97ff604996
Matrix: harden live directory lookups
2026-03-17 23:10:45 +00:00
4ef8b360f7
Matrix: replace legacy plugin with new implementation
2026-03-17 23:10:42 +00:00
cb4548b766
matrix-js: simplify storage paths
2026-03-17 23:10:42 +00:00
67c49a7af7
matrix-js: require explicit thread-bound spawn config
2026-03-17 23:10:42 +00:00
adf31706c8
matrix-js: add account-aware bindings and ACP routing
2026-03-17 23:10:41 +00:00
7eb5f325e7
matrix-js: add startup verification policy
2026-03-17 23:10:41 +00:00
db47ec61ba
matrix-js: improve thread context and auto-threading
2026-03-17 23:10:41 +00:00
8ecbda54e0
matrix-js: harden reaction handling
2026-03-17 23:10:41 +00:00
f17097b18e
Matrix-js: sync with main plugin-loading standards
2026-03-17 23:10:40 +00:00
2145eb5908
feat(mattermost): add retry logic and timeout handling for DM channel creation ( #42398 )
...
Merged via squash.
Prepared head SHA: 3db47be907
2026-03-17 22:16:56 +05:30
da34f81ce2
fix(secrets): scope message SecretRef resolution and harden doctor/status paths ( #48728 )
...
* fix(secrets): scope message runtime resolution and harden doctor/status
* docs: align message/doctor/status SecretRef behavior notes
* test(cli): accept scoped targetIds wiring in secret-resolution coverage
* fix(secrets): keep scoped allowedPaths isolation and tighten coverage gate
* fix(secrets): avoid default-account coercion in scoped target selection
* test(doctor): cover inactive telegram secretref inspect path
* docs
Signed-off-by: joshavant <830519+joshavant@users.noreply.github.com>
* changelog
Signed-off-by: joshavant <830519+joshavant@users.noreply.github.com>
---------
Signed-off-by: joshavant <830519+joshavant@users.noreply.github.com>
2026-03-17 00:01:34 -05:00
4863b651c6
docs: rename onboarding user-facing wizard copy
...
Co-authored-by: Tak <contact-redacted@example.com>
2026-03-16 19:50:31 -05:00
3c6a49b27e
feishu: harden media support and align capability docs ( #47968 )
...
* feishu: harden media support and action surface
* feishu: format media action changes
* feishu: fix review follow-ups
* fix: scope Feishu target aliases to Feishu (#47968 ) (thanks @Takhoffman)
2026-03-16 02:02:48 -05:00
f9e185887f
docs: restore onboard docs references
2026-03-16 05:50:57 +00:00
823039c000
docs: prefer setup wizard command
2026-03-15 22:01:04 -07:00
c4a5fd8465
docs: update channel setup wording
2026-03-15 21:07:18 -07:00
dfc237c319
docs: update channel setup docs
2026-03-15 20:44:26 -07:00
46482a283a
feat: add nostr setup and unify channel setup discovery
2026-03-15 19:58:22 -07:00
4a7fbe090a
docs(zalo): document current Marketplace bot behavior (openclaw#47552)
...
Verified:
- pnpm check:docs
Co-authored-by: Tomáš Dinh <82420070+No898@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
2026-03-15 14:40:35 -05:00
ff61343d76
fix: harden mention pattern regex compilation
2026-03-15 08:44:12 -07:00
89e3969d64
feat(feishu): add ACP and subagent session binding ( #46819 )
...
* feat(feishu): add ACP session support
* fix(feishu): preserve sender-scoped ACP rebinding
* fix(feishu): recover sender scope from bound ACP sessions
* fix(feishu): support DM ACP binding placement
* feat(feishu): add current-conversation session binding
* fix(feishu): avoid DM parent binding fallback
* fix(feishu): require canonical topic sender ids
* fix(feishu): honor sender-scoped ACP bindings
* fix(feishu): allow user-id ACP DM bindings
* fix(feishu): recover user-id ACP DM bindings
2026-03-15 10:33:49 -05:00
c30cabcca4
Docs: sweep recent user-facing updates ( #46424 )
...
* Docs: document Telegram force-document sends
* Docs: note Telegram document send behavior
* Docs: clarify memory file precedence
* Docs: align default AGENTS memory guidance
* Docs: update workspace FAQ memory note
* Docs: document gateway status require-rpc
* Docs: add require-rpc to gateway CLI index
2026-03-14 10:20:44 -07:00
8c7bdbe4d1
Docs: describe Slack interactive replies ( #45463 )
2026-03-13 17:16:14 -04:00
61429230b2
fix(signal): add groups config to Signal channel schema ( #27199 )
...
Merged via squash.
Prepared head SHA: 4ba4a39ddf
2026-03-13 15:14:30 +03:00
e986aa175f
docs: fix session key :dm: → :direct ( #26506 )
2026-03-13 14:28:33 +05:30
ddeb423944
fix: quiet Telegram command overflow retry logs
2026-03-13 01:45:56 +00:00
de3e6a8c5b
fix(routing): require ids for slack and msteams allowlists
2026-03-13 01:44:42 +00:00
b14a5c6713
fix(zalouser): require ids for group allowlist auth
2026-03-13 01:31:17 +00:00
bf89947a8e
fix: switch pairing setup codes to bootstrap tokens
2026-03-12 22:23:07 +00:00
46f0bfc55b
Gateway: harden custom session-store discovery ( #44176 )
...
Merged via squash.
Prepared head SHA: 52ebbf5188
2026-03-12 16:44:46 +00:00
7844bc89a1
Security: require Feishu webhook encrypt key ( #44087 )
...
* Feishu: require webhook encrypt key in schema
* Feishu: cover encrypt key webhook validation
* Feishu: enforce encrypt key at startup
* Feishu: add webhook forgery regression test
* Feishu: collect encrypt key during onboarding
* Docs: require Feishu webhook encrypt key
* Changelog: note Feishu webhook hardening
* Docs: clarify Feishu encrypt key screenshot
* Feishu: treat webhook encrypt key as secret input
* Feishu: resolve encrypt key only in webhook mode
2026-03-12 11:01:00 -04:00
171d2df9e0
feat(mattermost): add replyToMode support (off | first | all) ( #29587 )
...
Merged via squash.
Prepared head SHA: 4a67791f53
2026-03-12 18:03:12 +05:30
0125ce1f44
Gateway: fail closed unresolved local auth SecretRefs ( #42672 )
...
* Gateway: fail closed unresolved local auth SecretRefs
* Docs: align node-host gateway auth precedence
* CI: resolve rebase breakages in checks lanes
* Tests: isolate LOCAL_REMOTE_FALLBACK_TOKEN env state
* Gateway: remove stale remote.enabled auth-surface semantics
* Changelog: note gateway SecretRef fail-closed fix
2026-03-10 21:41:56 -05:00
201420a7ee
fix: harden secret-file readers
2026-03-10 23:40:10 +00:00
0ff184397d
docs(telegram): clarify group and sender allowlists ( #42451 )
...
Merged via squash.
Prepared head SHA: f30cacafb3
2026-03-10 21:56:30 +03:00
0687e04760
fix: thread runtime config through Discord/Telegram sends ( #42352 ) (thanks @joshavant) ( #42352 )
2026-03-10 13:30:57 -05:00
6d0547dc2e
mattermost: fix DM media upload for unprefixed user IDs ( #29925 )
...
Merged via squash.
Prepared head SHA: 5cffcb072c
2026-03-10 14:22:24 +05:30
de49a8b72c
Telegram: exec approvals for OpenCode/Codex ( #37233 )
...
Merged via squash.
Prepared head SHA: f243379094
2026-03-09 23:04:35 -04:00
d4ab731746
fix(telegram): use message previews in DMs
2026-03-08 21:59:43 +05:30
fa83010b17
fix(plugins): ship Feishu bundled runtime dependency ( #39990 )
...
* fix: ship feishu bundled runtime dependency
* test: align feishu bundled dependency specs
2026-03-08 10:36:41 -05:00
fcdc1a13e1
fix: land #33992 from @darkamenosa
...
Co-authored-by: Tom <hxtxmu@gmail.com>
2026-03-08 04:49:04 +00:00
25252ab5ab
gateway: harden shared auth resolution across systemd, discord, and node host
2026-03-07 18:28:32 -06:00
42e3d8d693
Secrets: add inline allowlist review set ( #38314 )
...
* Secrets: add inline allowlist review set
* Secrets: narrow detect-secrets file exclusions
* Secrets: exclude Docker fingerprint false positive
* Secrets: allowlist test and docs false positives
* Secrets: refresh baseline after allowlist updates
* Secrets: fix gateway chat fixture pragma
* Secrets: format pre-commit config
* Android: keep talk mode fixture JSON valid
* Feishu: rely on client timeout injection
* Secrets: allowlist provider auth test fixtures
* Secrets: allowlist onboard search fixtures
* Secrets: allowlist onboard mode fixture
* Secrets: allowlist gateway auth mode fixture
* Secrets: allowlist APNS wake test key
* Secrets: allowlist gateway reload fixtures
* Secrets: allowlist moonshot video fixture
* Secrets: allowlist auto audio fixture
* Secrets: allowlist tiny audio fixture
* Secrets: allowlist embeddings fixtures
* Secrets: allowlist resolve fixtures
* Secrets: allowlist target registry pattern fixtures
* Secrets: allowlist gateway chat env fixture
* Secrets: refresh baseline after fixture allowlists
* Secrets: reapply gateway chat env allowlist
* Secrets: reapply gateway chat env allowlist
* Secrets: stabilize gateway chat env allowlist
* Secrets: allowlist runtime snapshot save fixture
* Secrets: allowlist oauth profile fixtures
* Secrets: allowlist compaction identifier fixture
* Secrets: allowlist model auth fixture
* Secrets: allowlist model status fixtures
* Secrets: allowlist custom onboarding fixture
* Secrets: allowlist mattermost token summary fixtures
* Secrets: allowlist gateway auth suite fixtures
* Secrets: allowlist channel summary fixture
* Secrets: allowlist provider usage auth fixtures
* Secrets: allowlist media proxy fixture
* Secrets: allowlist secrets audit fixtures
* Secrets: refresh baseline after final fixture allowlists
* Feishu: prefer explicit client timeout
* Feishu: test direct timeout precedence
2026-03-06 19:35:26 -05:00
222d635aee
WhatsApp: honor outbound mediaMaxMb ( #38097 )
...
* WhatsApp: add media cap helper
* WhatsApp: cap outbound media loads
* WhatsApp: align auto-reply media caps
* WhatsApp: add outbound media cap test
* WhatsApp: update auto-reply cap tests
* Docs: update WhatsApp media caps
* Changelog: note WhatsApp media cap fix
2026-03-06 11:08:15 -05:00
7c45d918bf
Docs: align BlueBubbles media cap wording
2026-03-06 10:59:05 -05:00
9c1786bdd6
Telegram/Discord: honor outbound mediaMaxMb uploads ( #38065 )
...
* Telegram: default media cap to 100MB
* Telegram: honor outbound mediaMaxMb
* Discord: add shared media upload cap
* Discord: pass mediaMaxMb to outbound sends
* Telegram: cover outbound media cap sends
* Discord: cover media upload cap config
* Docs: update Telegram media cap guide
* Docs: update Telegram config reference
* Changelog: note media upload cap fix
* Docs: note Discord upload cap behavior
2026-03-06 10:53:06 -05:00
4a80d48ea9
fix(mattermost): allow reachable interaction callback URLs ( #37543 )
...
Merged via squash.
Prepared head SHA: 4d593731be
2026-03-06 15:27:47 +05:30
d58dafae88
feat(telegram/acp): Topic Binding, Pin Binding Message, Fix Spawn Param Parsing ( #36683 )
...
* fix(acp): normalize unicode flags and Telegram topic binding
* feat(telegram/acp): restore topic-bound ACP and session bindings
* fix(acpx): clarify permission-denied guidance
* feat(telegram/acp): pin spawn bind notice in topics
* docs(telegram): document ACP topic thread binding behavior
* refactor(reply): share Telegram conversation-id resolver
* fix(telegram/acp): preserve bound session routing semantics
* fix(telegram): respect binding persistence and expiry reporting
* refactor(telegram): simplify binding lifecycle persistence
* fix(telegram): bind acp spawns in direct messages
* fix: document telegram ACP topic binding changelog (#36683 ) (thanks @huntharo)
---------
Co-authored-by: Onur <2453968+osolmaz@users.noreply.github.com>
2026-03-06 02:17:50 +01:00
6dfd39c32f
Harden Telegram poll gating and schema consistency ( #36547 )
...
Merged via squash.
Prepared head SHA: f77824419e
2026-03-05 19:24:43 -05:00
063e493d3d
fix: decouple Discord inbound worker timeout from listener timeout ( #36602 ) (thanks @dutifulbob) ( #36602 )
...
Co-authored-by: Onur Solmaz <2453968+osolmaz@users.noreply.github.com>
2026-03-06 00:09:14 +01:00
Gustavo Madeira Santana
Jonathan Jing
Josh Avant
Tak Hoffman
Peter Steinberger
Tomáš Dinh
Vincent Koc
Alex Zaytsev
Jealous
Teconomix
Altay
Harold Hunt
Ayaan Zaidi
Muhammed Mukhthar CM
Bob