nyrn
/
openclaw
mirror of https://github.com/openclaw/openclaw.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
23,853 Commits 905 Branches 94 Tags 6.2 GiB
Commit Graph

23853 Commits

Author SHA1 Message Date
Frank Yang cadee066e4 fix: document subagent runtime display correction 2026-03-30 23:32:28 +08:00
samzong 0b00ce38a9 fix(subagents): correct duration display showing 5-6x inflated runtime 
Replace buggy duplicate formatDurationCompact (ms/60000, minutes-only)
with re-export of canonical implementation (ms/1000, second-level).
Add ?? "n/a" fallback at two call sites for undefined return.

Closes #45009

Signed-off-by: samzong <samzong.lu@gmail.com>
 2026-03-30 23:32:08 +08:00
Jacob Tomlinson f011d0be28
fix(gateway): treat OpenAI HTTP ingress as non-owner (#57769) 
Co-authored-by: Brian Mendonca <208517100+bmendonca3@users.noreply.github.com>
 2026-03-30 16:26:53 +01:00
Sean c6f2db1506
fix: prevent gateway attachment offload regressions (#55513) (thanks @Syysean) 
* feat(gateway): implement claim check pattern to prevent OOM on large attachments

* fix: sanitize mediaId, refine trimEnd, remove warn log, add threshold and absolute path

* fix: enforce maxBytes before decoding and use dynamic path from saveMediaBuffer

* fix: enforce absolute maxBytes limit before Buffer allocation and preserve file extensions

* fix: align saveMediaBuffer arguments and satisfy oxfmt linter

* chore: strictly enforce linting rules (curly braces, unused vars, and error typing)

* fix: restrict offload to mainstream mimes to avoid extension-loss bug in store.ts for BMP/TIFF

* fix: restrict offload to mainstream mimes to bypass store.ts extension-loss bug

* chore: document bmp/tiff exclusion from offload whitelist in MIME_TO_EXT

* feat: implement agent-side resolver for opaque media URIs and finalize contract

* fix: support unicode media URIs and allow consecutive dots in safe IDs based on Codex review

* fix(gateway): enforce strict fail-fast for oversized media to prevent OOM bypass

* refactor(gateway): harden media offload with performance and security optimizations

This update refines the Claim Check pattern with industrial-grade guards:

- Performance: Implemented sampled Base64 validation for large payloads (>4KB) to prevent event loop blocking.
- Security: Added null-byte (\u0000) detection and reinforced path traversal guards.
- I18n: Updated media-uri regex to a blacklist-based character class for Unicode/Chinese filename support, with oxlint bypass for intentional control regex.
- Robustness: Enhanced error diagnostics with JSON-serialized IDs.

* fix: add HEIC/HEIF to offload allowlist and pass maxBytes to saveMediaBuffer

* fix(gateway): clean up offloaded media files on attachment parse failure

Address Codex review feedback: track saved media IDs and implement best-effort cleanup via deleteMediaBuffer if subsequent attachments fail validation, preventing orphaned files on disk.

* fix(gateway): enforce full base64 validation to prevent whitespace padding bypass

Address Codex review feedback: remove early return in isValidBase64 so padded payloads cannot bypass offload thresholds and reintroduce memory pressure. Updated related comments.

* fix(gateway): preserve offloaded media metadata and fix validation error mapping

Address Codex review feedback:
- Add \offloadedRefs\ to \ParsedMessageWithImages\ to expose structured metadata for offloaded attachments, preventing transcript media loss.
- Move \erifyDecodedSize\ outside the storage try-catch block to correctly surface client base64 validation failures as 4xx errors instead of 5xx \MediaOffloadError\.
- Add JSDoc TODOs indicating that upstream callers (chat.ts, agent.ts, server-node-events.ts) must explicitly pass the \supportsImages\ flag.

* fix(agents): explicitly allow media store dir when loading offloaded images

Address Codex review feedback: Pass getMediaDir() to loadWebMedia's localRoots for media-uri refs to prevent legacy path resolution mismatches from silently dropping large attachments.

* fix(gateway): resolve attachment offload regressions and error mapping

Address Codex review feedback:
- Pass \supportsImages\ dynamically in \chat.ts\ and \gent.ts\ based on model catalog, and explicitly in \server-node-events.ts\.
- Persist \offloadedRefs\ into the transcript pipeline in \chat.ts\ to preserve media metadata for >2MB attachments.
- Correctly map \MediaOffloadError\ to 5xx (UNAVAILABLE) to differentiate server storage faults from 4xx client validation errors.

* fix(gateway): dynamically compute supportsImages for overrides and node events

Address follow-up Codex review feedback:

- Use effective model (including overrides) to compute \supportsImages\ in \gent.ts\.

- Move session load earlier in \server-node-events.ts\ to dynamically compute \supportsImages\ rather than hardcoding true.

* fix(gateway): resolve capability edge cases reported by codex

Address final Codex edge cases:
- Refactor \gent.ts\ to compute \supportsImages\ even when no session key is present, ensuring text-only override requests without sessions safely drop attachments.
- Update catalog lookups in \chat.ts\, \gent.ts\, and \server-node-events.ts\ to strictly match both \id\ and \provider\ to prevent cross-provider model collisions.

* fix(agents): restore before_install hook for skill installs

Restore the plugin scanner security hook that was accidentally dropped during merge conflict resolution.

* fix: resolve attachment pathing, defer parsing after auth gates, and clean up node-event mocks

* fix: resolve syntax errors in test-env, fix missing helper imports, and optimize parsing sequence in node events

* fix(gateway): re-enforce message length limit after attachment parsing

Adds a secondary check to ensure the 20,000-char cap remains effective even after media markers are appended during the offload flow.

* fix(gateway): prevent dropping valid small images and clean up orphaned media on size rejection

* fix(gateway): share attachment image capability checks

* fix(gateway): preserve mixed attachment order

* fix: fail closed on unknown image capability (#55513) (thanks @Syysean)

* fix: classify offloaded attachment refs explicitly (#55513) (thanks @Syysean)

---------

Co-authored-by: Ayaan Zaidi <hi@obviy.us>
 2026-03-30 20:54:40 +05:30
Shakker 3ad747e25f style: apply formatter cleanups 2026-03-30 16:20:27 +01:00
Shakker ab141df4b5 Skills: tighten env path guidance 2026-03-30 16:10:13 +01:00
Shakker a3de1f5f55 Skills: prefer active OpenClaw paths 2026-03-30 16:10:13 +01:00
Ayaan Zaidi 08d365f481
test: pin android explicit setup auth selection 2026-03-30 20:39:20 +05:30
Ayaan Zaidi fa150f8828
fix: use explicit setup auth for android gateway connect 2026-03-30 20:39:20 +05:30
Ayaan Zaidi deead11dcd
fix(android): restore setup-code operator bootstrap connect 2026-03-30 20:39:19 +05:30
Ayaan Zaidi 2dced6b4a0
fix: allow setup-code bootstrap auth for operator pairing 2026-03-30 20:39:19 +05:30
Ayaan Zaidi e0281849c0
fix: unblock android onboarding after bootstrap pairing 2026-03-30 20:39:19 +05:30
Ayaan Zaidi fec329ce8d
fix: handle android bootstrap-only setup codes 2026-03-30 20:39:19 +05:30
Robin Waslander 4d369a3400
harden session-status tool visibility guard for all callers 2026-03-30 16:48:12 +02:00
Jacob Tomlinson 5cca380840
msteams: filter thread history by sender allowlist (#57723) 
* msteams: filter thread history by sender allowlist

* tests: merge msteams thread authz coverage

* msteams: preserve thread allowlist fallback matching
 2026-03-30 15:38:26 +01:00
Jacob Tomlinson 7e08669715
synology-chat: add webhook in-flight guard (#57722) 
* synology-chat: add webhook in-flight guard

* tests: clarify synology in-flight limit assertion

* synology-chat: scope webhook in-flight budget per account
 2026-03-30 15:37:02 +01:00
Jacob Tomlinson 7a953a5227
Plugins: block install when source scan fails (#57729) 
* Plugins: block unsafe install scan fallthrough

* Tests: normalize install scanner formatting

* Plugins: avoid duplicate scan failure messaging

* Plugins: preserve hook install block codes
 2026-03-30 15:36:08 +01:00
Jacob Tomlinson 8db20c1965
sandbox: block sensitive external bind sources (#56024) 
* sandbox: block sensitive external bind sources

* sandbox: cache blocked bind paths

* sandbox: harden blocked bind path aliases

* sandbox: block os-home bind secrets

* sandbox: refresh blocked bind path aliases
 2026-03-30 15:34:53 +01:00
Jacob Tomlinson 3216df7923
gateway: enforce embeddings HTTP write scope (#57721) 2026-03-30 15:32:03 +01:00
Robin Waslander 85647949a4
tighten phone-control scope helper extraction 2026-03-30 16:17:17 +02:00
Jacob Tomlinson c5c10adc02
gateway: trim control UI bootstrap payload (#57727) 2026-03-30 15:08:19 +01:00
Robin Waslander 847912f3e2
harden phone-control command scope checks 2026-03-30 15:52:55 +02:00
Jacob Tomlinson 3b9dab0ece
OpenShell: harden mirror sync boundaries (#57693) 
* OpenShell: harden mirror sync boundaries

* OpenShell: polish mirror hardening tests

* OpenShell: preserve trusted mirror symlinks

* OpenShell: bound mirror fs work globally
 2026-03-30 14:51:44 +01:00
Robin Waslander a4e447a16e
harden talk-voice config persistence scope checks 2026-03-30 15:38:37 +02:00
Jacob Tomlinson ee52f64226
Discord: gate audio preflight on member access (#57695) 
* Discord: gate audio preflight on member access

* Discord: trim unauthorized sender logging

* CI: retrigger after review follow-up

* Discord: document blocked-sender log privacy
 2026-03-30 14:38:22 +01:00
Jacob Tomlinson a77928b108
Gateway: harden node event trust boundaries (#57691) 
* Gateway: harden node event trust boundaries

* Gateway: preserve trusted summary prefixes

* Gateway: prefix multiline channel summaries
 2026-03-30 14:22:15 +01:00
Ayaan Zaidi 9d5c5230c5 fix: restore default HTTP operator scopes (#57596) (thanks @openperf) 2026-03-30 18:51:13 +05:30
openperf 3d659fd356 refactor(gateway ): remove unreachable null check in resolveGatewayRequestedOperatorScopes 2026-03-30 18:51:13 +05:30
openperf fe2eb185ff fix(gateway ): restore default operator scopes for pure HTTP token auth 2026-03-30 18:51:13 +05:30
Jacob Tomlinson 8b88b927cb
gateway: clear unbound scopes for trusted-proxy auth (#57692) 
* gateway: clear unbound scopes for trusted-proxy auth

* gateway: isolate trusted-proxy scope test branch
 2026-03-30 14:19:00 +01:00
Jacob Tomlinson 566fb73d9d
reply: enforce ACP attachment roots (#57690) 
* reply: enforce ACP attachment roots

* media: harden local attachment cache reads

* reply: clarify ACP attachment skip logs

* reply: keep ACP attachments path-only
 2026-03-30 14:04:02 +01:00
Jacob Tomlinson 3834d47099
MS Teams: validate webhook auth before JSON parsing (#57686) 2026-03-30 13:46:40 +01:00
pgondhi987 bc3b05dce4
fix(infra): block BROWSER, GIT_EDITOR, GIT_SEQUENCE_EDITOR from inherited host env (#57559) 2026-03-30 12:31:04 +01:00
pgondhi987 c4fa8635d0
fix(telegram): gate audio preflight transcription on sender authorization (#57566) 
* Telegram: gate audio preflight transcription on sender authorization

* fix: honor telegram audio preflight command auth
 2026-03-30 12:19:31 +01:00
Vincent Koc 348b094fe8 fix(test): satisfy telegram pairing seam 2026-03-30 20:05:29 +09:00
Kunal Karmakar 34b0a19a16
fix: use azure-openai-responses for Azure custom providers (#50851) (thanks @kunalk16) 
* Add azure-openai-responses

* Unit tests update for updated API

* Add entry for PR #50851

* Add comma to address PR comment

Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>

* Address PR comment on sanitization of output

* Address review comment

* Revert commits

* Revert commit

* Update changelog stating Azure OpenAI only

Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>

* Add references

* Address PR comment on sanitization of output

* Address review comment

* Revert commits

* Revert commit

* Address PR comment on sanitization of output

* Address review comment

* Revert commits

* Revert commit

* Fix generated file

* Add azure openai responses to OPENAI_RESPONSES_APIS

* Add azure openai responses to createParallelToolCallsWrapper

* Adding azure openai responses to attempt.ts

* Add azure openai responses to google.ts

* Address PR comment on sanitization of output

* Revert commit

* Address PR comment on sanitization of output

* Revert commit

* Address PR comment on sanitization of output

* Revert commit

* Fix changelog

* Fix linting

* fix: cover azure responses wrapper path (#50851) (thanks @kunalk16)

---------

Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
Co-authored-by: Ayaan Zaidi <hi@obviy.us>
 2026-03-30 16:17:03 +05:30
Vincent Koc 2fbd5e3f5f fix(test): trim telegram command registry imports 2026-03-30 19:34:47 +09:00
Vincent Koc 69916e8082 fix(twitch): align markdown table mode type 2026-03-30 19:32:14 +09:00
Vincent Koc b7de04f23f
fix(memory): preserve shared qmd collection names (#57628) 
* fix(memory): preserve shared qmd collection names

* fix(memory): canonicalize qmd path containment
 2026-03-30 19:29:35 +09:00
Vincent Koc 85f3136cfc fix(test): use plugin public surfaces in reply command tests 2026-03-30 19:28:10 +09:00
Vincent Koc 54f7221465
fix(slack): restore table block mode seam (#57591) 
* fix(slack): restore table block mode seam

Restore the shared markdown/config seam needed for Slack Block Kit table support, while coercing non-Slack block mode back to code.

* fix(slack): narrow table block seam defaults

Keep Slack table block mode opt-in in this seam-only PR, clamp collected placeholder offsets, and align fallback-table rendering with Slack block limits.

* fix(slack): bound table fallback rendering

Avoid spread-based maxima and bound Slack table fallback rendering by row, column, cell-width, and total-output limits to prevent resource exhaustion.

* fix(slack): keep block mode inactive in seam PR

Keep markdown table block mode schema-valid but runtime-resolved to code until the Slack send path is wired to emit table attachments.

* fix(slack): normalize configured block mode safely

Accept configured markdown table block mode at parse time, then normalize it back to code during runtime resolution so seam-only branches do not drop table content.
 2026-03-30 19:25:01 +09:00
Vincent Koc 56be744a7a docs: simplify automation decision flowchart to linear path 2026-03-30 19:22:56 +09:00
Vincent Koc b0738210ff docs: replace ASCII decision tree with mermaid flowchart on automation hub 2026-03-30 19:20:13 +09:00
Vincent Koc 256e3b9b5f docs: add automation overview links to all automation page Related sections 
- cron-jobs.md: add Related section (was missing entirely)
- cron-vs-heartbeat.md: add automation overview link, normalize dash style
- tasks.md: add automation overview link
- standing-orders.md: add automation overview, hooks, webhooks links

All automation pages now link back to /automation for navigation.
 2026-03-30 19:18:44 +09:00
Vincent Koc f80310e617 docs: Batch 5 — restructure Nodes group with subgroups 
Rename "Nodes and devices" to "Nodes and media" and split into
two subgroups for better navigation:
- Media capabilities: media-understanding, images, audio, camera, tts
- Node features: talk, voicewake, location-command
 2026-03-30 19:13:00 +09:00
Vincent Koc 69b72cd977 docs: Batch 4 — create image generation tool page 
New page: docs/tools/image-generation.md covering:
- image_generate tool parameters and usage
- Supported providers (OpenAI, Google, fal, MiniMax) with capability matrix
- Config for imageGenerationModel (string and object forms)
- Provider selection order and fallback behavior
- Image editing with reference images
- Provider-specific capabilities (size, aspect ratio, resolution)

Add to Mintlify nav under Tools > Tools group.
 2026-03-30 19:12:35 +09:00
Vincent Koc fa23b5e5a5 docs: Batch 3 — fix misplaced nav entries 
- Move plugins/voice-call from Channels > Messaging platforms to
  Tools & Plugins > Plugins (it's a plugin, not a channel integration)
- Add install/clawdock to Install > Containers nav (was orphaned)
 2026-03-30 19:09:40 +09:00
Vincent Koc 2b4f600f9c docs: Batch 2 — add Related sections to all channel pages 
Add consistent Related sections to 17 channel pages that had none,
linking to: Channels Overview, Pairing, Groups, Channel Routing, Security.

Add Groups and Security links to 4 channel pages (discord, slack,
telegram, whatsapp) that already had partial Related sections.
 2026-03-30 19:08:22 +09:00
Vincent Koc e682b72154 docs: Batch 1 — create automation hub + add Related sections 
New page: docs/automation/index.md — single entry point for all automation
mechanisms (heartbeat, cron, tasks, hooks, standing-orders, webhooks) with
a decision flowchart and comparison table.

Add "Related" sections to 5 high-traffic pages that were dead ends:
- gateway/heartbeat.md → links to tasks, cron-vs-heartbeat, timezone, troubleshooting
- concepts/session.md → links to multi-agent, tasks, channel-routing
- concepts/multi-agent.md → links to channel-routing, subagents, ACP, presence, session
- concepts/agent-loop.md → links to tools, hooks, compaction, exec-approvals, thinking
- concepts/timezone.md → links to heartbeat, cron-jobs, date-time

Add automation/index to Mintlify nav as first item in Automation group.
 2026-03-30 19:07:18 +09:00
Vincent Koc 104f006916 fix(test): trim reply command registry imports 2026-03-30 19:02:40 +09:00