29e41d4c0a
fix: land security audit severity + temp-path guard fixes ( #23428 ) (thanks @bmendonca3)
2026-02-22 11:26:17 +01:00
bf56196de3
fix: tighten feishu dedupe boundary ( #23377 ) (thanks @SidQin-cyber)
2026-02-22 11:13:40 +01:00
9e5e555ba3
fix(feishu): address dedup race condition, namespace isolation, and cache staleness
...
- Prefix memoryCache keys with namespace to prevent cross-account false
positives when different accounts receive the same message_id
- Add inflight tracking map to prevent TOCTOU race where concurrent
async calls for the same message both pass the check and both proceed
- Remove expired-entry deletion from has() to avoid silent cache/disk
divergence; actual cleanup happens probabilistically inside record()
- Add time-based cache invalidation (30s) to DedupStore.load() so
external writes are eventually picked up
- Refresh cacheLoadedAt after flush() so we don't immediately re-read
data we just wrote
Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-22 11:13:40 +01:00
9a8179fd59
feat(feishu): persistent message deduplication to prevent duplicate replies
...
Closes #23369
Feishu may redeliver the same message during WebSocket reconnects or process
restarts. The existing in-memory dedup map is lost on restart, so duplicates
slip through.
This adds a dual-layer dedup strategy:
- Memory cache (fast synchronous path, unchanged capacity)
- Filesystem store (~/.openclaw/feishu/dedup/) that survives restarts
TTL is extended from 30 min to 24 h. Disk writes use atomic rename and
probabilistic cleanup to keep each per-account file under 10 k entries.
Disk errors are caught and logged — message handling falls back to
memory-only behaviour so it is never blocked.
2026-02-22 11:13:40 +01:00
73804abcec
fix(feishu): avoid template tmpdir join in dedup state path ( #23398 )
2026-02-22 11:12:01 +01:00
59807efa31
refactor(plugin-sdk): unify channel dedupe primitives
2026-02-22 10:46:34 +01:00
0bd9f0d4ac
fix: enforce strict allowlist across pairing stores ( #23017 )
2026-02-22 00:00:23 +01:00
3d7ad1cfca
fix(security): centralize owner-only tool gating and scope maps
2026-02-19 15:29:23 +01:00
f4b288b8f7
refactor(feishu): dedupe mention regex escaping
2026-02-19 15:04:40 +01:00
7426848913
test(feishu): add mention regex injection regressions
2026-02-19 14:51:41 +01:00
7e67ab75cc
fix(feishu): escape regex metacharacters in stripBotMention
...
stripBotMention() passed mention.name and mention.key directly into
new RegExp() without escaping, allowing regex injection and ReDoS via
crafted Feishu mention metadata. extractMessageBody() in mention.ts
already escapes correctly — this applies the same pattern.
Ref: GHSA-c6hr-w26q-c636
2026-02-19 14:51:41 +01:00
0e85380e56
style: format files and fix safe-bins e2e typing
2026-02-19 14:26:12 +01:00
ec232a9e2d
refactor(security): harden temp-path handling for inbound media
2026-02-19 14:06:37 +01:00
aa267812d3
test(security): add webhook hardening regressions
2026-02-19 13:31:28 +01:00
a23e0d5140
fix(security): harden feishu and zalo webhook ingress
2026-02-19 13:31:27 +01:00
cdb00fe242
fix(feishu): isolate temp download writes in mkdtemp dirs
2026-02-19 11:05:04 +01:00
a7c0aa94d9
refactor(security): share safe temp media path builder ( #20810 )
...
Merged via /review-pr -> /prepare-pr -> /merge-pr.
Prepared head SHA: 7a088e6801
2026-02-19 09:59:21 +00:00
c821099157
Feishu: harden temp media download paths
2026-02-19 10:13:48 +01:00
b8b43175c5
style: align formatting with oxfmt 0.33
2026-02-18 01:34:35 +00:00
31f9be126c
style: run oxfmt and fix gate failures
2026-02-18 01:29:02 +00:00
7884d65687
test(feishu): cover post mentions for other users
2026-02-17 08:53:25 -05:00
d0cb8c19b2
chore: wtf.
2026-02-17 13:36:48 +09:00
ed11e93cf2
chore(format)
2026-02-16 23:20:16 -05:00
ca19745fa2
Revert "channels: migrate extension account listing to factory"
...
This reverts commit d24340d75b
2026-02-16 23:17:13 -05:00
d3a36cc3b0
chore: Fix remaining extension test types, enable type checking for extension tests.
2026-02-17 10:14:01 +09:00
90ef2d6bdf
chore: Update formatting.
2026-02-17 09:18:40 +09:00
86517b8e30
feat(feishu): add bitable create app and create field tools
2026-02-17 00:02:00 +01:00
eed806ce58
f
2026-02-16 23:59:41 +01:00
a42ccb9c1d
f
2026-02-16 23:59:41 +01:00
c315246971
fix(feishu): fix mention detection for post messages with embedded docs
...
Parse "at" elements from post content when message.mentions is empty to
detect bot mentions in rich text messages containing documents.
2026-02-16 23:59:41 +01:00
d24340d75b
channels: migrate extension account listing to factory
2026-02-16 23:53:19 +01:00
544ffbcf7b
refactor(extensions): dedupe connector helper usage
2026-02-16 14:59:30 +00:00
342e9cac03
refactor(status): reuse plugin-sdk status helpers
2026-02-15 19:37:40 +00:00
bdfa2b490b
refactor(media): reuse buildAgentMediaPayload
2026-02-15 19:37:40 +00:00
c6b3736fe7
fix: dedupe probe/token base types ( #16986 ) (thanks @iyoda)
2026-02-15 11:36:54 -06:00
fef86e475b
refactor: dedupe shared helpers across ui/gateway/extensions
2026-02-15 03:34:14 +00:00
65aac6494a
refactor(feishu): share download buffer reader
2026-02-15 01:46:52 +00:00
5b4121d601
fix: harden Feishu media URL fetching ( #16285 ) (thanks @mbelinky)
...
Security fix for Feishu extension media fetching.
2026-02-14 16:42:35 +01:00
6543ce717c
perf(test): avoid plugin-sdk barrel imports
2026-02-14 12:42:19 +00:00
3a330e681b
fix(feishu): remove typing indicator on NO_REPLY cleanup (openclaw#15508) thanks @arosstale
...
Verified:
- pnpm build
- pnpm check
- pnpm test
Co-authored-by: arosstale <117890364+arosstale@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
2026-02-14 05:24:27 -06:00
a750a195e5
refactor(extensions): extract feishu dedup and mattermost onchar helpers
2026-02-13 19:08:37 +00:00
3cbcba10cf
fix(security): enforce bounded webhook body handling
2026-02-13 19:14:54 +01:00
daf13dbb06
fix: enforce feishu dm policy + pairing flow ( #14876 ) (thanks @coygeek)
2026-02-13 05:48:22 +01:00
f05553413d
fix(aa-01): apply security fix
...
Generated by staged fix workflow.
2026-02-13 05:48:22 +01:00
65be9ccf63
feat(feishu): add streaming card support via Card Kit API (openclaw#10379) thanks @xzq-xu
...
Verified:
- pnpm build
- pnpm check
- pnpm test
Co-authored-by: xzq-xu <53989315+xzq-xu@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
2026-02-12 20:19:27 -06:00
af172742a3
fix(feishu): use msg_type 'media' for video/audio messages ( #14648 )
...
Merged via /review-pr -> /prepare-pr -> /merge-pr.
Prepared head SHA: e8044cb208
2026-02-12 19:05:09 +01:00
cf6e8e18d2
fix: preserve top-level feishu doc block order (openclaw#13994) thanks @Cynosure159
...
Co-authored-by: Cynosure159 <29699738+Cynosure159@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
2026-02-11 22:53:40 -06:00
a028c0512c
fix: use resolved feishu account in status probe (openclaw#11233) thanks @onevcat
...
Co-authored-by: Wei Wang <1019875+onevcat@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
2026-02-11 22:53:40 -06:00
3d771afe79
fix: tighten feishu mention trigger matching (openclaw#11088) thanks @openperf
...
Co-authored-by: 王春跃 <80630709+openperf@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
2026-02-11 22:53:40 -06:00
8fdb2e64a7
fix: buffer upload path for feishu SDK (openclaw#10345) thanks @youngerstyle
...
Co-authored-by: zhiyi <7426274+youngerstyle@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
2026-02-11 22:53:40 -06:00
Peter Steinberger
SidQin-cyber
Peter Steinberger
Jamie
Mariano
Mariano Belinky
Sebastian
cpojer
gaowanqi08141999
popomore
yinghaosang
Shadow
Artale
Coy Geek
LeftX
0xRain
Tak Hoffman