nyrn
/
openclaw
mirror of https://github.com/openclaw/openclaw.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
21,456 Commits 807 Branches 84 Tags 5.9 GiB
Commit Graph

21456 Commits

Author SHA1 Message Date
Peter Steinberger dda347eda3
refactor: dedupe synology config schema 2026-03-22 23:32:22 -07:00
Peter Steinberger c42cb1ca66
refactor: audit synology dangerous name matching 2026-03-22 23:32:22 -07:00
Peter Steinberger fb6454c543
refactor: narrow synology legacy name lookup 2026-03-22 23:32:21 -07:00
Peter Steinberger 677a821a2f
refactor: centralize synology dangerous name matching 2026-03-22 23:32:21 -07:00
Peter Steinberger ea800dd4ef
refactor: clarify synology delivery identity names 2026-03-22 23:32:21 -07:00
scoootscooob 6c1ea41472 Docs: refresh config baseline for Synology Chat 2026-03-22 23:32:03 -07:00
Peter Steinberger f3de580ca1 test: trim docker live auth mounts 2026-03-23 06:31:41 +00:00
Peter Steinberger 957fff443f fix: include .npmrc in onboard docker build 2026-03-23 06:27:58 +00:00
Peter Steinberger cef7d14861
refactor(exec): rename wrapper plans for trust semantics 2026-03-22 23:18:54 -07:00
Peter Steinberger 0b40ec38ab
refactor(exec): share wrapper trust planning 2026-03-22 23:18:54 -07:00
Peter Steinberger 6ba5595004
refactor(exec): make dispatch wrapper semantics spec-driven 2026-03-22 23:18:54 -07:00
Peter Steinberger c041f8587b
refactor(exec): split wrapper resolution modules 2026-03-22 23:18:54 -07:00
Peter Steinberger 97abc6db55
docs: clarify sessions_spawn ACP vs subagent policies 2026-03-22 23:08:06 -07:00
Peter Steinberger 7ade3553b7
fix: gate synology chat reply name matching 2026-03-22 23:06:38 -07:00
Peter Steinberger 55ad5d7bd7
fix(security): harden explicit-proxy SSRF pinning 2026-03-22 23:05:42 -07:00
Peter Steinberger f52eb934d6
fix(security): unify dispatch wrapper approval hardening 2026-03-22 23:01:49 -07:00
Peter Steinberger 72e58ca260
test(models): refresh example model fixtures 2026-03-22 23:00:18 -07:00
Peter Steinberger 4d50084c6e
fix(exec): escape invisible approval filler chars 2026-03-22 22:52:14 -07:00
Peter Steinberger 78175aeb0a
docs(agents): prefer current test model examples 2026-03-22 22:48:30 -07:00
Vincent Koc e1d4c38cee fix(runtime): skip peer resolution for bundled plugin deps 2026-03-22 22:47:46 -07:00
Peter Steinberger c036e4d176
fix: restrict remote marketplace plugin sources 2026-03-22 22:47:08 -07:00
Peter Steinberger 09faed6bd8
fix(gateway): gate internal command persistence mutations 2026-03-22 22:46:49 -07:00
Peter Steinberger 81445a9010
fix(media): bound remote error-body snippet reads 2026-03-22 22:43:42 -07:00
Vincent Koc fd5555d5be fix(runtime): make dist-runtime staging idempotent 2026-03-22 22:41:27 -07:00
Peter Steinberger 5822892fee docs: refresh plugin-sdk api baseline 2026-03-23 05:35:51 +00:00
Peter Steinberger c82fc9a0fd
docs(changelog): note time exec approval fix 2026-03-22 22:32:02 -07:00
Peter Steinberger a55f371cc5 fix(ci): skip docs-only preflight pnpm audit 2026-03-23 05:29:27 +00:00
Vincent Koc be3a2e2eb6 fix(plugin-sdk): fall back to src root alias files 2026-03-22 22:26:18 -07:00
Peter Steinberger 39409b6a6d
fix(security): unwrap time dispatch wrappers 2026-03-22 22:25:57 -07:00
Peter Steinberger af9de86286 perf: trim vitest hot imports and refresh manifests 2026-03-23 05:25:05 +00:00
Peter Steinberger 7fcbf383d8
fix(ci): write dist build stamp after builds 2026-03-22 22:23:25 -07:00
Peter Steinberger ea579ef858
fix(gateway): preserve async hook ingress provenance 2026-03-22 22:21:49 -07:00
Peter Steinberger c5a941a506
refactor!: remove moltbot state-dir migration fallback 2026-03-22 22:19:35 -07:00
Peter Steinberger 6b9915a106
refactor!: drop legacy CLAWDBOT env compatibility 2026-03-22 22:13:39 -07:00
oliviareid-svg 5ff60cc39f
fix(build): add stable memory-cli dist entry (#51759) 
Co-authored-by: oliviareid-svg <269669958+oliviareid-svg@users.noreply.github.com>
Co-authored-by: Frank <vibespecs@gmail.com>
 2026-03-23 13:11:06 +08:00
Vincent Koc 91f2c92960 docs(tools): soften DDG wording (scrapes -> pulls/gathers) 2026-03-22 22:10:56 -07:00
Rick_Xu 2fe1ff8ea8
Usage: include reset and deleted session archives (#43215) 
Merged via squash.

Prepared head SHA: 49ed6c2fa3
Co-authored-by: rcrick <23069968+rcrick@users.noreply.github.com>
Co-authored-by: frankekn <4488090+frankekn@users.noreply.github.com>
Reviewed-by: @frankekn
 2026-03-23 13:10:26 +08:00
Peter Steinberger 30ed4342b3
fix(agents): deny local MEDIA paths for MCP results 2026-03-22 22:10:13 -07:00
Vincent Koc 5730865f08 docs(tools): update DuckDuckGo Search for landed plugin code 
- Mark as experimental (not just unofficial)
- Add region and safeSearch tool parameters (from DDG schema)
- Add plugin config example for region/safeSearch defaults
- Document auto-detection order (100 = last)
- Note SafeSearch defaults to moderate
- Verified against extensions/duckduckgo/src/
 2026-03-22 22:09:47 -07:00
Vincent Koc d43e26e399 fix(web-search): mark DuckDuckGo experimental 2026-03-22 22:07:53 -07:00
Peter Steinberger 8791aaae2b
refactor: extract gateway install token helpers 2026-03-22 22:05:56 -07:00
Peter Steinberger c15282062f
refactor: split durable service env helpers 2026-03-22 22:05:56 -07:00
Vincent Koc c6ca11e5a5
feat(web-search): add DuckDuckGo bundled plugin (#52629) 
* feat(web-search): add DuckDuckGo bundled plugin

* chore(changelog): restore main changelog

* fix(web-search): harden DuckDuckGo challenge detection
 2026-03-22 22:05:33 -07:00
Peter Steinberger 827c441902 fix(test): isolate flaky extension lanes 2026-03-23 05:02:07 +00:00
Peter Steinberger dc6c22b812 fix: narrow exec exit failure kind typing 2026-03-23 04:58:46 +00:00
Kevin ONeill dd860e76aa fix: normalize env var keys and isolate tests from real .env 
- Apply normalizeEnvVarKey({ portable: true }) before security
  filtering, matching the established pattern in env-vars.ts.
  Rejects non-portable key names (spaces, special chars) that
  would produce invalid plist/systemd syntax.

- Isolate existing tests from the developer's real ~/.openclaw/.env
  by providing a temp HOME directory, preventing flaky failures
  when the test machine has a populated .env file.
 2026-03-22 21:55:58 -07:00
Kevin ONeill 77ec7b4adf fix: include .env file vars in gateway service environment on install 
When building the gateway install plan, read and parse
~/.openclaw/.env (or $OPENCLAW_STATE_DIR/.env) and merge those
key-value pairs into the service environment at the lowest
priority — below config env vars, auth-profile refs, and the
core service environment (HOME, PATH, OPENCLAW_*).

This ensures that user-defined secrets stored in .env (e.g.
BRAVE_API_KEY, OPENROUTER_API_KEY, DISCORD_BOT_TOKEN) are
embedded in the LaunchAgent plist (macOS), systemd unit (Linux),
and Scheduled Task (Windows) at install time, rather than
relying solely on the gateway process loading them via
dotenv.config() at startup.

Previously, on macOS the LaunchAgent plist never included .env
vars, which meant:
- launchctl print did not show user secrets (hard to debug)
- Child processes spawned before dotenv loaded had no access
- If the same key existed in both .env and the plist, the stale
  plist value won via dotenv override:false semantics

Dangerous host env vars (NODE_OPTIONS, LD_PRELOAD, etc.) are
filtered using the same security policy applied to config env
vars.

Fixes #37101
Relates to #22663
 2026-03-22 21:55:58 -07:00
Vincent Koc 3afb6a2b95 fix(exec): accept runtime failure kind in formatter 2026-03-22 21:54:02 -07:00
Vincent Koc 8a59b09fc8 refactor(ci): collapse fast setup jobs into preflight 2026-03-22 21:52:19 -07:00
Peter Steinberger 97e4f37171 fix: keep status --json stdout clean (#52449) (thanks @cgdusek) 2026-03-22 21:51:08 -07:00