nyrn
/
openclaw
mirror of https://github.com/openclaw/openclaw.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
openclaw/src
History
Alberto Leal 0bb81f7294 fix(media): allow os.tmpdir() paths in sandbox media source validation 
resolveSandboxedMediaSource() rejected all paths outside the sandbox
workspace root, including /tmp. This blocked sandboxed agents from
sending locally-generated temp files (e.g. images from Python scripts)
via messaging actions.

Add an os.tmpdir() prefix check before the strict sandbox containment
assertion, consistent with buildMediaLocalRoots() which already
includes os.tmpdir() in its default allowlist. Path traversal through
/tmp (e.g. /tmp/../etc/passwd) is prevented by path.resolve()
normalization before the prefix check.

Relates-to: #16382, #14174
 		2026-02-22 00:31:21 +01:00
..
acp refactor(test): remove duplicate cron tool harnesses 2026-02-21 12:25:23 +00:00
agents fix(media): allow os.tmpdir() paths in sandbox media source validation 2026-02-22 00:31:21 +01:00
auto-reply fix(test): repair readonly case table typing 2026-02-22 00:10:07 +01:00
browser test(browser): tighten relay test watchdog timeouts 2026-02-21 23:07:58 +00:00
canvas-host test: tighten canvas host websocket watchdog timeouts 2026-02-21 23:02:44 +00:00
channels test(actions): table-drive telegram and signal mappings 2026-02-21 23:28:06 +00:00
cli test(cli): table-drive repeated argv and byte-size checks 2026-02-21 23:28:07 +00:00
commands test: avoid asserting auth.json absence for invalid profile creds 2026-02-21 23:57:34 +01:00
compat
config test: dedupe repeated validation and throw assertions 2026-02-21 23:28:07 +00:00
cron test(cron): dedupe webhook patch validation cases 2026-02-21 23:28:07 +00:00
daemon test(daemon): dedupe schtasks install fixture and cover empty env omission 2026-02-21 21:40:39 +00:00
discord test(targets): table-drive slack and discord parse cases 2026-02-21 23:28:07 +00:00
docs
gateway test(gateway): table-drive runtime config validation matrix 2026-02-21 23:29:29 +00:00
hooks test: table-drive internal hook type-guard cases 2026-02-21 23:02:44 +00:00
imessage fix: enforce strict allowlist across pairing stores (#23017) 2026-02-22 00:00:23 +01:00
infra test(fetch): table-drive sync throw cleanup coverage 2026-02-21 23:28:07 +00:00
line fix: enforce strict allowlist across pairing stores (#23017) 2026-02-22 00:00:23 +01:00
link-understanding fix: block ISATAP SSRF bypass via shared host/ip guard 2026-02-19 09:59:47 +01:00
logging fix(ui): unblock docker onboarding build 2026-02-19 16:32:33 +01:00
macos refactor: unify restart gating and update availability sync 2026-02-19 10:00:41 +01:00
markdown test: dedupe channel and transport adapters 2026-02-21 21:44:01 +00:00
media test: optimize gateway infra memory and security coverage 2026-02-21 21:44:50 +00:00
media-understanding test: avoid template-literal temp path in runner fixture 2026-02-21 20:49:38 +01:00
memory chore(tsgo/format): fix CI errors 2026-02-21 17:51:56 -05:00
node-host refactor(test): standardize env helpers across suites 2026-02-21 19:13:46 +00:00
pairing test(pairing): dedupe fixture writers and expand store coverage 2026-02-21 21:40:39 +00:00
plugin-sdk fix: enforce strict allowlist across pairing stores (#23017) 2026-02-22 00:00:23 +01:00
plugins test: tighten plugin e2e matrix coverage 2026-02-21 21:44:50 +00:00
process test(gateway): tighten e2e timeouts and dedupe invoke checks 2026-02-21 23:02:44 +00:00
providers fix(oauth): harden refresh token refresh-response validation 2026-02-21 13:44:14 +01:00
routing test: optimize gateway infra memory and security coverage 2026-02-21 21:44:50 +00:00
scripts test(scripts): dedupe a2ui temp fixture and cover skip-missing env path 2026-02-21 21:40:39 +00:00
security test(security): simplify repeated audit finding assertions 2026-02-21 23:09:15 +00:00
sessions fix(auth/session): preserve override reset behavior and repair oauth profile-id drift (openclaw#18820) thanks @Glucksberg 2026-02-19 21:16:26 -06:00
shared test: optimize gateway infra memory and security coverage 2026-02-21 21:44:50 +00:00
signal fix: enforce strict allowlist across pairing stores (#23017) 2026-02-22 00:00:23 +01:00
slack test(targets): table-drive slack and discord parse cases 2026-02-21 23:28:07 +00:00
telegram fix(test): guard optional forum topic options 2026-02-22 00:10:07 +01:00
terminal
test-helpers refactor(test): reuse state-dir helper in telegram tests 2026-02-21 13:02:12 +00:00
test-utils refactor(test): stabilize case tables and readonly helper inputs 2026-02-22 00:10:07 +01:00
tts test: streamline auto-reply and tts suites 2026-02-21 21:44:01 +00:00
tui test(tui): cover gateway auth fallbacks and dedupe env setup 2026-02-21 19:13:47 +00:00
types chore(deadcode): add deadcode scanning and remove unused lockfile deps (#22468) 2026-02-21 01:29:20 -05:00
utils test: table-drive utils and channel-match cases 2026-02-21 23:02:44 +00:00
web test(web): table-drive SSRF and voice input rejection cases 2026-02-21 23:30:13 +00:00
whatsapp
wizard
channel-web.ts
docker-image-digests.test.ts fix(docker): pin base images to SHA256 digests (#7734) 2026-02-19 12:42:07 -08:00
docker-setup.test.ts fix(docker): harden docker-setup mount validation 2026-02-19 10:44:46 +01:00
dockerfile.test.ts
entry.ts
extensionAPI.ts
globals.ts
index.ts
logger.test.ts test: merge logger subsystem prefix drop cases 2026-02-19 08:49:52 +00:00
logger.ts
logging.ts
polls.test.ts
polls.ts
runtime.ts
utils.test.ts test(core): dedupe temp dirs in utils tests and cover lid lookup error fallback 2026-02-21 21:40:39 +00:00
utils.ts refactor: share plain object guard across config and utils 2026-02-19 14:27:36 +00:00
version.test.ts test(version): dedupe fixture setup and cover invalid URL/version metadata 2026-02-21 21:40:39 +00:00
version.ts