439c21e078
refactor: remove channel shim directories, point all imports to extensions ( #45967 )
...
* refactor: remove channel shim directories, point all imports to extensions
Delete the 6 backward-compat shim directories (src/telegram, src/discord,
src/slack, src/signal, src/imessage, src/web) that were re-exporting from
extensions. Update all 112+ source files to import directly from
extensions/{channel}/src/ instead of through the shims.
Also:
- Move src/channels/telegram/ (allow-from, api) to extensions/telegram/src/
- Fix outbound adapters to use resolveOutboundSendDep (fixes 5 pre-existing TS errors)
- Update cross-extension imports (src/web/media.js → extensions/whatsapp/src/media.js)
- Update vitest, tsdown, knip, labeler, and script configs for new paths
- Update guard test allowlists for extension paths
After this, src/ has zero channel-specific implementation code — only the
generic plugin framework remains.
* fix: update raw-fetch guard allowlist line numbers after shim removal
* refactor: document direct extension channel imports
* test: mock transcript module in delivery helpers
2026-03-14 03:43:07 -07:00
2649c03cdb
fix(hooks): dedupe repeated agent deliveries by idempotency key ( #44438 )
...
* Hooks: add hook idempotency key resolution
* Hooks: dedupe repeated agent deliveries by idempotency key
* Tests: cover hook idempotency dedupe
* Changelog: note hook idempotency dedupe
* Hooks: cap hook idempotency key length
* Gateway: hash hook replay cache keys
* Tests: cover hook replay key hardening
2026-03-12 20:43:38 -04:00
445ff0242e
refactor(gateway): cache hook proxy config in runtime state
2026-03-12 21:43:36 +00:00
1d986f1c01
refactor(gateway): move request client ip resolution to net
2026-03-12 21:41:51 +00:00
4da617e178
fix(gateway): honor trusted proxy hook auth rate limits
2026-03-12 21:35:57 +00:00
ac86deccee
fix(gateway): harden plugin HTTP route auth
2026-03-07 19:55:06 +00:00
44820dcead
fix(hooks): gate methods before auth lockout accounting
2026-03-07 18:05:09 +00:00
ab5fcfcc01
feat(gateway): add channel-backed readiness probes ( #38285 )
...
* Changelog: add channel-backed readiness probe entry
* Gateway: add channel-backed readiness probes
* Docs: describe readiness probe behavior
* Gateway: add readiness probe regression tests
* Changelog: dedupe gateway probe entries
* Docs: fix readiness startup grace description
* Changelog: remove stale readiness entry
* Gateway: cover readiness hardening
* Gateway: harden readiness probes
2026-03-06 15:15:23 -05:00
9c86a9fd23
fix(gateway): support image_url in OpenAI chat completions ( #34068 )
...
* fix(gateway): parse image_url in openai chat completions
* test(gateway): cover openai chat completions image_url flows
* docs(changelog): note openai image_url chat completions fix (#17685 )
* fix(gateway): harden openai image_url parsing and limits
* test(gateway): add openai image_url regression coverage
* docs(changelog): expand #17685 openai chat completions note
* Gateway: make OpenAI image_url URL fetch opt-in and configurable
* Diagnostics: redact image base64 payload data in trace logs
* Changelog: note OpenAI image_url hardening follow-ups
* Gateway: enforce OpenAI image_url total budget incrementally
* Gateway: scope OpenAI image_url extraction to the active turn
* Update CHANGELOG.md
2026-03-06 00:35:50 -05:00
b1b41eb443
feat(mattermost): add native slash command support (refresh) ( #32467 )
...
Merged via squash.
Prepared head SHA: 989126574e
2026-03-03 12:39:18 +05:30
051b380d38
fix(hooks): return 200 instead of 202 for webhook responses ( #28204 )
...
* fix(hooks): return 200 instead of 202 for webhook responses (#22036 )
* docs(webhook): document 200 status for hooks agent
* chore(changelog): add webhook ack note openclaw#28204 thanks @Glucksberg
---------
Co-authored-by: Shakker <shakkerdroid@gmail.com>
2026-03-03 00:19:31 +00:00
41c8734afd
fix(gateway): move plugin HTTP routes before Control UI SPA catch-all ( #31885 )
...
* fix(gateway): move plugin HTTP routes before Control UI SPA catch-all
The Control UI handler (`handleControlUiHttpRequest`) acts as an SPA
catch-all that matches every path, returning HTML for GET requests and
405 for other methods. Because it ran before `handlePluginRequest` in
the request chain, any plugin HTTP route that did not live under
`/plugins` or `/api` was unreachable — shadowed by the catch-all.
Reorder the handlers so plugin routes are evaluated first. Core
built-in routes (hooks, tools, Slack, Canvas, etc.) still take
precedence because they are checked even earlier in the chain.
Unmatched plugin paths continue to fall through to Control UI as before.
Closes #31766
* fix: add changelog for plugin route precedence landing (#31885 ) (thanks @Sid-Qin)
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-03-02 18:16:14 +00:00
7a7eee920a
refactor(gateway): harden plugin http route contracts
2026-03-02 16:48:00 +00:00
2fd8264ab0
refactor(gateway): hard-break plugin wildcard http handlers
2026-03-02 16:24:06 +00:00
b13d48987c
refactor(gateway): unify control-ui and plugin webhook routing
2026-03-02 16:18:12 +00:00
93b0724025
fix(gateway): fail closed plugin auth path canonicalization
2026-03-02 15:55:32 +00:00
eeb72097ba
Gateway: add healthz/readyz probe endpoints for container checks ( #31272 )
...
* Gateway: add HTTP liveness/readiness probe routes
* Gateway tests: cover probe route auth bypass and methods
* Docker Compose: add gateway /healthz healthcheck
* Docs: document Docker probe endpoints
* Dockerfile: note built-in probe endpoints
* Gateway: make probe routes fallback-only to avoid shadowing
* Gateway tests: verify probe paths do not shadow plugin routes
* Changelog: note gateway container probe endpoints
2026-03-01 20:36:58 -08:00
8e69fd80e0
Gateway: harden control-ui vs plugin HTTP precedence
2026-03-01 22:38:14 -05:00
cef5fae0a2
refactor(gateway): dedupe origin seeding and plugin route auth matching
2026-03-02 00:42:22 +00:00
53d10f8688
fix(gateway): land access/auth/config migration cluster
...
Land #28960 by @Glucksberg (Tailscale origin auto-allowlist).
Land #29394 by @synchronic1 (allowedOrigins upgrade migration).
Land #29198 by @Mariana-Codebase (plugin HTTP auth guard + route precedence).
Land #30910 by @liuxiaopai-ai (tailscale bind/config.patch guard).
Co-authored-by: Glucksberg <markuscontasul@gmail.com>
Co-authored-by: synchronic1 <synchronic1@users.noreply.github.com>
Co-authored-by: Mariana Sinisterra <mariana.data@outlook.com>
Co-authored-by: liuxiaopai-ai <73659136+liuxiaopai-ai@users.noreply.github.com>
2026-03-02 00:10:51 +00:00
4b71de384c
fix(core): unify session-key normalization and plugin boundary checks
2026-02-26 12:41:23 +00:00
6632fd1ea9
refactor(security): extract protected-route path policy helpers
2026-02-26 13:01:22 +01:00
0ed675b1df
fix(security): harden canonical auth matching for plugin channel routes
2026-02-26 12:55:33 +01:00
da0ba1b73a
fix(security): harden channel auth path checks and exec approval routing
2026-02-26 12:46:05 +01:00
70e31c6f68
fix(gateway): harden hooks URL parsing ( #26864 )
2026-02-26 00:47:35 +00:00
5a64f6d766
Gateway/Security: protect /api/channels plugin root
2026-02-24 23:44:32 +00:00
9af3ec92a5
fix(gateway): add HSTS header hardening and docs
2026-02-23 19:47:29 +00:00
2081b3a3c4
refactor(channels): dedupe hook and monitor execution paths
2026-02-22 21:19:09 +00:00
9f97555b5e
refactor(security): unify hook rate-limit and hook module loading
2026-02-22 08:57:01 +01:00
3284d2eb22
fix(security): normalize hook auth rate-limit client keys
2026-02-22 08:40:49 +01:00
be7f825006
refactor(gateway): harden proxy client ip resolution
2026-02-21 13:36:23 +01:00
36a0df423d
refactor(gateway): make ws and http auth surfaces explicit
2026-02-21 13:33:09 +01:00
356d61aacf
fix(gateway): scope tailscale tokenless auth to websocket
2026-02-21 13:03:13 +01:00
c45f3c5b00
fix(gateway): harden canvas auth with session capabilities
2026-02-19 15:51:22 +01:00
758ea3c5a1
style: apply oxfmt import ordering for check
2026-02-19 14:38:55 +01:00
08a7967936
fix(security): fail closed on gateway bind fallback and tighten canvas IP fallback
2026-02-19 14:38:55 +01:00
e955582c8f
security: add baseline security headers to gateway HTTP responses ( #10526 )
...
* security: add baseline security headers to gateway HTTP responses
All responses from the gateway HTTP server now include
X-Content-Type-Options: nosniff and Referrer-Policy: no-referrer.
These headers are applied early in handleRequest, before any
handler runs, ensuring coverage for every response including
error pages and 404s.
Headers that restrict framing (X-Frame-Options, CSP
frame-ancestors) are intentionally omitted at this global level
because the canvas host and A2UI handlers serve content that may
be loaded inside frames.
* fix: apply security headers before WebSocket upgrade check
Move setDefaultSecurityHeaders() above the WebSocket early-return so
the headers are set on every HTTP response path including upgrades.
---------
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-02-19 03:28:24 -08:00
b8b43175c5
style: align formatting with oxfmt 0.33
2026-02-18 01:34:35 +00:00
31f9be126c
style: run oxfmt and fix gate failures
2026-02-18 01:29:02 +00:00
d0cb8c19b2
chore: wtf.
2026-02-17 13:36:48 +09:00
ed11e93cf2
chore(format)
2026-02-16 23:20:16 -05:00
90ef2d6bdf
chore: Update formatting.
2026-02-17 09:18:40 +09:00
28431b84cc
fix(gateway): prune expired entries instead of clearing all hook auth failure state ( #15848 )
...
Merged via /review-pr -> /prepare-pr -> /merge-pr.
Prepared head SHA: 188a40e8a3
2026-02-14 01:46:12 +01:00
3cbcba10cf
fix(security): enforce bounded webhook body handling
2026-02-13 19:14:54 +01:00
14fc742000
fix(security): restrict canvas IP-based auth to private networks ( #14661 )
...
Merged via /review-pr -> /prepare-pr -> /merge-pr.
Prepared head SHA: 9e4e1aca4a
2026-02-13 17:13:31 +01:00
30b6eccae5
feat(gateway): add auth rate-limiting & brute-force protection ( #15035 )
...
* feat(gateway): add auth rate-limiting & brute-force protection
Add a per-IP sliding-window rate limiter to Gateway authentication
endpoints (HTTP, WebSocket upgrade, and WS message-level auth).
When gateway.auth.rateLimit is configured, failed auth attempts are
tracked per client IP. Once the threshold is exceeded within the
sliding window, further attempts are blocked with HTTP 429 + Retry-After
until the lockout period expires. Loopback addresses are exempt by
default so local CLI sessions are never locked out.
The limiter is only created when explicitly configured (undefined
otherwise), keeping the feature fully opt-in and backward-compatible.
* fix(gateway): isolate auth rate-limit scopes and normalize 429 responses
---------
Co-authored-by: buerbaumer <buerbaumer@users.noreply.github.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-02-13 15:32:38 +01:00
3421b2ec1e
fix: harden hook session key routing defaults
2026-02-13 02:09:14 +01:00
113ebfd6a2
fix(security): harden hook and device token auth
2026-02-13 01:23:53 +01:00
647d929c9d
fix: Unauthenticated Nostr profile API allows remote config tampering ( #13719 )
...
* fix(an-07): apply security fix
Generated by staged fix workflow.
* fix(an-07): apply security fix
Generated by staged fix workflow.
* fix(an-07): satisfy lint in plugin auth regression test
Replace unsafe unknown-to-string coercion in the gateway plugin auth test helper with explicit string/null/JSON handling so pnpm check passes.
2026-02-12 07:55:22 -06:00
ca629296c6
feat(hooks): add agentId support to webhook mappings ( #13672 )
...
* feat(hooks): add agentId support to webhook mappings
Allow webhook mappings to route hook runs to a specific agent via
the new `agentId` field. This enables lightweight agents with minimal
bootstrap files to handle webhooks, reducing token cost per hook run.
The agentId is threaded through:
- HookMappingConfig (config type + zod schema)
- HookMappingResolved + HookAction (mapping types)
- normalizeHookMapping + buildActionFromMapping (mapping logic)
- mergeAction (transform override support)
- HookAgentPayload + normalizeAgentPayload (direct /hooks/agent endpoint)
- dispatchAgentHook → CronJob.agentId (server dispatch)
The existing runCronIsolatedAgentTurn already supports agentId on
CronJob — this change simply wires it through from webhook mappings.
Usage in config:
hooks.mappings[].agentId = "my-agent"
Usage via POST /hooks/agent:
{ "message": "...", "agentId": "my-agent" }
Includes tests for mapping passthrough and payload normalization.
Includes doc updates for webhook.md.
* fix(hooks): enforce webhook agent routing policy + docs/changelog updates (#13672 ) (thanks @BillChirico)
* fix(hooks): harden explicit agent allowlist semantics (#13672 ) (thanks @BillChirico)
---------
Co-authored-by: Pip <pip@openclaw.ai>
Co-authored-by: Gustavo Madeira Santana <gumadeiras@gmail.com>
2026-02-10 19:23:58 -05:00
scoootscooob
Vincent Koc
Peter Steinberger
Muhammed Mukhthar CM
Glucksberg
Sid
Gustavo Madeira Santana
Brian Mendonca
Abdel Fane
cpojer
Sebastian
AI-Reviewer-QS
Yi Liu
Harald Buerbaumer
Coy Geek
Bill Chirico