openclaw

Commit Graph

Author	SHA1	Message	Date
Vincent Koc	622bdfdad1	docs(memory): clarify qmd symlink traversal limits	2026-03-31 17:54:00 +09:00
Vincent Koc	549169f746	fix(docs): format memory config reference	2026-03-31 17:18:21 +09:00
Vincent Koc	ab4ddff7f1	feat(memory): add per-agent QMD extra collections for cross-agent session search (#58211 ) * feat(memory): add per-agent qmd extra collections * test(config): cover qmd extra collections schema outputs * docs(config): refresh qmd extra collections baseline * docs(config): regenerate qmd extra collections baselines * docs(config): clarify qmd extra collection naming	2026-03-31 17:08:18 +09:00
Josh Avant	788f56f30f	Secrets: hard-fail unsupported SecretRef policy and fix gateway restart token drift (#58141 ) * Secrets: enforce C2 SecretRef policy and drift resolution * Tests: add gateway auth startup/reload SecretRef runtime coverage * Docs: sync C2 SecretRef policy and coverage matrix * Config: hard-fail parent SecretRef policy writes * Secrets: centralize unsupported SecretRef policy metadata * Daemon: test service-env precedence for token drift refs * Config: keep per-ref dry-run resolvability errors * Docs: clarify config-set parent-object policy checks * Gateway: fix drift fallback and schema-key filtering * Gateway: align drift fallback with credential planner * changelog Signed-off-by: joshavant <830519+joshavant@users.noreply.github.com> --------- Signed-off-by: joshavant <830519+joshavant@users.noreply.github.com>	2026-03-31 02:37:31 -05:00
Vincent Koc	2feb83babb	fix(ci): shard fast extension checks	2026-03-31 15:58:50 +09:00
Gustavo Madeira Santana	47136536c8	tests: use multi-sample CLI startup baselines	2026-03-30 22:35:50 -04:00
Gustavo Madeira Santana	68e49fa791	tests: standardize CLI startup benchmarks	2026-03-30 22:15:56 -04:00
Vincent Koc	c5baf63fa5	docs: deep audit of memory section -- fix icons, beef up engine pages, restructure config reference	2026-03-30 08:39:18 +09:00
Vincent Koc	143b4c54ba	docs: simplify sessions/memory concept pages and fix QMD experimental label	2026-03-30 07:32:20 +09:00
Vincent Koc	40446ea27c	docs: add cross-links to new memory-search page from reference docs	2026-03-30 07:10:33 +09:00
Peter Steinberger	d9274444b7	fix: keep beta on newer prereleases	2026-03-30 05:37:01 +09:00
Vincent Koc	f897aba69a	docs: add missing feature docs for Matrix E2EE thumbnails, LINE media, and CJK memory - Matrix: note encrypted thumbnail behavior in E2EE rooms (#54711) - LINE: add outbound media section for image/video/audio sends (#45826) - Memory: document CJK trigram tokenization and chunk sizing	2026-03-29 17:26:02 +09:00
Vincent Koc	3aac43e30b	docs: remove stale MiniMax M2.5 refs and add image generation docs After the M2.7-only catalog trim (#54487), update 10 docs files: - Replace removed M2.5/VL-01 model references across FAQ, wizard, config reference, local-models, and provider pages - Make local-models guide model-agnostic (generic LM Studio placeholder) - Add image-01 generation section to minimax.md - Leave third-party catalogs (Synthetic, Venice) unchanged	2026-03-29 17:26:02 +09:00
Gustavo Madeira Santana	c7330eb716	Docs: audit Matrix CLI and setup docs	2026-03-29 01:48:18 -04:00
Peter Steinberger	5cfb979766	docs: add missing CLAUDE symlinks	2026-03-29 09:29:04 +09:00
Peter Steinberger	143fb34bf9	docs: remove stale code_execution secretref path	2026-03-28 22:10:22 +00:00
Peter Steinberger	6e0b67a2fd	docs(secrets): sync credential surface matrix	2026-03-28 21:35:13 +00:00
huntharo	43143486eb	Docs: refresh x_search secretref matrix	2026-03-28 21:35:13 +00:00
kakahu	158e7c517e	fix(matrix): resolve env SecretRef fallback in clean() for channel startup (#54980 ) Merged via squash. Prepared head SHA: `b71a86e68e` Co-authored-by: kakahu2015 <17962485+kakahu2015@users.noreply.github.com> Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com> Reviewed-by: @gumadeiras	2026-03-28 00:21:57 -04:00
Peter Steinberger	048a4e4f9e	docs: clarify mcp server and client modes	2026-03-28 04:10:20 +00:00
Peter Steinberger	10527ff8a3	build: refresh deps and vitest cache lanes	2026-03-27 02:26:07 +00:00
Peter Steinberger	c9556c257e	docs: clarify memory plugin adapter ids	2026-03-27 00:47:01 +00:00
Peter Steinberger	eef27001de	docs: explain anthropic claude cli migration	2026-03-26 23:04:47 +00:00
Peter Steinberger	d72115c9df	refactor: genericize speech provider config surface	2026-03-26 22:48:57 +00:00
Peter Steinberger	39ad51426c	test: add Open WebUI docker smoke	2026-03-25 05:28:51 -07:00
Peter Steinberger	ce49d8bca9	fix: verify global npm correction installs	2026-03-23 21:04:08 -07:00
Peter Steinberger	9334015262	fix: ship bundled plugin runtime sidecars	2026-03-23 17:38:08 -07:00
Peter Steinberger	ffd722bc2c	build: harden local release verification	2026-03-23 17:38:08 -07:00
Peter Steinberger	80bd5ba728	fix(release): fail empty control ui tarballs	2026-03-23 11:03:14 -07:00
Onur Solmaz	8ed33c2aff	release: automate macOS publishing (#52853 ) * release: automate macOS publishing * release: keep mac appcast in openclaw repo * release: add preflight-only release workflow runs * release: keep appcast updates manual * release: generate signed appcast as workflow artifact * release: require preflight before publish * release: require mac app for every release * docs: clarify every release ships mac app * release: document Sparkle feed and SHA rules * release: keep publish flow tag-based * release: stabilize mac appcast flow * release: document local mac fallback	2026-03-23 16:04:53 +01:00
Peter Steinberger	827c441902	fix(test): isolate flaky extension lanes	2026-03-23 05:02:07 +00:00
Peter Steinberger	46a455d9e3	perf: enable vitest fs module cache by default	2026-03-23 04:48:31 +00:00
Peter Steinberger	7909236bd1	perf: add vitest test perf workflows	2026-03-23 04:41:38 +00:00
Peter Steinberger	462d7ad9c0	perf: default channel vitest lanes to threads	2026-03-22 19:10:43 -07:00
Peter Steinberger	d0f5e7cb2d	test: simplify vitest runner pools	2026-03-22 16:22:09 -07:00
Vincent Koc	f1603314f0	fix(docs): add missing title frontmatter to 7 template files	2026-03-22 15:56:26 -07:00
Peter Steinberger	d907ebffc5	perf: trim vitest thread overrides	2026-03-22 15:25:58 -07:00
Peter Steinberger	29c0e783b1	refactor: rename vitest behavior lanes	2026-03-22 14:36:57 -07:00
Peter Steinberger	0329412af2	docs: note extension vitest threads default	2026-03-22 12:38:42 -07:00
Peter Steinberger	26d400bea6	docs: note unit vitest threads default	2026-03-22 12:25:51 -07:00
Peter Steinberger	85a5d64d8f	test: speed up isolated test lanes	2026-03-20 17:11:23 +00:00
Shakker	06fc498d54	chore(docs): refresh secretref credential matrix	2026-03-20 06:13:27 +00:00
Lakshya Agarwal	b36e456b09	feat: add Tavily as a bundled web search plugin with search and extract tools (#49200 ) Merged via squash. Prepared head SHA: `ece9226e88` Co-authored-by: lakshyaag-tavily <266572148+lakshyaag-tavily@users.noreply.github.com> Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com> Reviewed-by: @gumadeiras	2026-03-20 01:06:26 -04:00
Gustavo Madeira Santana	1ba70c3707	Docs: switch MiniMax defaults to M2.7	2026-03-20 00:05:04 -04:00
Vincent Koc	b28cf6a8a4	docs: split memory.md into concept intro + reference page	2026-03-19 10:57:47 -07:00
Vincent Koc	b526098eb2	docs: restore original Credits heading, disambiguate H1	2026-03-18 12:38:46 -07:00
Vincent Koc	c749957c93	docs: fix duplicate Credits heading in credits.md	2026-03-18 12:34:37 -07:00
Vincent Koc	198de10523	docs: add missing H1 headings and fix HEARTBEAT template	2026-03-18 12:27:07 -07:00
Peter Steinberger	05b1cdec3c	test: make runner scheduling timing-driven	2026-03-18 16:57:38 +00:00
Peter Steinberger	f6928617b7	test: stabilize gate regressions	2026-03-18 15:36:32 +00:00
Vincent Koc	3cecbcf8b6	docs: fix curly quotes, non-breaking hyphens, and remaining apostrophes in headings	2026-03-18 01:31:38 -07:00
Vincent Koc	1cbfd53ed1	docs: remove apostrophes from headings (breaks Mintlify anchors) Replace contractions and possessives in doc headings with expanded forms so Mintlify generates stable anchor links. Updates matching TOC entries and internal cross-references in faq.md. Affected: faq.md (18 headings + 16 TOC links + 2 body refs), twitch.md, ansible.md, render.mdx, macos-vm.md, digitalocean.md, oracle.md, raspberry-pi.md, lore.md, AGENTS.dev.md, SOUL.dev.md, BOOTSTRAP.md Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-18 00:02:42 -07:00
Vincent Koc	8ac4b09fa4	docs: fix em-dash headings and broken links across docs - Replace em-dashes in headings with hyphens/parens (breaks Mintlify anchors) - Fix broken /testing link in pi-dev.md to /help/testing - Convert absolute docs URLs to root-relative in pi-dev.md Files: migrating.md, images.md, audio.md, media-understanding.md, venice.md, minimax.md, AGENTS.default.md, security/index.md, pi-dev.md Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-17 23:55:46 -07:00
Tak Hoffman	0354d49a82	docs update web search config guidance	2026-03-18 00:00:17 -05:00
Tak Hoffman	4863b651c6	docs: rename onboarding user-facing wizard copy Co-authored-by: Tak <contact-redacted@example.com>	2026-03-16 19:50:31 -05:00
Peter Steinberger	f9e185887f	docs: restore onboard docs references	2026-03-16 05:50:57 +00:00
Peter Steinberger	823039c000	docs: prefer setup wizard command	2026-03-15 22:01:04 -07:00
Peter Steinberger	5287ae3c06	docs: update setup wizard wording	2026-03-15 21:40:31 -07:00
Onur Solmaz	a2080421a1	Docs: move release runbook to maintainer repo (#47532 ) * Docs: redact private release setup * Docs: tighten release order * Docs: move release runbook to maintainer repo * Docs: delete public mac release page * Docs: remove zh-CN mac release page * Docs: turn release checklist into release policy * Docs: point release policy to private docs * Docs: regenerate zh-CN release policy pages * Docs: preserve Doctor in zh-CN hubs * Docs: fix zh-CN polls label * Docs: tighten docs i18n term guardrails * Docs: enforce zh-CN glossary coverage	2026-03-15 20:42:39 +01:00
Vincent Koc	cbec476b6b	Docs: add config drift baseline statefile (#45891 ) * Docs: add config drift statefile generator * Docs: generate config drift baseline * CI: move config docs drift runner into workflow sanity * Docs: emit config drift baseline json * Docs: commit config drift baseline json * Docs: wire config baseline into release checks * Config: fix baseline drift walker coverage * Docs: regenerate config drift baselines	2026-03-14 14:23:30 -07:00
Onur	d33f3f843a	ci: allow fallback npm correction tags (#46486 )	2026-03-14 19:38:14 +01:00
Vincent Koc	c30cabcca4	Docs: sweep recent user-facing updates (#46424 ) * Docs: document Telegram force-document sends * Docs: note Telegram document send behavior * Docs: clarify memory file precedence * Docs: align default AGENTS memory guidance * Docs: update workspace FAQ memory note * Docs: document gateway status require-rpc * Docs: add require-rpc to gateway CLI index	2026-03-14 10:20:44 -07:00
Onur Solmaz	c08317203d	ci: enforce calver freshness on npm publish	2026-03-14 13:45:40 +01:00
Onur Solmaz	00891dee90	ci: switch npm release workflow to trusted publishing	2026-03-14 13:45:40 +01:00
Onur Solmaz	61a7f2e7c3	docs: clarify npm release preview and publish flow	2026-03-14 13:45:40 +01:00
Onur Solmaz	02a86da23a	ci: preserve manual npm release approval delays	2026-03-14 13:45:40 +01:00
Peter Steinberger	75c7c169e1	test: re-enable Node 24 vmForks fast lane	2026-03-13 20:38:24 +00:00
Peter Steinberger	5225667e25	docs: trim duplicated wizard and gateway api examples	2026-03-13 20:19:39 +00:00
Keelan Fadden-Hopper	fc408bba37	Fix incorrect rendering of brave costs in docs (#44989 ) Merged via squash. Prepared head SHA: `8c69de8222` Co-authored-by: keelanfh <19519457+keelanfh@users.noreply.github.com> Co-authored-by: altaywtf <9790196+altaywtf@users.noreply.github.com> Reviewed-by: @altaywtf	2026-03-13 21:37:39 +03:00
Jealous	a3eed2b70f	fix(agents): avoid injecting memory file twice on case-insensitive mounts (#26054 ) * fix(agents): avoid injecting memory file twice on case-insensitive mounts On case-insensitive file systems mounted into Docker from macOS, both MEMORY.md and memory.md pass fs.access() even when they are the same underlying file. The previous dedup via fs.realpath() failed in this scenario because realpath does not normalise case through the Docker mount layer, so both paths were treated as distinct entries and the same content was injected into the bootstrap context twice, wasting tokens. Fix by replacing the collect-then-dedup approach with an early-exit: try MEMORY.md first; fall back to memory.md only when MEMORY.md is absent. This makes the function return at most one entry regardless of filesystem case-sensitivity. * docs: clarify singular memory bootstrap fallback * fix: note memory bootstrap fallback docs and changelog (#26054) (thanks @Lanfei) --------- Co-authored-by: Ayaan Zaidi <hi@obviy.us>	2026-03-13 14:39:51 +05:30
Peter Steinberger	d6d01f853f	fix: align Ollama onboarding docs before landing (#43473 ) (thanks @BruceMacD) (cherry picked from commit 19fa274343a102ca85c7679ec28c5a3503a99f55)	2026-03-13 02:03:54 +00:00
Josh Lehman	8525fd94ea	docs: sync Feishu secretref credential matrix ## Summary - Problem: `src/secrets/target-registry.test.ts` fails on latest `main` because the runtime registry includes Feishu `encryptKey` paths that the docs matrix and surface reference omit. - Why it matters: the docs/runtime sync guard currently blocks prep and merge work for unrelated PRs, including `#25558`. - What changed: regenerated the secretref credential matrix and updated the surface reference to include both Feishu `encryptKey` paths. - What did NOT change (scope boundary): no runtime registry behavior, config semantics, or channel handling changed. ## Change Type (select all) - [x] Bug fix - [ ] Feature - [ ] Refactor - [x] Docs - [ ] Security hardening - [ ] Chore/infra ## Scope (select all touched areas) - [ ] Gateway / orchestration - [ ] Skills / tool execution - [ ] Auth / tokens - [ ] Memory / storage - [x] Integrations - [ ] API / contracts - [ ] UI / DX - [ ] CI/CD / infra ## Linked Issue/PR - Closes # - Related #25558 ## User-visible / Behavior Changes None. ## Security Impact (required) - New permissions/capabilities? `No` - Secrets/tokens handling changed? `No` - New/changed network calls? `No` - Command/tool execution surface changed? `No` - Data access scope changed? `No` - If any `Yes`, explain risk + mitigation: ## Repro + Verification ### Environment - OS: macOS - Runtime/container: Node.js repo checkout - Model/provider: N/A - Integration/channel (if any): Feishu docs/runtime registry sync - Relevant config (redacted): none ### Steps 1. Check out latest `main` before this change. 2. Run `./node_modules/.bin/vitest run --config vitest.unit.config.ts src/secrets/target-registry.test.ts`. 3. Apply this docs-only sync change and rerun the same command. ### Expected - The target registry stays in sync with the generated docs matrix and the test passes. ### Actual - Before this change, the test failed because `channels.feishu.encryptKey` and `channels.feishu.accounts..encryptKey` were missing from the docs artifacts. ## Evidence Attach at least one: - [x] Failing test/log before + passing after - [ ] Trace/log snippets - [ ] Screenshot/recording - [ ] Perf numbers (if relevant) ## Human Verification (required) What you personally verified (not just CI), and how: - Verified scenarios: confirmed the failure on plain latest `main`, applied only these docs entries in a clean bootstrapped worktree, and reran `./node_modules/.bin/vitest run --config vitest.unit.config.ts src/secrets/target-registry.test.ts` to green. - Edge cases checked: verified both top-level Feishu `encryptKey` and account-scoped `encryptKey` paths are present in the matrix and surface reference. - What you did not* verify: full repo test suite and CI beyond the targeted regression. ## Review Conversations - [x] I replied to or resolved every bot review conversation I addressed in this PR. - [x] I left unresolved only the conversations that still need reviewer or maintainer judgment. If a bot review conversation is addressed by this PR, resolve that conversation yourself. Do not leave bot review conversation cleanup for maintainers. ## Compatibility / Migration - Backward compatible? `Yes` - Config/env changes? `No` - Migration needed? `No` - If yes, exact upgrade steps: ## Failure Recovery (if this breaks) - How to disable/revert this change quickly: revert this commit. - Files/config to restore: `docs/reference/secretref-user-supplied-credentials-matrix.json` and `docs/reference/secretref-credential-surface.md` - Known bad symptoms reviewers should watch for: the target-registry docs sync test failing again for missing Feishu `encryptKey` entries. ## Risks and Mitigations - Risk: the markdown surface reference could drift from the generated matrix again in a later credential-shape change. - Mitigation: `src/secrets/target-registry.test.ts` continues to guard docs/runtime sync.	2026-03-12 08:18:13 -07:00
Altay	0a8d2b6200	build: raise Node 22 compatibility floor to 22.16	2026-03-12 20:07:44 +05:30
Altay	deada7edd3	build: default to Node 24 and keep Node 22 compat	2026-03-12 20:07:44 +05:30
Josh Avant	0bcb95e8fa	Models: enforce source-managed SecretRef markers in models.json (#43759 ) Merged via squash. Prepared head SHA: `4a065ef5d8` Co-authored-by: joshavant <830519+joshavant@users.noreply.github.com> Co-authored-by: joshavant <830519+joshavant@users.noreply.github.com> Reviewed-by: @joshavant	2026-03-12 02:22:52 -05:00
Luke	7761e7626f	Providers: add Opencode Go support (#42313 ) * feat(providers): add opencode-go provider support and onboarding * Onboard: unify OpenCode auth handling openclaw#42313 thanks @ImLukeF * Docs: merge OpenCode Zen and Go docs openclaw#42313 thanks @ImLukeF * Update CHANGELOG.md --------- Co-authored-by: Ubuntu <ubuntu@vps-90352893.vps.ovh.ca> Co-authored-by: Vincent Koc <vincentkoc@ieee.org>	2026-03-11 01:31:06 -04:00
Onur	8ba1b6eff1	ci: add npm release workflow and CalVer checks (#42414 ) (thanks @onutc)	2026-03-10 20:09:25 +01:00
Josh Avant	f0eb67923c	fix(secrets): resolve web tool SecretRefs atomically at runtime	2026-03-09 22:57:03 -05:00
Rémi	2970d72554	docs: update Brave Search API docs for Feb 2026 plan restructuring (#40111 ) Merged via squash. Prepared head SHA: `c651f07855` Co-authored-by: remusao <1299873+remusao@users.noreply.github.com> Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com> Reviewed-by: @gumadeiras	2026-03-08 14:06:21 -04:00
Josh Avant	8e20dd22d8	Secrets: harden SecretRef-safe models.json persistence (#38955 )	2026-03-07 11:28:39 -06:00
Peter Steinberger	1dd4f92ea2	fix: default local onboarding tools profile to coding	2026-03-07 16:41:27 +00:00
Kesku	3d7bc5958d	feat(onboarding): add web search to onboarding flow (#34009 ) * add web search to onboarding flow * remove post onboarding step (now redundant) * post-onboarding nudge if no web search set up * address comments * fix test mocking * add enabled: false assertion to the no-key test * --skip-search cli flag * use provider that a user has a key for * add assertions, replace the duplicated switch blocks * test for quickstart fast-path with existing config key * address comments * cover quickstart falls through to key test * bring back key source * normalize secret inputs instead of direct string trimming * preserve enabled: false if it's already set * handle missing API keys in flow * doc updates * hasExistingKey to detect both plaintext strings and SecretRef objects * preserve enabled state only on the "keep current" paths * add test for preserving * better gate flows * guard against invalid provider values in config * Update src/commands/configure.wizard.ts Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com> * format fix * only mentions env var when it's actually available * search apiKey fields now typed as SecretInput * if no provider check if any search provider key is detectable * handle both kimi keys * remove .filter(Boolean) * do not disable web_search after user enables it * update resolveSearchProvider * fix(onboarding): skip search key prompt in ref mode * fix: add onboarding web search step (#34009) (thanks @kesku) --------- Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com> Co-authored-by: Shadow <hi@shadowing.dev>	2026-03-06 13:09:00 -06:00
Josh Avant	72cf9253fc	Gateway: add SecretRef support for gateway.auth.token with auth-mode guardrails (#35094 )	2026-03-05 12:53:56 -06:00
青雲	96021a2b17	fix: align AGENTS.md template section names with post-compaction extraction (#25029 ) (#25098 ) Merged via squash. Prepared head SHA: `8cd6cc8049` Co-authored-by: echoVic <16428813+echoVic@users.noreply.github.com> Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com> Reviewed-by: @jalehman	2026-03-04 12:16:00 -08:00
joshavant	a9969e641a	docs: fix secretref marker rendering in credential surface	2026-03-03 15:08:41 -06:00
joshavant	490670128b	fix(docs): avoid MDX regex markers in secretref page	2026-03-03 14:00:09 -06:00
joshavant	70c6bc8581	fix(docs): use MDX-safe secretref markers	2026-03-03 13:54:03 -06:00
Henry Loenwind	75775f2fe6	chore: Updated Brave documentation (#26860 ) Merged via squash. Prepared head SHA: `f8fc4bf01e` Co-authored-by: HenryLoenwind <1485873+HenryLoenwind@users.noreply.github.com> Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com> Reviewed-by: @gumadeiras	2026-03-03 01:34:15 -05:00
Josh Avant	806803b7ef	feat(secrets): expand SecretRef coverage across user-supplied credentials (#29580 ) * feat(secrets): expand secret target coverage and gateway tooling * docs(secrets): align gateway and CLI secret docs * chore(protocol): regenerate swift gateway models for secrets methods * fix(config): restore talk apiKey fallback and stabilize runner test * ci(windows): reduce test worker count for shard stability * ci(windows): raise node heap for test shard stability * test(feishu): make proxy env precedence assertion windows-safe * fix(gateway): resolve auth password SecretInput refs for clients * fix(gateway): resolve remote SecretInput credentials for clients * fix(secrets): skip inactive refs in command snapshot assignments * fix(secrets): scope gateway.remote refs to effective auth surfaces * fix(secrets): ignore memory defaults when enabled agents disable search * fix(secrets): honor Google Chat serviceAccountRef inheritance * fix(secrets): address tsgo errors in command and gateway collectors * fix(secrets): avoid auth-store load in providers-only configure * fix(gateway): defer local password ref resolution by precedence * fix(secrets): gate telegram webhook secret refs by webhook mode * fix(secrets): gate slack signing secret refs to http mode * fix(secrets): skip telegram botToken refs when tokenFile is set * fix(secrets): gate discord pluralkit refs by enabled flag * fix(secrets): gate discord voice tts refs by voice enabled * test(secrets): make runtime fixture modes explicit * fix(cli): resolve local qr password secret refs * fix(cli): fail when gateway leaves command refs unresolved * fix(gateway): fail when local password SecretRef is unresolved * fix(gateway): fail when required remote SecretRefs are unresolved * fix(gateway): resolve local password refs only when password can win * fix(cli): skip local password SecretRef resolution on qr token override * test(gateway): cast SecretRef fixtures to OpenClawConfig * test(secrets): activate mode-gated targets in runtime coverage fixture * fix(cron): support SecretInput webhook tokens safely * fix(bluebubbles): support SecretInput passwords across config paths * fix(msteams): make appPassword SecretInput-safe in onboarding/token paths * fix(bluebubbles): align SecretInput schema helper typing * fix(cli): clarify secrets.resolve version-skew errors * refactor(secrets): return structured inactive paths from secrets.resolve * refactor(gateway): type onboarding secret writes as SecretInput * chore(protocol): regenerate swift models for secrets.resolve * feat(secrets): expand extension credential secretref support * fix(secrets): gate web-search refs by active provider * fix(onboarding): detect SecretRef credentials in extension status * fix(onboarding): allow keeping existing ref in secret prompt * fix(onboarding): resolve gateway password SecretRefs for probe and tui * fix(onboarding): honor secret-input-mode for local gateway auth * fix(acp): resolve gateway SecretInput credentials * fix(secrets): gate gateway.remote refs to remote surfaces * test(secrets): cover pattern matching and inactive array refs * docs(secrets): clarify secrets.resolve and remote active surfaces * fix(bluebubbles): keep existing SecretRef during onboarding * fix(tests): resolve CI type errors in new SecretRef coverage * fix(extensions): replace raw fetch with SSRF-guarded fetch * test(secrets): mark gateway remote targets active in runtime coverage * test(infra): normalize home-prefix expectation across platforms * fix(cli): only resolve local qr password refs in password mode * test(cli): cover local qr token mode with unresolved password ref * docs(cli): clarify local qr password ref resolution behavior * refactor(extensions): reuse sdk SecretInput helpers * fix(wizard): resolve onboarding env-template secrets before plaintext * fix(cli): surface secrets.resolve diagnostics in memory and qr * test(secrets): repair post-rebase runtime and fixtures * fix(gateway): skip remote password ref resolution when token wins * fix(secrets): treat tailscale remote gateway refs as active * fix(gateway): allow remote password fallback when token ref is unresolved * fix(gateway): ignore stale local password refs for none and trusted-proxy * fix(gateway): skip remote secret ref resolution on local call paths * test(cli): cover qr remote tailscale secret ref resolution * fix(secrets): align gateway password active-surface with auth inference * fix(cli): resolve inferred local gateway password refs in qr * fix(gateway): prefer resolvable remote password over token ref pre-resolution * test(gateway): cover none and trusted-proxy stale password refs * docs(secrets): sync qr and gateway active-surface behavior * fix: restore stability blockers from pre-release audit * Secrets: fix collector/runtime precedence contradictions * docs: align secrets and web credential docs * fix(rebase): resolve integration regressions after main rebase * fix(node-host): resolve gateway secret refs for auth * fix(secrets): harden secretinput runtime readers * gateway: skip inactive auth secretref resolution * cli: avoid gateway preflight for inactive secret refs * extensions: allow unresolved refs in onboarding status * tests: fix qr-cli module mock hoist ordering * Security: align audit checks with SecretInput resolution * Gateway: resolve local-mode remote fallback secret refs * Node host: avoid resolving inactive password secret refs * Secrets runtime: mark Slack appToken inactive for HTTP mode * secrets: keep inactive gateway remote refs non-blocking * cli: include agent memory secret targets in runtime resolution * docs(secrets): sync docs with active-surface and web search behavior * fix(secrets): keep telegram top-level token refs active for blank account tokens * fix(daemon): resolve gateway password secret refs for probe auth * fix(secrets): skip IRC NickServ ref resolution when NickServ is disabled * fix(secrets): align token inheritance and exec timeout defaults * docs(secrets): clarify active-surface notes in cli docs * cli: require secrets.resolve gateway capability * gateway: log auth secret surface diagnostics * secrets: remove dead provider resolver module * fix(secrets): restore gateway auth precedence and fallback resolution * fix(tests): align plugin runtime mock typings --------- Co-authored-by: Peter Steinberger <steipete@gmail.com>	2026-03-03 02:58:20 +00:00
nico-hoff	3eec79bd6c	feat(memory): add Ollama embedding provider (#26349 ) Merged via /review-pr -> /prepare-pr -> /merge-pr. Prepared head SHA: `ac41386543` Co-authored-by: nico-hoff <43175972+nico-hoff@users.noreply.github.com> Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com> Reviewed-by: @gumadeiras	2026-03-02 20:56:40 -05:00
Peter Steinberger	6b85ec3022	docs: tighten subscription guidance and update MiniMax M2.5 refs	2026-03-03 00:02:37 +00:00
Peter Steinberger	cf5702233c	docs(security)!: document messaging-only onboarding default and hook/model risk	2026-03-02 18:15:49 +00:00
Peter Steinberger	842deefe5d	test: split fast lane from channel and gateway suites	2026-03-02 05:33:07 +00:00
Agent	063c4f00ea	docs: clarify Anthropic context1m long-context requirements	2026-03-01 22:35:26 +00:00
Vincent Koc	c161e141f3	Docs tests: add CLI startup benchmark usage	2026-03-01 12:56:56 -08:00
Peter Steinberger	0ec7711bc2	fix(agents): harden compaction and reset safety Co-authored-by: jaden-clovervnd <91520439+jaden-clovervnd@users.noreply.github.com> Co-authored-by: Sid <201593046+Sid-Qin@users.noreply.github.com> Co-authored-by: Marcus Widing <245375637+widingmarcus-cyber@users.noreply.github.com>	2026-02-26 17:41:24 +01:00
joshavant	bde9cbb058	docs(secrets): align provider model and add exec resolver coverage	2026-02-26 14:47:22 +00:00
joshavant	c0a3801086	Docs: document secrets refs runtime and migration	2026-02-26 14:47:22 +00:00
Peter Steinberger	eb73e87f18	fix(session): prevent silent overflow on parent thread forks (#26912 ) Lands #26912 from @markshields-tl with configurable session.parentForkMaxTokens and docs/tests/changelog updates. Co-authored-by: Mark Shields <239231357+markshields-tl@users.noreply.github.com>	2026-02-25 23:54:02 +00:00
Peter Steinberger	eb4a93a8db	refactor(sandbox): share container-path utils and tighten fs bridge tests	2026-02-25 01:59:53 +00:00

1 2 3 4 5 ...

265 Commits