nyrn
/
openclaw
mirror of https://github.com/openclaw/openclaw.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
24,145 Commits 902 Branches 94 Tags 6.1 GiB
Commit Graph

15430 Commits

Author SHA1 Message Date
Peter Steinberger c425ef3e74
build: bump version to 2026.3.31 2026-03-31 15:48:00 +01:00
Peter Steinberger 5e30da3cad
fix(exec): restore strict inline-eval allow-always reuse 2026-03-31 23:45:22 +09:00
Peter Steinberger ac6f025c43
refactor(approvals): share telegram account binding 2026-03-31 15:39:59 +01:00
Peter Steinberger 461a3a4052
refactor(approvals): share request filter matching 2026-03-31 15:32:49 +01:00
Peter Steinberger 177687ae29
fix: adapt pi model registry calls to constructor API 2026-03-31 15:28:29 +01:00
Peter Steinberger 0d7f1e2c84
feat(security): fail closed on dangerous skill installs 2026-03-31 23:27:20 +09:00
Vincent Koc 98c0c38186 fix(ci): rebalance telegram channel tails 2026-03-31 23:24:16 +09:00
Peter Steinberger da6e9bb76f
refactor: move tasks behind plugin-sdk seam 2026-03-31 15:22:09 +01:00
Peter Steinberger e1da91791a
build: externalize bundled plugin runtime deps 2026-03-31 15:22:08 +01:00
Peter Steinberger 9537094841
test: refresh plugin sdk baseline 2026-03-31 15:22:08 +01:00
Peter Steinberger c75f4695b7
refactor: move tasks into bundled plugin 2026-03-31 15:22:08 +01:00
Peter Steinberger 584db0aff2
fix(approvals): centralize native request binding 2026-03-31 15:20:47 +01:00
Peter Steinberger 0ed7f1fd22
refactor: remove core WhatsApp runtime channel seam 2026-03-31 15:17:13 +01:00
Peter Steinberger e8cb0b3659
fix: tighten live gateway empty-response skips and outbound harness typing 2026-03-31 15:17:13 +01:00
Peter Steinberger 44b9936136
feat(plugins): add dangerous unsafe install override 2026-03-31 23:16:11 +09:00
Peter Steinberger 4fb373466e
refactor: simplify memory recovery and test setup 2026-03-31 15:02:11 +01:00
Peter Steinberger 0711cb4a05
fix(hooks): reduce registration log noise 2026-03-31 14:59:22 +01:00
Peter Steinberger dc0e0b0f68
docs(security): mark shared-secret HTTP auth as designed 2026-03-31 22:58:09 +09:00
Peter Steinberger c1ea0ae9c8
build: update deps and align pi sdk usage 2026-03-31 22:56:20 +09:00
Peter Steinberger cbfeecfab4
fix(gateway): restore shared-secret HTTP tool invoke auth 2026-03-31 22:55:15 +09:00
Jacob Tomlinson 0c83754246
Exec approvals: reject shell init-file script matches (#58369) 2026-03-31 14:53:43 +01:00
Vincent Koc 0ed4f8a72b
fix(media): reject oversized image inputs before decode (#58226) 
* fix(media): cap oversized image inputs

* chore(changelog): add media input guard note

* fix(media): address input guard review feedback

* fix(media): fail closed on unknown sips dimensions

* fix(media): avoid sips fallback in input guard
 2026-03-31 22:52:55 +09:00
Vincent Koc 2df86cce1c refactor(telegram): narrow native command reply dispatch seam 2026-03-31 22:28:53 +09:00
Peter Steinberger 5a93344d82
fix: ship bundled runtime support packages 2026-03-31 14:25:32 +01:00
Vincent Koc 5b7443d175 perf(whatsapp): narrow reply chunking imports 2026-03-31 22:25:14 +09:00
Vincent Koc 37099dae3e fix(ci): restore matrix monitor import guards and windows npm exit codes 2026-03-31 22:04:35 +09:00
Vincent Koc 675b80c4a4 perf(slack): narrow send chunking imports 2026-03-31 21:58:00 +09:00
Gustavo Madeira Santana 4ea1ca4849
Sessions: parse thread suffixes by channel (#58100) 
Merged via squash.

Prepared head SHA: 2829b9c5b5
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-03-31 08:54:16 -04:00
Vincent Koc 11590eb6ce fix(ci): restore dotenv trust boundary and windows npm exit handling 2026-03-31 21:51:17 +09:00
Vincent Koc 7710579a82 perf(telegram): narrow native command import surface 2026-03-31 21:43:16 +09:00
Vincent Koc 25a3d37970 fix(ci): restore matrix guardrails and windows exec shim 2026-03-31 21:27:43 +09:00
Vincent Koc 4d912e0451
fix(exec): block proxy-style env overrides (#58202) 
* fix(exec): block proxy-style env overrides

* fix(exec): keep trusted host proxy env inherited

* fix(exec): block git tls override env vars

* fix(skills): block dangerous env override keys
 2026-03-31 21:25:36 +09:00
Gustavo Madeira Santana 28bb8c600e
Matrix: narrow thread binding runtime seam 2026-03-31 08:12:46 -04:00
Vincent Koc 730ba40763
fix(exec): unwrap arch and xcrun dispatch wrappers (#58203) 
* fix(exec): unwrap arch and xcrun dispatch wrappers

* fix(infra): scope arch wrapper unwrapping to macos

* fix(exec): scope arch wrapper unwrapping to macos

* fix(infra): validate macos arch wrapper selectors

* test(infra): cover invalid arch name wrappers
 2026-03-31 21:00:14 +09:00
Jacob Tomlinson 2ce44ca6a1
fix(plugins): guard marketplace archive downloads (#58267) 
* Plugins: guard marketplace archive downloads

* Plugins: harden marketplace download cleanup

* Plugins: bound marketplace archive downloads

* Plugins: harden marketplace archive failures

* Plugins: reject drive-relative marketplace archives

* Plugins: stream marketplace archive downloads
 2026-03-31 12:59:42 +01:00
Mariano 607076d164
ClawFlow: add runtime substrate (#58336) 
Merged via squash.

Prepared head SHA: 6a6158179e
Reviewed-by: @mbelinky
 2026-03-31 13:58:29 +02:00
Vincent Koc 5474796735 docs(security): clarify acpx yolo mode 2026-03-31 20:54:30 +09:00
pgondhi987 d8c68c8d42
fix: migrate Telegram pairing allowFrom to default account only (#58165) 
* fix: migrate Telegram pairing allowFrom to default account only

* fix: address PR review feedback

* fix: address PR review feedback
 2026-03-31 12:51:38 +01:00
Vincent Koc b4ac69c652 docs(acp): align approval policy wording 2026-03-31 20:49:31 +09:00
Vincent Koc cd5179314d fix(acp): use semantic approval classes 2026-03-31 20:49:31 +09:00
Gustavo Madeira Santana 8c0245f57b
fix(matrix): tighten DM invite promotion state (#58099) 
Merged via squash.

Prepared head SHA: 6638d4b505
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-03-31 07:09:18 -04:00
Vincent Koc e704323ff3
fix(media): drop auth headers on cross-origin redirects (#58224) 
* fix(media): drop auth headers on cross-origin redirects

* chore(changelog): sync unreleased context

* fix(media): keep fetch-guard redirect helper working
 2026-03-31 19:57:42 +09:00
Vincent Koc 3d5af14984
fix(agents): reject escaping symlinks in ssh sandbox uploads (#58220) 
* fix(agents): reject escaping ssh sandbox upload symlinks

* fix(agents): allow safe ssh upload symlink aliases

* test(ssh): keep upload stdin open in fake ssh

* Update CHANGELOG.md
 2026-03-31 19:56:45 +09:00
Vincent Koc 57700d716f
fix(config): redact Nostr privateKey in config views (#58177) 
* wip(config): preserve nostr redaction progress

* fix(config): add private key redaction fallback

* fix(config): align nostr privateKey secret input handling

* fix(config): require resolved nostr private keys
 2026-03-31 19:55:03 +09:00
Vincent Koc cf3ae2612b fix(ci): reduce slow channel test skew 2026-03-31 19:49:40 +09:00
Vincent Koc da7f016db6 fix(doctor): align qmd probe cwd with runtime 2026-03-31 19:49:40 +09:00
Vincent Koc 6b3f99a11f
fix(gateway): enforce trusted-proxy HTTP origin checks (#58229) 
* fix(gateway): enforce trusted-proxy HTTP origin checks

* Update CHANGELOG.md
 2026-03-31 19:49:26 +09:00
Vincent Koc 9bc1f896c8
fix(pairing): scope pending request caps per account (#58239) 
* fix(pairing): scope pending pairing caps per account

* fix(pairing): count legacy default-account requests
 2026-03-31 19:45:45 +09:00
Vincent Koc 9023a0436c
fix(exec): unwrap transparent approval wrappers (#58215) 
* fix(exec): unwrap transparent approval wrappers

* fix(exec): normalize sandbox-exec -D wrapper parsing
 2026-03-31 19:38:34 +09:00
Vincent Koc eb8de6715f
fix(exec): block risky host env overrides (#58209) 
* fix(exec): block risky host env overrides

* fix(exec): block GOPRIVATE host env overrides
 2026-03-31 19:37:43 +09:00