nyrn
/
openclaw
mirror of https://github.com/openclaw/openclaw.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
13,276 Commits 757 Branches 79 Tags 4.7 GiB
Commit Graph

13276 Commits

Author SHA1 Message Date
Marcus Widing fa4e4efd92
fix(gateway): restore localhost Control UI pairing when allowInsecureAuth is set (#22996) 
* fix(gateway): allow localhost Control UI without device identity when allowInsecureAuth is set

* fix(gateway): pass isLocalClient to evaluateMissingDeviceIdentity

* test: add regression tests for localhost Control UI pairing

* fix(gateway): require pairing for legacy metadata upgrades

* test(gateway): fix legacy metadata e2e ws typing

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
 2026-02-22 00:04:52 +01:00
Peter Steinberger bfe016fa29 fix: clear stale remote discovery endpoints (#21618) (thanks @bmendonca3) 2026-02-22 00:04:36 +01:00
Peter Steinberger 37d5320f6b test: tighten canvas host websocket watchdog timeouts 2026-02-21 23:02:44 +00:00
Peter Steinberger 5164822cd5 test: table-drive status reactions and session key cases 2026-02-21 23:02:44 +00:00
Peter Steinberger 389630fc64 test: table-drive internal hook type-guard cases 2026-02-21 23:02:44 +00:00
Peter Steinberger 4a2ff03f49 test: dedupe channel/web cases and tighten gateway e2e waits 2026-02-21 23:02:44 +00:00
Peter Steinberger c708a18b0f test: table-drive utils and channel-match cases 2026-02-21 23:02:44 +00:00
Peter Steinberger 1b0e021e91 test(telegram): table-drive pairing DM scenarios 2026-02-21 23:02:44 +00:00
Peter Steinberger f3d4045c03 test: matrix owner and timezone system-prompt cases 2026-02-21 23:02:44 +00:00
Peter Steinberger 0e39371dc4 test: dedupe command gating coverage tables 2026-02-21 23:02:44 +00:00
Peter Steinberger b2de8719ad test(gateway): normalize canvas ws watchdog timeouts 2026-02-21 23:02:44 +00:00
Peter Steinberger 7731f28a24 test(ui): matrix chat indicator rendering cases 2026-02-21 23:02:44 +00:00
Peter Steinberger 5fd1d2cadc test(ui): collapse session key/display name fixtures 2026-02-21 23:02:44 +00:00
Peter Steinberger 81a85c19ff test(gateway): tighten e2e timeouts and dedupe invoke checks 2026-02-21 23:02:44 +00:00
Peter Steinberger 1baac3e31d test(ui): consolidate navigation/scroll/format matrices 2026-02-21 23:02:44 +00:00
Peter Steinberger 0bd9f0d4ac
fix: enforce strict allowlist across pairing stores (#23017) 2026-02-22 00:00:23 +01:00
Brian Mendonca 617e38cec0 Security/macos: enforce wss for non-loopback direct gateway 2026-02-21 23:57:34 +01:00
Brian Mendonca 8942ac04a8 fix(security): fail closed on unauthenticated discovery routing 2026-02-21 23:57:34 +01:00
Brian Mendonca 21087c5c70 test: fix rebase-introduced tsgo regressions 2026-02-21 23:57:34 +01:00
Brian Mendonca 1357e02cff test: stabilize internal hook error assertions 2026-02-21 23:57:34 +01:00
Brian Mendonca 69cedc7a15 test: make brew fallback assertion windows-safe 2026-02-21 23:57:34 +01:00
Brian Mendonca 6c813bd32b test: avoid asserting auth.json absence for invalid profile creds 2026-02-21 23:57:34 +01:00
Brian Mendonca 4414af977a test: guard inline keyboard fixture against undefined input 2026-02-21 23:57:34 +01:00
Brian Mendonca a186036814 test: fix latest tsgo inference regressions in test suites 2026-02-21 23:57:34 +01:00
Brian Mendonca d12817994f test: stabilize model catalog and auth-sync assertions across runtimes 2026-02-21 23:57:34 +01:00
Brian Mendonca 60c735dd98 test: normalize outbound payload fixture typing 2026-02-21 23:57:34 +01:00
Brian Mendonca 828f4e18e0 test: finish readonly fixture compatibility for CI check 2026-02-21 23:57:34 +01:00
Brian Mendonca c7c047287e test: fix readonly typing regressions in check baseline 2026-02-21 23:57:34 +01:00
Gustavo Madeira Santana 0e1aa77928 chore(tsgo/format): fix CI errors 2026-02-21 17:51:56 -05:00
bmendonca3 6ac89757ba
Security/Gateway: harden Control UI static path containment (#21203) 
* Security/Gateway: harden Control UI static path containment

* gateway: block control-ui symlink escapes

* CI: retrigger flaky node test lane

---------

Co-authored-by: Brian Mendonca <brianmendonca@Brians-MacBook-Air.local>
 2026-02-21 23:47:51 +01:00
Peter Steinberger 71bd15bb42 fix(ssrf): block special-use ipv4 ranges 2026-02-21 23:45:49 +01:00
Gustavo Madeira Santana 2f46308d5a
refactor(logging): migrate non-agent internal console calls to subsystem logger (#22964) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: b4a5b12422
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-02-21 17:44:00 -05:00
Peter Steinberger 4ef4aa3c10 refactor(gateway): streamline control-ui secure file serving 2026-02-21 23:36:55 +01:00
Peter Steinberger 0608587bc3 test: streamline config, audit, and qmd coverage 2026-02-21 22:23:43 +00:00
Peter Steinberger a9227f571b test: dedupe telegram formatting and send cases 2026-02-21 22:23:43 +00:00
Peter Steinberger 21b0eac917 test: consolidate infra approval and heartbeat test matrices 2026-02-21 22:23:43 +00:00
Gustavo Madeira Santana 738e2c21dd chore(tests): properly check logging in tests 2026-02-21 17:21:48 -05:00
Peter Steinberger dea154ccae docs(changelog): add control-ui symlink hardening entry 2026-02-21 23:19:35 +01:00
Peter Steinberger b34097f62d fix(security): enforce msteams redirect allowlist checks 2026-02-21 23:18:48 +01:00
Peter Steinberger 1bc5c2a7e9 refactor: unify exec shell parser parity and gateway websocket test helpers 2026-02-21 23:17:12 +01:00
Harry Cui Kepler ffa63173e0
refactor(agents): migrate console.warn/error/info to subsystem logger (#22906) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: a806c4cb27
Co-authored-by: Kepler2024 <166882517+Kepler2024@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-02-21 17:11:47 -05:00
Peter Steinberger 1257aee6e1 docs(agents): note ghsa severity cvss patch constraint 2026-02-21 23:10:55 +01:00
Peter Steinberger 7c500ff623 fix(security): harden control-ui static path resolution 2026-02-21 23:10:55 +01:00
Peter Steinberger 2028ca4428 fix(macos): unify exec allowlist validation pipeline 2026-02-21 23:09:07 +01:00
Peter Steinberger 61dc7ac679 refactor(msteams,bluebubbles): dedupe inbound media download helpers 2026-02-21 23:08:07 +01:00
Peter Steinberger 73d93dee64 fix: enforce inbound media max-bytes during remote fetch 2026-02-21 23:02:29 +01:00
Peter Steinberger dd41fadcaf fix(macos): enforce path-only exec allowlist patterns 2026-02-21 22:58:40 +01:00
Peter Steinberger 2712883d16 docs(changelog): clarify quoted substitution fix for macOS allowlist 2026-02-21 22:57:53 +01:00
Peter Steinberger 90a378ca3a fix(macos): block quoted shell substitution in allowlist checks 2026-02-21 22:57:53 +01:00
Peter Steinberger 861718e4dc test: group remaining suite cleanups 2026-02-21 21:44:57 +00:00