nyrn
/
openclaw
mirror of https://github.com/openclaw/openclaw.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
12,615 Commits 736 Branches 79 Tags 2.7 GiB
Commit Graph

12615 Commits

Author SHA1 Message Date
Peter Steinberger b96419fab9 test(agents): share pi-tools sandbox fixture context 2026-02-19 09:22:16 +00:00
Peter Steinberger bf3f8ec428 refactor(media): unify safe local file reads 2026-02-19 10:21:20 +01:00
Mariano Belinky 65a7fc6de7 Changelog: note Feishu traversal hardening 2026-02-19 10:14:31 +01:00
Mariano Belinky c821099157 Feishu: harden temp media download paths 2026-02-19 10:13:48 +01:00
Peter Steinberger 90b05b18f1 test: collapse duplicate onboard auth assertions 2026-02-19 09:13:16 +00:00
Peter Steinberger 317b7d363d test(agents): dedupe subscribe reasoning tag fixtures 2026-02-19 09:11:13 +00:00
Peter Steinberger 749edf25ca test: dedupe repeated onboarding provider config cases 2026-02-19 09:08:48 +00:00
Peter Steinberger 6f568f3b17 test(agents): dedupe media and thinking sanitize test setup 2026-02-19 09:06:28 +00:00
Peter Steinberger 4c539f6abc test(agents): dedupe subagent registry test mocks 2026-02-19 09:03:48 +00:00
Peter Steinberger 0900ec38a9 test(agents): dedupe copilot models-config token setup 2026-02-19 09:03:48 +00:00
Peter Steinberger b4dbe03298 refactor: unify restart gating and update availability sync 2026-02-19 10:00:41 +01:00
Peter Steinberger 18179fc2c1 ci: move bun push-skip condition out of job-level matrix if 2026-02-19 08:59:58 +00:00
Peter Steinberger d51929ecb5 fix: block ISATAP SSRF bypass via shared host/ip guard 2026-02-19 09:59:47 +01:00
Peter Steinberger 4cd5fad14b style: sort media store test imports 2026-02-19 08:57:20 +00:00
Peter Steinberger 47bfb765a1 ci: skip bun matrix steps on push runs 2026-02-19 08:57:20 +00:00
Peter Steinberger 745068a597 test(agents): share overflow retry compaction fixture 2026-02-19 08:55:33 +00:00
Peter Steinberger b41fd20741 test(agents): share assistant error message test fixture 2026-02-19 08:55:33 +00:00
Peter Steinberger f57ba32f88 ci: skip bun matrix lane on push 2026-02-19 08:54:30 +00:00
Peter Steinberger 4344699574 build: regenerate swift protocol models for updateAvailable 2026-02-19 08:54:30 +00:00
Gustavo Madeira Santana 5a98a7984b
Remove triage order section from PR_WORKFLOW.md 
Removed the section on triage order from the PR workflow document.
 2026-02-19 03:52:06 -05:00
Peter Steinberger cfc5e7bd82 fix(media): harden saveMediaSource against symlink TOCTOU 2026-02-19 09:51:57 +01:00
Peter Steinberger 5e7cffc568 test: merge duplicate plugin memory-none cases 2026-02-19 08:51:38 +00:00
Peter Steinberger 28377b1506 test: merge logger subsystem prefix drop cases 2026-02-19 08:49:52 +00:00
Peter Steinberger 34ddf0edc0 style: format gateway health state and ui render 2026-02-19 08:49:38 +00:00
Peter Steinberger d1cb779f5f test(agents): dedupe embedded runner and sessions lifecycle fixtures 2026-02-19 08:47:14 +00:00
Peter Steinberger c9b5def1b8 test(agents): dedupe openai reasoning replay fixtures 2026-02-19 08:44:37 +00:00
Peter Steinberger 50805d8977 test(agents): dedupe patch and cli credential assertions 2026-02-19 08:44:37 +00:00
Peter Steinberger 429b8783fd test(agents): dedupe avatar and compaction fixtures 2026-02-19 08:44:37 +00:00
Peter Steinberger 586b1f6ee6 ci: drop docker metadata action to avoid API throttling 2026-02-19 08:44:32 +00:00
orlyjamie 2ddc13cdb7 feat(ui): add update warning banner to control dashboard 
SecurityScorecard's STRIKE research recently identified over 40,000
exposed OpenClaw gateway instances, with 35.4% running known-vulnerable
versions. The gateway already performs an npm update check on startup
and compares against the registry every 24 hours — but the result is
only logged to the server console. The control UI has zero visibility
into whether the running version is outdated, which means operators
have no idea they're exposed unless they happen to read server logs.

OpenClaw's user base is broadening well beyond developers who live in
terminals. Self-hosters, small teams, and non-technical operators are
deploying gateways and relying on the control dashboard as their
primary management interface. For these users, security has to be
surfaced where they already are — not hidden behind CLI output they
will never see. Making version awareness frictionless and actionable
is a prerequisite for reducing that 35.4% number.

This PR adds a sticky red warning banner to the top of the control UI
content area whenever the gateway detects it is running behind the
latest published version. The banner includes an "Update now" button
wired to the existing update.run RPC (the same mechanism the config
page already uses), so operators can act immediately without switching
to a terminal.

Server side:
- Cache the update check result in a module-level variable with a
  typed UpdateAvailable shape (currentVersion, latestVersion, channel)
- Export a getUpdateAvailable() getter for the rest of the process
- Add an optional updateAvailable field to SnapshotSchema (backward
  compatible — old clients ignore it, old servers simply omit it)
- Include the cached update status in buildGatewaySnapshot() so it
  is delivered to every UI client on connect and reconnect

UI side:
- Add updateAvailable to GatewayHost, AppViewState, and the app's
  reactive state so it flows through the standard snapshot pipeline
- Extract updateAvailable from the hello snapshot in applySnapshot()
- Render a .update-banner.callout.danger element with role="alert"
  as the first child of <main>, before the content header
- Wire the "Update now" button to runUpdate(state), the same
  controller function used by the config tab
- Use position:sticky and negative margins to pin the banner
  edge-to-edge at the top of the scrollable content area
 2026-02-19 09:43:45 +01:00
Peter Steinberger 13f2fa0c5c ci: avoid bun setup API flake in node checks 2026-02-19 08:41:31 +00:00
Peter Steinberger 64546d33ee test(cli): dedupe cron edit existing-job lookup mocks 2026-02-19 08:38:50 +00:00
Peter Steinberger 072b16b58f ci: use git context for docker metadata extraction 2026-02-19 08:37:36 +00:00
Peter Steinberger 647a46a061 ci: skip bun setup for windows checks 2026-02-19 08:36:08 +00:00
Peter Steinberger 65cf56d482 test(agents): dedupe generic repeat loop fixtures 2026-02-19 08:33:49 +00:00
Peter Steinberger e4bb6e044d test(cron): dedupe delayed-timer job assertions 2026-02-19 08:32:58 +00:00
Peter Steinberger cdee433332 test(browser): dedupe explicit auth-mode auto-token checks 2026-02-19 08:32:58 +00:00
Peter Steinberger 7d12c5ea4d test: remove duplicate extra-high think-level case 2026-02-19 08:30:26 +00:00
Peter Steinberger 3cfcb25999 test(agents): dedupe transcript duplicate-tool fixtures 2026-02-19 08:29:06 +00:00
Peter Steinberger c4c2060b81 test(agents): dedupe sessions_spawn requester run setup 2026-02-19 08:29:06 +00:00
Peter Steinberger 47bbef30f9 test: merge duplicate undefined api-key persistence checks 2026-02-19 08:27:40 +00:00
Peter Steinberger fe3bd9d65b test: merge duplicate gateway token coercion checks 2026-02-19 08:26:43 +00:00
Peter Steinberger 1481160484 test(cli): dedupe browser state command setup 2026-02-19 08:25:12 +00:00
Peter Steinberger a76f552b00 test(agents): dedupe workspace memory-entry assertions 2026-02-19 08:25:12 +00:00
Peter Steinberger 53a4e5151d test(agents): dedupe tool image fixture setup 2026-02-19 08:25:12 +00:00
Peter Steinberger 69e6da0e28 test(auto-reply): dedupe heartbeat typing flow setup 2026-02-19 08:25:12 +00:00
Peter Steinberger 3c7c45e153 test(gateway): dedupe config.apply request scaffolding 2026-02-19 08:25:12 +00:00
Peter Steinberger e0c3cc4981 test(browser): dedupe auth mode no-token assertions 2026-02-19 08:25:12 +00:00
Peter Steinberger edce5a505a test(cron): dedupe applyJobPatch fixture setup 2026-02-19 08:25:12 +00:00
Peter Steinberger 733e385843 test(hooks): dedupe gmail runtime path assertions 2026-02-19 08:25:12 +00:00