node 2026-01-27 03:24:54 +00:00
Gustavo Madeira Santana b861a0bd73 Telegram: harden network retries and config 
Co-authored-by: techboss <techboss@users.noreply.github.com>
 2026-01-26 19:36:43 -05:00
Peter Steinberger 0f8f0fb9d7 docs: clarify command authorization for exec directives 2026-01-26 22:18:41 +00:00
Peter Steinberger 820ab8765a docs: clarify exec defaults 2026-01-26 21:37:56 +00:00
Peter Steinberger 1371e95e57 docs: clarify onboarding + credentials 2026-01-26 20:26:30 +00:00
Peter Steinberger 320b45c051 docs: note sandbox opt-in in gateway security 2026-01-26 20:13:10 +00:00
Peter Steinberger 000d5508aa docs(auth): remove external CLI OAuth reuse 2026-01-26 19:05:00 +00:00
Peter Steinberger b9098f3401 fix: remove unsupported gateway auth off option 2026-01-26 17:44:23 +00:00
Peter Steinberger e6bdffe568 feat: add control ui device auth bypass 2026-01-26 17:40:28 +00:00
Peter Steinberger ded366d9ab docs: expand security guidance for prompt injection and browser control 2026-01-26 15:20:14 +00:00
Jamieson O'Reilly a1f9825d63
security: add mDNS discovery config to reduce information disclosure (#1882) 
* security: add mDNS discovery config to reduce information disclosure

mDNS broadcasts can expose sensitive operational details like filesystem
paths (cliPath) and SSH availability (sshPort) to anyone on the local
network. This information aids reconnaissance and should be minimized
for gateways exposed beyond trusted networks.

Changes:
- Add discovery.mdns.enabled config option to disable mDNS entirely
- Add discovery.mdns.minimal option to omit cliPath/sshPort from TXT records
- Update security docs with operational security guidance

Minimal mode still broadcasts enough for device discovery (role, gatewayPort,
transport) while omitting details that help map the host environment.
Apps that need CLI path can fetch it via the authenticated WebSocket.

* fix: default mDNS discovery mode to minimal (#1882) (thanks @orlyjamie)

---------

Co-authored-by: theonejvo <orlyjamie@users.noreply.github.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
 2026-01-26 13:32:11 +00:00
Peter Steinberger c4a80f4edb fix: require gateway auth by default 2026-01-26 12:56:33 +00:00
Peter Steinberger fd9be79be1 fix: harden tailscale serve auth 2026-01-26 12:49:19 +00:00
Ross Morsali ffaeee4c39 fix: preserve CLI session IDs for session resume 
- Add resumeArgs to DEFAULT_CLAUDE_BACKEND for proper --resume flag usage
- Fix gateway not preserving cliSessionIds/claudeCliSessionId in nextEntry
- Add test for CLI session ID preservation in gateway agent handler
- Update docs with new resumeArgs default
 2026-01-25 21:09:04 +00:00
Jamieson O'Reilly 6aec34bc60
fix(gateway): prevent auth bypass when behind unconfigured reverse proxy (#1795) 
* fix(gateway): prevent auth bypass when behind unconfigured reverse proxy

When proxy headers (X-Forwarded-For, X-Real-IP) are present but
gateway.trustedProxies is not configured, the gateway now treats
connections as non-local. This prevents a scenario where all proxied
requests appear to come from localhost and receive automatic trust.

Previously, running behind nginx/Caddy without configuring trustedProxies
would cause isLocalClient=true for all external connections, potentially
bypassing authentication and auto-approving device pairing.

The gateway now logs a warning when this condition is detected, guiding
operators to configure trustedProxies for proper client IP detection.

Also adds documentation for reverse proxy security configuration.

* fix: harden reverse proxy auth (#1795) (thanks @orlyjamie)

---------

Co-authored-by: orlyjamie <orlyjamie@users.noreply.github.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
 2026-01-25 15:08:03 +00:00
Peter Steinberger 0130ecd800 fix: paragraph-aware newline chunking (#1726) 
Thanks @tyler6204

Co-authored-by: Tyler Yust <64381258+tyler6204@users.noreply.github.com>
 2026-01-25 13:24:19 +00:00
Peter Steinberger 8f3da653b0 fix: allow control ui token auth without pairing 2026-01-25 12:47:17 +00:00
Peter Steinberger 653401774d
fix(telegram): honor linkPreview on fallback (#1730) 
* feat: add notice directive parsing

* fix: honor telegram linkPreview config (#1700) (thanks @zerone0x)
 2026-01-25 07:55:39 +00:00
Seb Slight d4f60bf16a
TTS: gate auto audio on inbound voice notes (#1667) 
Co-authored-by: Sebastian <sebslight@gmail.com>
 2026-01-25 04:35:20 +00:00
Peter Steinberger ede5145191 docs: sweep support troubleshooting updates 2026-01-25 04:33:14 +00:00
Peter Steinberger 458e731f8b fix: newline chunking across channels 2026-01-25 04:11:36 +00:00
Peter Steinberger 629ce4454d docs: add tips + clawd-to-clawd faq 2026-01-25 04:04:18 +00:00
Peter Steinberger e6e71457e0 fix: honor trusted proxy client IPs (PR #1654) 
Thanks @ndbroadbent.

Co-authored-by: Nathan Broadbent <git@ndbroadbent.com>
 2026-01-25 01:52:19 +00:00
Peter Steinberger ce89bc2b40 docs: add anthropic auth error troubleshooting 2026-01-25 00:07:19 +00:00
Peter Steinberger 8e159ab0b7
fix: follow up config.patch restarts/docs/tests (#1653) 
* fix: land config.patch restarts/docs/tests (#1624) (thanks @Glucksberg)

* docs: update changelog entry for config.patch follow-up (#1653) (thanks @Glucksberg)
 2026-01-24 23:33:13 +00:00
Peter Steinberger 5570e1a946 fix: polish Google Chat plugin (#1635) (thanks @iHildy) 
Co-authored-by: Ian Hildebrand <ian@jedi.net>
 2026-01-24 23:30:45 +00:00
iHildy b76cd6695d feat: add beta googlechat channel 2026-01-24 23:30:45 +00:00
Peter Steinberger 9f8e66359e fix: default direct gateway port + docs (#1603) (thanks @ngutman) 2026-01-24 21:10:54 +00:00
Peter Steinberger ef7971e3a4 fix: normalize heartbeat targets 2026-01-24 13:53:00 +00:00
Peter Steinberger cfdd5a8c2e docs: consolidate faq under help 2026-01-24 09:49:38 +00:00
Peter Steinberger 6765fd15eb feat: default TTS model overrides on (#1559) (thanks @Glucksberg) 
Co-authored-by: Glucksberg <80581902+Glucksberg@users.noreply.github.com>
 2026-01-24 09:42:32 +00:00
Peter Steinberger b4a2dc81a2 docs: expand heartbeat visibility config examples 2026-01-24 09:31:04 +00:00
Peter Steinberger d73e8ecca3 fix: document tools invoke + honor main session key (#1575) (thanks @vignesh07) 2026-01-24 09:29:32 +00:00
Peter Steinberger d4d17025cf docs: add oauth refresh troubleshooting 2026-01-24 09:21:15 +00:00
Peter Steinberger 7b76db2841 fix: document heartbeat visibility controls (#1452) (thanks @dlauer) 2026-01-24 09:07:03 +00:00
Peter Steinberger d9a467fe3b feat: move TTS into core (#1559) (thanks @Glucksberg) 2026-01-24 08:00:44 +00:00
JustYannicc dd06028827
feat(heartbeat): skip API calls when HEARTBEAT.md is effectively empty (#1535) 
* feat: skip heartbeat API calls when HEARTBEAT.md is effectively empty

- Added isHeartbeatContentEffectivelyEmpty() to detect files with only headers/comments
- Modified runHeartbeatOnce() to check HEARTBEAT.md content before polling the LLM
- Returns early with 'empty-heartbeat-file' reason when no actionable tasks exist
- Preserves existing behavior when file is missing (lets LLM decide)
- Added comprehensive test coverage for empty file detection
- Saves API calls/costs when heartbeat file has no meaningful content

* chore: update HEARTBEAT.md template to be effectively empty by default

Changed instruction text to comment format so new workspaces benefit from
heartbeat optimization immediately. Users still get clear guidance on usage.

* fix: only treat markdown headers (# followed by space) as comments, not #TODO etc

* refactor: simplify regex per code review suggestion

* docs: clarify heartbeat empty file behavior (#1535) (thanks @JustYannicc)

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
 2026-01-24 04:19:01 +00:00
Peter Steinberger 71203829d8 feat: add system cli 2026-01-24 04:03:07 +00:00
Peter Steinberger 00fd57b8f5 fix: honor wildcard tool allowlists 2026-01-24 01:30:44 +00:00
justyannicc e882f7d207 docs: add cron vs heartbeat decision guide 
- New docs/automation/cron-vs-heartbeat.md with complete guidance
- Cross-links from heartbeat.md and cron-jobs.md
- Updated AGENTS.md template with practical guidance
- Added navigation entry in docs.json
 2026-01-24 00:42:56 +00:00
Peter Steinberger bd7443b39b docs: update media auto-detect 2026-01-23 05:47:16 +00:00
Peter Steinberger 279f799388 fix: harden Mattermost plugin gating (#1428) (thanks @damoahdominic) 2026-01-23 01:23:23 +00:00
Peter Steinberger 52b6bf04af fix: improve tool summaries 2026-01-23 01:00:24 +00:00
Peter Steinberger fac21e6eb4
Merge pull request #1428 from bestparents/feat/mattermost-channel 
feat: add Mattermost channel support
 2026-01-23 00:24:47 +00:00
Peter Steinberger c7e0dc10fc docs: fix remaining node ws references 2026-01-22 23:22:56 +00:00
Dominic Damoah 01579aa7d7
Merge branch 'main' into feat/mattermost-channel 2026-01-22 18:17:40 -05:00
Peter Steinberger 96f1846c2c docs: align node transport with gateway ws 2026-01-22 23:10:09 +00:00
Peter Steinberger 826013c990 docs: refresh nodes + pairing docs 2026-01-22 22:02:06 +00:00
Dominic Damoah fe77d3eb56
Merge branch 'main' into feat/mattermost-channel 2026-01-22 02:49:17 -05:00
Peter Steinberger 8544df36b8 feat: extend Control UI assistant identity 2026-01-22 07:08:13 +00:00
Peter Steinberger d19a0249f8 fix: align rolling logs to local time 2026-01-22 07:02:52 +00:00
Peter Steinberger 6539c09a93 Merge remote-tracking branch 'origin/main' into feature/agent-avatar-support 2026-01-22 06:03:56 +00:00
Peter Steinberger a2981c5a2c feat: add elevated ask/full modes 2026-01-22 05:41:11 +00:00
Peter Steinberger a59ac5cf6f feat: add agent identity avatars (#1329) (thanks @dlauer) 2026-01-22 05:37:15 +00:00
Peter Steinberger e0896de2bf feat: surface repo root in runtime prompt 2026-01-22 05:20:42 +00:00
Peter Steinberger 9ae03b92bb docs: clarify prompt injection guidance 2026-01-22 04:19:33 +00:00
Peter Steinberger a2bea8e366 feat: add agent avatar support (#1329) (thanks @dlauer) 2026-01-22 04:00:07 +00:00
Zach Knickerbocker 7725dd6795 feat: configurable heartbeat session 2026-01-22 01:36:28 +00:00
Peter Steinberger 7e1a17e5e6 fix: unify exec approval ids 2026-01-22 00:59:29 +00:00
Peter Steinberger 7eef176afc fix: warn on unset gateway.mode 2026-01-22 00:21:08 +00:00
Peter Steinberger f76e3c1419 fix: enforce secure control ui auth 2026-01-21 23:58:42 +00:00
Dominic Damoah bf6df6d6b7 feat: add Mattermost channel support 
Add Mattermost as a supported messaging channel with bot API and WebSocket integration. Includes channel state tracking (tint, summary, details), multi-account support, and delivery target routing. Update documentation and tests to include Mattermost alongside existing channels.
 2026-01-21 18:40:56 -05:00
Peter Steinberger b5fd66c92d fix: add explicit tailnet gateway bind 2026-01-21 20:36:09 +00:00
Peter Steinberger 76600e80ba docs: simplify heartbeat active hours example 2026-01-21 20:33:23 +00:00
Peter Steinberger 31943dcecb feat: add heartbeat active hours 2026-01-21 20:30:37 +00:00
Peter Steinberger 6492e90c1b feat: add auth-aware cache defaults 2026-01-21 20:23:39 +00:00
Peter Steinberger 0daaa5b592 fix: restore 1h cache ttl option 2026-01-21 20:00:32 +00:00
Peter Steinberger 6866cca6d7 docs: clarify cache-ttl pruning window 2026-01-21 20:00:32 +00:00
Peter Steinberger 9f59ff325b feat: add cache-ttl pruning mode 2026-01-21 19:46:24 +00:00
Echo c415ccaed5
feat(sessions): add channelIdleMinutes config for per-channel session idle durations (#1353) 
* feat(sessions): add channelIdleMinutes config for per-channel session idle durations

Add new `channelIdleMinutes` config option to allow different session idle
timeouts per channel. For example, Discord sessions can now be configured
to last 7 days (10080 minutes) while other channels use shorter defaults.

Config example:
  sessions:
    channelIdleMinutes:
      discord: 10080  # 7 days

The channel-specific idle is passed as idleMinutesOverride to the existing
resolveSessionResetPolicy, integrating cleanly with the new reset policy
architecture.

* fix

* feat: add per-channel session reset overrides (#1353) (thanks @cash-echo-bot)

---------

Co-authored-by: Cash Williams <cashwilliams@gmail.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
 2026-01-21 19:10:31 +00:00
Peter Steinberger c129f0bbaa docs: align gateway service naming 2026-01-21 17:45:26 +00:00
Peter Steinberger cd25d69b4d fix: harden bluebubbles short ids and fetch wrapper (#1369) (thanks @tyler6204) 2026-01-21 17:09:15 +00:00
Peter Steinberger 39e24c9937 docs: update node CLI references 2026-01-21 16:48:42 +00:00
Peter Steinberger a0cd295c0f fix: add browser snapshot default mode (#1336) 
Co-authored-by: Seb Slight <sbarrios93@gmail.com>
 2026-01-21 03:03:10 +00:00
Peter Steinberger 5bd55037e4 fix: harden web fetch SSRF and redirects 
Co-authored-by: Eli <fogboots@users.noreply.github.com>
 2026-01-21 02:54:14 +00:00
Peter Steinberger e5ea8a0d22 docs: add network hub + pairing locality 2026-01-21 00:14:14 +00:00
Peter Steinberger 51dfd6efdb fix: tighten small-model audit guardrails 2026-01-20 23:52:26 +00:00
Peter Steinberger 74f382f732 fix: default Anthropic API cache TTL to 1h 2026-01-20 15:48:53 +00:00
Peter Steinberger 1f7cb4b853 fix: shorten bonjour gateway service type 2026-01-20 15:10:06 +00:00
Peter Steinberger 04ee9e7765 docs: clarify sandbox env + recreate guidance 2026-01-20 15:00:25 +00:00
Peter Steinberger e45228ac37 fix: merge login shell PATH for gateway exec 2026-01-20 14:04:13 +00:00
Peter Steinberger 06c17a333e docs: update protocol + security notes 2026-01-20 13:04:20 +00:00
Peter Steinberger dfbf6ac263 feat: enforce device-bound connect challenge 2026-01-20 13:04:19 +00:00
Peter Steinberger d88b239d3c feat: add device token auth and devices cli 2026-01-20 10:30:53 +00:00
Peter Steinberger 1c02de1309 chore: raise default agent concurrency 2026-01-20 10:08:26 +00:00
Peter Steinberger 9dbc1435a6 fix: enforce ws3 roles + node allowlist 2026-01-20 09:24:01 +00:00
Peter Steinberger f06ad4502b refactor: share responses input handling 2026-01-20 08:21:57 +00:00
Peter Steinberger 6d5195c890 refactor: normalize cli command hints 2026-01-20 07:43:00 +00:00
Peter Steinberger bbc67f3754 fix: expand /v1/responses inputs (#1229) (thanks @RyanLisse) 2026-01-20 07:37:30 +00:00
Peter Steinberger 35e7c62e78 docs: unify ws protocol + platform guides 2026-01-19 10:09:28 +00:00
Peter Steinberger d1e9490f95 fix: enforce strict config validation 2026-01-19 03:39:25 +00:00
Peter Steinberger 79d8267413 feat: auto-recreate sandbox containers on config change 2026-01-19 01:35:27 +00:00
Peter Steinberger d802844bd6 fix: gate gateway restarts and discord abort reconnects 2026-01-19 00:15:45 +00:00
Peter Steinberger 6f5205d826 docs: elevate security audit callout 2026-01-18 23:37:14 +00:00
Peter Steinberger a3a4996adb feat: add gemini memory embeddings 2026-01-18 09:09:45 +00:00
Peter Steinberger 7fa8ae56cb docs: add exec events to bridge protocol 2026-01-18 07:59:03 +00:00
Peter Steinberger ae0b4c4990 feat: add exec host routing + node daemon 2026-01-18 07:46:00 +00:00
Peter Steinberger 367826f6e4 feat(session): add daily reset policy 
Co-authored-by: Austin Mudd <austinm911@gmail.com>
 2026-01-18 06:37:37 +00:00
Peter Steinberger c7ea47e886 feat(channels): add resolve command + defaults 2026-01-18 01:00:24 +00:00
Peter Steinberger e71fa4a145 docs: note session log disk access 2026-01-17 19:30:46 +00:00
Peter Steinberger 4a987c836d fix: add Kimi Code docs + defaults (#1085) (thanks @dan-dr) 2026-01-17 17:35:40 +00:00
Peter Steinberger d8b463d0b3 fix: cap pending process output 2026-01-17 08:26:12 +00:00
Peter Steinberger 3a6ee5ee00 feat: unify hooks installs and webhooks 2026-01-17 07:08:04 +00:00
Peter Steinberger 07a3db153d feat: notify on exec exit 2026-01-17 05:43:34 +00:00
Peter Steinberger c4ea25a509 feat: add exec pty support 2026-01-17 04:57:11 +00:00
Peter Steinberger fcb7c9ff65 refactor: unify media understanding pipeline 2026-01-17 04:39:00 +00:00
Peter Steinberger 6e4d86f426 refactor: require target for message actions 2026-01-17 04:15:46 +00:00
Peter Steinberger 1b973f7506 feat: add inbound media understanding 
Co-authored-by: Tristan Manchester <tmanchester96@gmail.com>
 2026-01-17 03:54:46 +00:00
Peter Steinberger dbf8829283 docs: clarify remote access setups 2026-01-17 02:19:16 +00:00
Peter Steinberger fa2b92bb00 docs: update health/status + doctor docs 2026-01-17 01:19:43 +00:00
Peter Steinberger 7ecf733342 fix: align channel config schemas and env precedence 2026-01-17 00:43:05 +00:00
Shadow cc2d617ea6 Docs: note schema-driven config UI 2026-01-17 00:43:05 +00:00
Peter Steinberger bcfc9bead5 docs: expand iMessage remote setup 2026-01-17 00:39:48 +00:00
Peter Steinberger 731080375a
Merge pull request #1044 from sebslight/env-var-substitution 
feat(config): add env var substitution in config values
 2026-01-17 00:25:26 +00:00
Peter Steinberger c54c665f97 feat: enhance web_fetch fallbacks 2026-01-17 00:00:49 +00:00
Peter Steinberger 37fa4f7eef feat: improve web_fetch readability extraction 2026-01-16 23:18:01 +00:00
Peter Steinberger bf72a126d1 docs: add /help hub and Node/npm PATH guide 2026-01-16 23:10:29 +00:00
Peter Steinberger a4e99ecdaf chore: remove patch references 2026-01-16 22:41:57 +00:00
Sebastian a36735b913 feat(config): add env var substitution in config values 
Support ${VAR_NAME} syntax in any config string value, substituted at
config load time. Useful for referencing API keys and secrets from
environment variables without hardcoding them in the config file.

- Only uppercase env vars matched: [A-Z_][A-Z0-9_]*
- Missing/empty env vars throw MissingEnvVarError with path context
- Escape with $${VAR} to output literal ${VAR}
- Works with $include (included files also get substitution)

Closes #1009
 2026-01-16 16:32:07 -05:00
Peter Steinberger 56efbce31e feat: enable telegram reaction notifications by default 2026-01-16 20:51:42 +00:00
Ruby 0cd24137e8
feat: add session.identityLinks for cross-platform DM session linking (#1033) 
Co-authored-by: Shadow <shadow@clawd.bot>
 2026-01-16 14:23:22 -06:00
Peter Steinberger 19bcbf85df fix: scope whatsapp self-chat response prefix 2026-01-16 10:54:11 +00:00
Peter Steinberger d0c986c4f0 feat: warn on weak model tiers 2026-01-16 09:34:37 +00:00
Peter Steinberger 929666a8c8 fix: add telegram custom commands (#860) (thanks @nachoiacovino) 
Co-authored-by: Nacho Iacovino <50103937+nachoiacovino@users.noreply.github.com>
 2026-01-16 08:22:09 +00:00
Peter Steinberger ff645524d8 docs: move troubleshooting items from faq 2026-01-16 06:35:13 +00:00
Peter Steinberger 41d44021e7 feat(browser): prefer default chromium browser 2026-01-16 05:37:53 +00:00
Peter Steinberger 1ab1e312b2 feat: add TLS for node bridge 2026-01-16 05:28:40 +00:00
Ubuntu ca9688b5cc feat(session): add dmScope for multi-user DM isolation 
Co-authored-by: Alphonse-arianee <Alphonse-arianee@users.noreply.github.com>
 2026-01-16 04:13:10 +00:00
Peter Steinberger b2b331230b feat: mac node exec policy + remote skills hot reload 2026-01-16 03:45:06 +00:00
Peter Steinberger a5d8f89b53 feat(browser): prefer Chrome default + add Brave/Edge fallbacks 
Co-authored-by: Christoph Nakazawa <christoph.pojer@gmail.com>
 2026-01-16 03:28:56 +00:00
Peter Steinberger dae34f3a61 docs: clarify setup-token location 2026-01-16 02:53:40 +00:00
Peter Steinberger 61e385b331 feat: add per-agent heartbeat config 2026-01-16 01:17:34 +00:00
Peter Steinberger 8c3cdba21c feat: sticky auth profile rotation + usage headers 2026-01-16 00:25:49 +00:00
juanpablodlc 4a99b9b651
feat(whatsapp): add debounceMs for batching rapid messages (#971) 
* feat(whatsapp): add debounceMs for batching rapid messages

Add a `debounceMs` configuration option to WhatsApp channel settings
that batches rapid consecutive messages from the same sender into a
single response. This prevents triggering separate agent runs for
each message when a user sends multiple short messages in quick
succession (e.g., "Hey!", "how are you?", "I was wondering...").

Changes:
- Add `debounceMs` config to WhatsAppConfig and WhatsAppAccountConfig
- Implement message buffering in `monitorWebInbox` with:
  - Map-based buffer keyed by sender (DM) or chat ID (groups)
  - Debounce timer that resets on each new message
  - Message combination with newline separator
  - Single message optimization (no modification if only one message)
- Wire `debounceMs` through account resolution and monitor tuning
- Add UI hints and schema documentation

Usage example:
{
  "channels": {
    "whatsapp": {
      "debounceMs": 5000  // 5 second window
    }
  }
}

Default behavior: `debounceMs: 0` (disabled by default)

Verified: All existing tests pass (3204 tests), TypeScript compilation
succeeds with no errors.

Implemented with assistance from AI coding tools.

Closes #967

* chore: wip inbound debounce

* fix: debounce inbound messages across channels (#971) (thanks @juanpablodlc)

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
 2026-01-15 23:07:19 +00:00
Peter Steinberger 8b89980a89 feat(date-time): standardize time context and tool timestamps 2026-01-15 22:27:06 +00:00
Benjamin Jesuiter 7f6a288bd3 docs: clarify multi-gateway rescue bot guidance 2026-01-15 22:10:27 +00:00
Peter Steinberger 4275ed68a2 fix(browser): default to chrome extension takeover 2026-01-15 09:02:42 +00:00
Peter Steinberger c269d5f258 fix: isolate Slack thread sessions (#758) 2026-01-15 08:11:03 +00:00
Peter Steinberger f5577ad78e docs: add multi-gateway guide 2026-01-15 07:29:48 +00:00
Peter Steinberger 0a1eeedc10 fix: unblock control commands during active runs 2026-01-15 07:08:48 +00:00
Peter Steinberger 04ebf8d67a docs: note child process bridge helper 2026-01-15 06:59:02 +00:00
Peter Steinberger 728cd5e974 fix: document WhatsApp read receipts toggle (#882) (thanks @chrisrodz) 2026-01-15 06:22:33 +00:00
Peter Steinberger d59aab7fd3 chore: drop Clawdis legacy references 2026-01-15 06:18:44 +00:00
Peter Steinberger ca1902fb4e feat(security): expand audit and safe --fix 2026-01-15 05:31:43 +00:00
Peter Steinberger 7d4f2d9aed
Merge pull request #928 from sebslight/feature/response-prefix-template-variables 
feat: add dynamic template variables to messages.responsePrefix
 2026-01-15 05:27:20 +00:00
Peter Steinberger 042b65dfcc feat: add web tools config to configure 2026-01-15 05:08:56 +00:00
Peter Steinberger 0e76d21f11 docs(security): mention audit --fix 2026-01-15 05:03:13 +00:00
Peter Steinberger ef78b198cb feat: add Chrome extension browser relay 2026-01-15 04:52:28 +00:00
Peter Steinberger c4402a1ce5 docs: clarify agent auth + sandboxed skills 2026-01-15 04:51:03 +00:00
Peter Steinberger f275cc180b feat: add web tools 2026-01-15 04:07:40 +00:00
Peter Steinberger 31d3aef8d6 fix: prevent config clobbering 2026-01-15 04:06:11 +00:00
Sebastian d0a4cce41e feat: add dynamic template variables to messages.responsePrefix (#923) 
Adds support for template variables in `messages.responsePrefix` that
resolve dynamically at runtime with the actual model used (including
after fallback).

Supported variables (case-insensitive):
- {model} - short model name (e.g., "claude-opus-4-5", "gpt-4o")
- {modelFull} - full model identifier (e.g., "anthropic/claude-opus-4-5")
- {provider} - provider name (e.g., "anthropic", "openai")
- {thinkingLevel} or {think} - thinking level ("high", "low", "off")
- {identity.name} or {identityName} - agent identity name

Example: "[{model} | think:{thinkingLevel}]" → "[claude-opus-4-5 | think:high]"

Variables show the actual model used after fallback, not the intended
model. Unresolved variables remain as literal text.

Implementation:
- New module: src/auto-reply/reply/response-prefix-template.ts
- Template interpolation in normalize-reply.ts via context provider
- onModelSelected callback in agent-runner-execution.ts
- Updated all 6 provider message handlers (web, signal, discord,
  telegram, slack, imessage)
- 27 unit tests covering all variables and edge cases
- Documentation in docs/gateway/configuration.md and JSDoc

Fixes #923
 2026-01-14 23:05:08 -05:00
Peter Steinberger 574b6ab5b1 docs: document provider tool policies 2026-01-15 03:55:20 +00:00
hyaxia f3c9252840 Security: add detect-secrets scan 2026-01-15 03:14:43 +00:00
Peter Steinberger b1e3d79eaa docs: clarify Claude CLI auth mode 2026-01-15 02:35:20 +00:00
Peter Steinberger 12c2d37e62 docs: document DM history limits (#883) 
Thanks @pkrmf.

Co-authored-by: Marc Terns <tenxurz@gmail.com>
 2026-01-15 02:22:29 +00:00
Peter Steinberger ad8799522c feat(config): gate channel config writes 2026-01-15 01:41:15 +00:00
Peter Steinberger c2a4f256c8 feat: add security audit + onboarding checkpoint 2026-01-15 01:25:11 +00:00
Peter Steinberger fe974f420d chore: standardize Claude Code CLI naming (#915) 
Follow-up to #915.
 2026-01-14 20:07:35 +00:00
Peter Steinberger 6fdfe8ea73 fix: finalize channels rename cleanup 2026-01-13 08:40:40 +00:00
Peter Steinberger 3eb48cbea7 docs: complete channels rename sweep 2026-01-13 08:40:39 +00:00
Peter Steinberger 90342a4f3a refactor!: rename chat providers to channels 2026-01-13 08:40:39 +00:00
Peter Steinberger 9a322d52e2 docs: update faq and install guidance 2026-01-13 08:03:11 +00:00
Peter Steinberger 4fd1a6dec3 fix: harden doctor install checks 2026-01-13 07:25:25 +00:00
Peter Steinberger d5b17d344b
Merge pull request #722 from vrknetha/feat/slash-bash-command 
feat(bash): add host-only /bash slash command
 2026-01-13 07:18:35 +00:00
Peter Steinberger 8111e18dbd docs: add Opus/MiniMax fallback examples 2026-01-13 07:15:20 +00:00
Gregor's Bot ece01d89fe Docs: document agents.list model fallbacks 2026-01-13 06:50:20 +00:00
Gregor's Bot 6729637f61 Config: support per-agent model fallbacks 2026-01-13 06:50:20 +00:00
Peter Steinberger 780a43711f feat(tools): add tool profiles and group shorthands 2026-01-13 06:30:20 +00:00
vrknetha 721a6bf0f9 Docs: document bash chat command 2026-01-13 11:56:51 +05:30
Peter Steinberger bb2df13be0
Merge pull request #700 from clawdbot/shadow/compaction 
Agents: safeguard compaction summarization
 2026-01-13 05:59:15 +00:00
Peter Steinberger 5918def440 fix: honor gateway service override labels 2026-01-13 05:58:49 +00:00
Shadow a96d299971 Agents: safeguard compaction summarization 2026-01-13 05:55:30 +00:00
Peter Steinberger b70298fbca fix: document Tailscale Serve auth headers (#823) (thanks @roshanasingh4) 2026-01-13 04:37:04 +00:00
Peter Steinberger 755a7e1b20 feat: add configurable bootstrap truncation 2026-01-13 04:27:03 +00:00
Peter Steinberger b41e75a15d feat: cron agent binding + doctor UI refresh 2026-01-13 04:25:41 +00:00
Travis Hinton 8b5cd97ceb Add Synthetic provider support 2026-01-13 03:36:53 +00:00
Peter Steinberger 67d0ab3030 docs: simplify local models guidance 2026-01-13 03:26:00 +00:00
Muhammed Mukhthar CM ba316a10cc feat: add remote config overrides to memorySearch 2026-01-13 03:02:43 +00:00
Peter Steinberger 72100ba3ab refactor(sandbox): drop legacy memory shorthand 2026-01-12 22:59:36 +00:00
Peter Steinberger e7e544174f docs: add region guidance for hosted minimax 2026-01-12 22:45:00 +00:00
Peter Steinberger 9b0d9db3a3 docs: detail memory tools and local models 2026-01-12 22:35:19 +00:00
Peter Steinberger 59c8d2d17f docs: clarify sandbox bind mounts (#790) 2026-01-12 22:06:35 +00:00
Aaron Konyer 0b2b8c7c52 Add docker bind mounds for sandboxing 2026-01-12 21:57:51 +00:00
Peter Steinberger 2faf7cea93 feat(sandbox): add tool-policy groups 2026-01-12 21:51:49 +00:00
Peter Steinberger 26d5cca97c feat: auto native commands defaults 2026-01-12 21:49:44 +00:00
Zach Knickerbocker 3467b0ba07
Discord: add allowBots config option (#802) 
Co-authored-by: Shadow <shadow@clawd.bot>
 2026-01-12 15:30:05 -06:00
Peter Steinberger 7b93356fb7 feat: subagent model defaults 2026-01-12 18:08:30 +00:00
Peter Steinberger 1b2c1545a0 docs: harden local model guidance 2026-01-12 17:11:04 +00:00
Peter Steinberger 717a259056 docs: add local models guide 2026-01-12 16:50:37 +00:00
Peter Steinberger a3938d62f6 chore: raise heartbeat ack window 2026-01-12 11:06:46 +00:00
Peter Steinberger 98e75fce17 test: align group policy defaults 2026-01-12 08:45:57 +00:00
Peter Steinberger 006e1352d8 fix: harden msteams group access 2026-01-12 08:32:08 +00:00
Peter Steinberger 842e91d019 fix: default groupPolicy to allowlist 2026-01-12 08:22:01 +00:00
Peter Steinberger 79cbb20988 docs: add Moonshot provider setup 2026-01-12 06:48:06 +00:00
Peter Steinberger 960ed66501 docs: update slash commands docs 2026-01-12 06:38:16 +00:00
Peter Steinberger 5b44825cb3 fix: skip memory flush on read-only workspace 2026-01-12 06:33:27 +00:00
Peter Steinberger 048ee4b838 docs: expand minimax + cerebras setup 2026-01-12 06:13:31 +00:00