nyrn
/
openclaw
mirror of https://github.com/openclaw/openclaw.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
14,498 Commits 712 Branches 79 Tags 2.1 GiB
Commit Graph

3448 Commits

Author SHA1 Message Date
Peter Steinberger d427d09b5e fix: align reasoning payload typing for #24991 (thanks @stakeswky) 2026-02-24 04:34:49 +00:00
Peter Steinberger 8c5cf2d5b2 docs(subagents): document default runTimeoutSeconds config (#24594) (thanks @mitchmcalister) 2026-02-24 04:22:43 +00:00
damaozi c6bb7b0c04 fix(whatsapp): groupAllowFrom sender filter bypassed when groupPolicy is allowlist (#24670) 
(cherry picked from commit af06ebd9a6)
 2026-02-24 04:20:30 +00:00
Peter Steinberger ffc22778f3 fix(subagents): prune orphaned restored runs + status wording (#24244) (thanks @HeMuling) 2026-02-24 04:17:56 +00:00
Peter Steinberger cd3927ad67 fix(sessions): preserve allow-any subagent model overrides (#21088) (thanks @Slats24) 2026-02-24 04:16:32 +00:00
Peter Steinberger 1237516ae8 fix(chrome-extension): finalize relay endpoint validation flow (#22252) (thanks @krizpoon) 2026-02-24 04:16:08 +00:00
Peter Steinberger 004a61056c docs(changelog): note relay nav auto-reattach fix (#19766) (thanks @nishantkabra77) 2026-02-24 04:11:13 +00:00
Peter Steinberger 113545f005 docs(changelog): note browser control startup import fix (#23974) (thanks @ieaves) 2026-02-24 04:06:03 +00:00
Peter Steinberger aea28e26fb fix(auto-reply): expand standalone stop phrases 2026-02-24 04:02:43 +00:00
Peter Steinberger a388fbb6c3 fix: harden custom-provider verification probes (#24743) (thanks @Glucksberg) 2026-02-24 03:56:30 +00:00
Peter Steinberger ebde897bb8 fix: add dmScope route guard regression tests (#24949) (thanks @kevinWangSheng) 2026-02-24 03:55:29 +00:00
Peter Steinberger de0e01259a fix: expand openrouter thinking-off regression coverage (#24863) (thanks @DevSecTim) 2026-02-24 03:54:29 +00:00
Peter Steinberger 69a541c3f0 fix: sanitize pairing recovery requestId hints (#24771) (thanks @markmusson) 2026-02-24 03:53:45 +00:00
Peter Steinberger a216f2dabe fix: extend discord thread parent fallback coverage (#24897) (thanks @z-x-yang) 2026-02-24 03:52:43 +00:00
Peter Steinberger fd24b35449 fix: cover startup locale hydration path (#24795) (thanks @chilu18) 2026-02-24 03:51:58 +00:00
Peter Steinberger 7a42558a3e fix: harden legacy plugin schema compatibility tests (#24933) (thanks @pandego) 2026-02-24 03:50:53 +00:00
Peter Steinberger dd145f1346 fix: suppress sessions_send warning leakage coverage (#24740) (thanks @Glucksberg) 2026-02-24 03:49:52 +00:00
Peter Steinberger 9cc7450edf docs(changelog): add missing unreleased fixes and reorder 2026-02-24 03:48:49 +00:00
Peter Steinberger b5881d9ef4 fix: avoid WhatsApp silent turns with final-only delivery (#24962) (thanks @SidQin-cyber) 2026-02-24 03:47:20 +00:00
Peter Steinberger 3a653082d8 fix(config): align whatsapp enabled schema with auto-enable 2026-02-24 03:39:41 +00:00
Peter Steinberger 0bdcca2f35 test(whatsapp): add log redaction coverage 2026-02-24 03:34:31 +00:00
Peter Steinberger 3af9d1f8e9 fix: scope Telegram RFC2544 SSRF exception to policy opt-in (#24982) (thanks @stakeswky) 2026-02-24 03:28:00 +00:00
Peter Steinberger 7b2b86c60a fix(exec): add approval race changelog and regressions 2026-02-24 03:22:05 +00:00
Peter Steinberger c6c1e3e7cf docs(changelog): correct exec approvals reporter credit 2026-02-24 03:13:48 +00:00
Peter Steinberger ffd63b7a2c fix(security): trust resolved skill-bin paths in allowlist auto-allow 2026-02-24 03:12:43 +00:00
Peter Steinberger a67689a7e3 fix: harden allow-always shell multiplexer wrapper handling 2026-02-24 03:06:51 +00:00
Peter Steinberger 4a3f8438e5 fix(gateway): bind node exec approvals to nodeId 2026-02-24 03:05:58 +00:00
Peter Steinberger c5ac90ab92 docs(changelog): add shell-env fallback hardening note 2026-02-24 03:04:49 +00:00
Peter Steinberger d0ef4c75c7 docs(changelog): credit safeBins advisory reporters 2026-02-24 02:59:17 +00:00
Peter Steinberger 90383e00e9 fix(security): harden autoAllowSkills exec matching 2026-02-24 02:53:47 +00:00
Peter Steinberger e578521ef4 fix(security): harden session export image data-url handling 2026-02-24 02:53:39 +00:00
Peter Steinberger ff4e6ca0d9 fix(ios): gate agent deep links with local confirmation 2026-02-24 02:51:58 +00:00
Peter Steinberger f8524ec77a fix(security): harden exported session html rendering 2026-02-24 02:40:29 +00:00
Peter Steinberger 1d28da55a5 fix(voice-call): block Twilio webhook replay and stale transitions 2026-02-24 02:37:24 +00:00
Peter Steinberger 3f923e8313 test: add env -S allowlist bypass regressions 2026-02-24 02:28:00 +00:00
Peter Steinberger 6634030be3 fix: enforce apply_patch workspaceOnly in sandbox mounts 2026-02-24 02:23:56 +00:00
Peter Steinberger dd9d9c1c60 fix(security): enforce workspaceOnly for sandbox image tool 2026-02-24 02:17:55 +00:00
Gustavo Madeira Santana 5239b55c0a
Config: expand Kilo catalog and persist selected Kilo models (#24921) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: f5a7e1a385
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-02-23 21:17:37 -05:00
Peter Steinberger 08e2aa44e7 fix(commands): restrict commands.allowFrom to sender principals 2026-02-24 02:01:01 +00:00
Peter Steinberger 223d7dc23d feat(gateway)!: require explicit non-loopback control-ui origins 2026-02-24 01:57:11 +00:00
Peter Steinberger edfefdff7d docs(changelog): mark ACP hardening as next npm release 2026-02-24 01:56:22 +00:00
Peter Steinberger a1c4bf07c6 fix(security): harden exec wrapper allowlist execution parity 2026-02-24 01:52:17 +00:00
Peter Steinberger 5eb72ab769 fix(security): harden browser SSRF defaults and migrate legacy key 2026-02-24 01:52:01 +00:00
Peter Steinberger 1f81677093 docs(changelog): note dangerous name-matching audit unification 2026-02-24 01:33:08 +00:00
Peter Steinberger 2e36bdda85 docs(changelog): credit ACP security reporter 2026-02-24 01:19:03 +00:00
Peter Steinberger f97c0922e1 fix(security): harden account-key handling against prototype pollution 2026-02-24 01:09:31 +00:00
Peter Steinberger 12cc754332 fix(acp): harden permission auto-approval policy 2026-02-24 01:03:30 +00:00
Vincent Koc 30c622554f
Providers: disable developer role for DashScope-compatible endpoints (#24675) 
* Agents: disable developer role for DashScope-compatible endpoints

* Agents: test DashScope developer-role compatibility

* Gateway: test allowlisted sessions.patch model selection

* Changelog: add DashScope role-compat fix note
 2026-02-23 19:51:16 -05:00
Peter Steinberger f0c3c8b6a3 fix(config): redact dynamic catchall secret keys 2026-02-24 00:21:29 +00:00
Peter Steinberger 25f6fcc63a docs(changelog): note safeBins exec hardening 2026-02-23 23:58:58 +00:00