nyrn
/
openclaw
mirror of https://github.com/openclaw/openclaw.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
14,900 Commits 787 Branches 80 Tags 5.3 GiB
Commit Graph

9435 Commits

Author SHA1 Message Date
Gustavo Madeira Santana f08fe02a1b
Onboarding: support plugin-owned interactive channel flows (#27191) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 53872cf8e7
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-02-26 01:14:57 -05:00
Gustavo Madeira Santana 39a1c13635 chore(ci): fix cross-platform symlink path assertions in agents file tests 2026-02-26 00:39:18 -05:00
Gustavo Madeira Santana 91a3f0a3fe pairing: enforce strict account-scoped state 2026-02-26 00:31:24 -05:00
Gustavo Madeira Santana d9b19e5970
plugin-sdk: export shared timezone formatting helpers (#27196) 2026-02-26 00:00:00 -05:00
Gustavo Madeira Santana cf8d01bc5a pairing: isolate account-scoped allowlist and pending requests 2026-02-25 23:48:43 -05:00
Peter Steinberger 35976da7a0 fix: harden Docker/GCP onboarding flow (#26253) (thanks @pandego) 2026-02-26 04:46:18 +00:00
Peter Steinberger 04870a5528 test(session): make fork parent path assertion cross-platform 2026-02-26 05:12:51 +01:00
Ayaan Zaidi 470c606dac refactor(telegram): remove dmPolicy from group allow context helper 2026-02-26 09:21:54 +05:30
bmendonca3 c7352f6b3f security(telegram): fail closed group allowlist against DM pairing store 2026-02-26 09:21:54 +05:30
Peter Steinberger e915b4c64a refactor: unify monitor abort lifecycle handling 2026-02-26 04:36:25 +01:00
Peter Steinberger 02c731826a test(discord): fix monitor test typings 2026-02-26 04:35:49 +01:00
Peter Steinberger e35fe7888b refactor: centralize message-provider tool filtering 2026-02-26 04:22:49 +01:00
Theo Tarr 7af6849c2f Discord: handle early gateway startup errors 2026-02-26 03:22:02 +00:00
Peter Steinberger e4d62c21be test: expand voice provider tts regression coverage 2026-02-26 04:15:11 +01:00
Peter Steinberger f789f880c9 fix(security): harden approval-bound node exec cwd handling 2026-02-26 04:14:11 +01:00
Peter Steinberger 8f8e2b13b4 fix: disable tts tool for voice provider 2026-02-26 04:12:39 +01:00
Peter Steinberger 8a97803474 fix(agents): normalize malformed tool results in adapter (#27007) 2026-02-26 04:11:44 +01:00
Peter Steinberger b37dc42240 fix(cron): suppress fallback summary after attempted announce delivery 2026-02-26 03:09:14 +00:00
Peter Steinberger e16e8f5af2 refactor(slack): share system-event ingress and test harness 2026-02-26 04:01:33 +01:00
Peter Steinberger de61e9c977 refactor(security): unify path alias guard policies 2026-02-26 03:59:17 +01:00
Peter Steinberger 8a006a3260 feat(heartbeat): add directPolicy and restore default direct delivery 2026-02-26 03:57:03 +01:00
Harold Hunt ee594e2fdb
fix(telegram): webhook hang - tests and fix (openclaw#26933) thanks @huntharo 
Verified:
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: huntharo <5617868+huntharo@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-25 20:56:53 -06:00
Peter Steinberger 1e7ec8bfd2 fix(routing): preserve explicit cron account and bound message defaults 
Co-authored-by: lbo728 <72309817+lbo728@users.noreply.github.com>
Co-authored-by: stakeswky <64798754+stakeswky@users.noreply.github.com>
 2026-02-26 02:56:03 +00:00
Peter Steinberger 92eb3dfc9d refactor(security): unify exec approval request matching 2026-02-26 03:54:37 +01:00
Peter Steinberger 75dfb71e4e fix(slack): gate pin/reaction system events by sender auth 2026-02-26 03:48:58 +01:00
Peter Steinberger 61b3246a7f fix(ssrf): unify ipv6 special-use blocking 2026-02-26 03:43:42 +01:00
Peter Steinberger 04d91d0319 fix(security): block workspace hardlink alias escapes 2026-02-26 03:42:54 +01:00
Peter Steinberger 53fcfdf794 fix(telegram): preserve finalized previews on mixed text+voice turns 2026-02-26 03:42:47 +01:00
Peter Steinberger 03e689fc89 fix(security): bind system.run approvals to argv identity 2026-02-26 03:41:31 +01:00
Peter Steinberger baf656bc6f fix: block IPv6 multicast SSRF bypass 2026-02-26 03:35:10 +01:00
Peter Steinberger b786d11fea refactor(telegram): simplify polling restart flow 2026-02-26 03:33:20 +01:00
Peter Steinberger 069bbf9741 fix(slack): land #26878 allowlist channel ID case-insensitive match (thanks @lbo728) 
Land contributor PR #26878 from @lbo728; include changelog credit and regression tests.

Co-authored-by: lbo728 <extreme0728@gmail.com>
 2026-02-26 02:21:02 +00:00
Peter Steinberger b8bb8ab3ca docs: clarify personal-by-default onboarding security notice 2026-02-26 02:59:34 +01:00
Peter Steinberger 1f004e6640 refactor(tmp): simplify trusted tmp dir state checks 2026-02-26 02:46:53 +01:00
Ramez acbb93be48
fix(agents): comprehensive quota fallback fixes - session overrides + surgical cooldown logic (#23816) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: e6f2b4742b
Co-authored-by: ramezgaberiel <844893+ramezgaberiel@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-02-25 20:35:40 -05:00
Peter Steinberger 0cc3e8137c refactor(gateway): centralize trusted-proxy control-ui bypass policy 2026-02-26 02:26:52 +01:00
sten moocow 95c6b3a912 fix(telegram): recover polling after prolonged network outages 
When grammY's runner exceeds maxRetryTime during a network outage,
runner.task() resolves cleanly. Previously, the polling loop treated
this as an intentional stop and exited permanently — killing Telegram
polling for the lifetime of the gateway process.

Now the outer loop detects this case and restarts with exponential
backoff, so polling recovers once connectivity is restored.

Also bumps maxRetryTime from 5 minutes to 60 minutes so the runner
itself survives longer outages (e.g. scheduled internet downtime)
without needing the outer loop restart path.
 2026-02-26 01:25:02 +00:00
Peter Steinberger ce8c67c314 fix(slack): gate interactive system events by sender auth 2026-02-26 02:11:50 +01:00
Peter Steinberger 8c701ba1ff test(gateway): add hooks bind-host hardening coverage 2026-02-26 00:54:39 +00:00
Peter Steinberger ec45c317f5 fix(gateway): block trusted-proxy control-ui node bypass 2026-02-26 01:54:19 +01:00
codexGW 6fb082e131
fix(typing): call markDispatchIdle in followup runner to prevent stuck indicator (#26881) 
The followup runner (used for queued messages, inter-agent sends,
heartbeat followups, etc.) only called typing.markRunComplete() in
its finally block.  The typing controller requires BOTH markRunComplete
AND markDispatchIdle to trigger cleanup — but markDispatchIdle was
only wired through the buffered dispatcher path, which followup turns
bypass entirely.

This caused the typing indicator to persist indefinitely on channels
like Telegram when the agent replied with NO_REPLY or produced empty
payloads, because the keepalive loop was never stopped.

Adds markDispatchIdle() alongside markRunComplete() in the followup
runner's finally block, and four test cases covering NO_REPLY, empty
payloads, agent errors, and successful delivery.

Complements #26295 which addressed the channel-level callback layer.

Fixes #26595

Co-authored-by: Samantha <samantha@Samanthas-Mac-mini.local>
 2026-02-26 00:53:38 +00:00
Peter Steinberger 70e31c6f68 fix(gateway): harden hooks URL parsing (#26864) 2026-02-26 00:47:35 +00:00
Aleksandrs Tihenko c0026274d9
fix(auth): distinguish revoked API keys from transient auth errors (#25754) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 8f9c07a200
Co-authored-by: rrenamed <87486610+rrenamed@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-02-25 19:47:16 -05:00
Peter Steinberger f312222159 test: preserve config exports in agent handler mock 2026-02-26 00:42:51 +00:00
Peter Steinberger aaeed3c4ea test(agents): add missing announce delivery regressions 2026-02-26 00:38:34 +00:00
Peter Steinberger 20c2db2103 refactor(gateway): split browser auth hardening paths 2026-02-26 01:37:00 +01:00
Peter Steinberger 8f8e46d898 refactor: unify reaction ingress policy guards across channels 2026-02-26 01:34:47 +01:00
Peter Steinberger 4258a3307f refactor(agents): unify subagent announce delivery pipeline 
Co-authored-by: Smith Labs <SmithLabsLLC@users.noreply.github.com>
Co-authored-by: Do Cao Hieu <docaohieu2808@users.noreply.github.com>
 2026-02-26 00:30:44 +00:00
Peter Steinberger aedf62ac7e fix: harden discord and slack reaction ingress authorization 2026-02-26 01:26:47 +01:00
Peter Steinberger c736f11a16 fix(gateway): harden browser websocket auth chain 2026-02-26 01:22:49 +01:00