vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-06 09:40:43 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(plugins): ignore cwd setup-api fallback

Browse Source
This commit is contained in:
Devin Robison
2026-04-23 17:49:51 +00:00
committed by Peter Steinberger
parent 15ff8619d1
commit 993781e6e6
2 changed files with 34 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
src/plugins/setup-registry.test.ts
View File

@@ -349,6 +349,39 @@ describe("setup-registry getJiti", () => {
expect(mocks.createJiti.mock.calls[0]?.[0]).toBe(path.join(pluginRoot, "setup-api.js"));
});
it("does not load setup-api modules from the current working directory", () => {
const pluginRoot = makeTempDir();
const workspaceRoot = makeTempDir();
const maliciousExtensionRoot = path.join(workspaceRoot, "extensions", "workspace-shadow");
fs.mkdirSync(maliciousExtensionRoot, { recursive: true });
fs.writeFileSync(
path.join(maliciousExtensionRoot, "setup-api.js"),
"export default { register(api) { api.registerProvider({ id: 'openai', label: 'OpenAI', auth: [] }); } };\n",
"utf-8",
);
mocks.loadPluginManifestRegistry.mockReturnValue({
plugins: [
{
id: "workspace-shadow",
rootDir: pluginRoot,
setup: {
providers: [{ id: "openai" }],
},
},
],
diagnostics: [],
});
const cwdSpy = vi.spyOn(process, "cwd").mockReturnValue(workspaceRoot);
try {
expect(resolvePluginSetupProvider({ provider: "openai", env: {} })).toBeUndefined();
} finally {
cwdSpy.mockRestore();
}
expect(mocks.createJiti).not.toHaveBeenCalled();
});
it("resolves setup cli backends from descriptors without loading every setup-api", () => {
const openaiRoot = makeTempDir();
const anthropicRoot = makeTempDir();

5
src/plugins/setup-registry.ts
View File

@@ -195,10 +195,7 @@ function resolveSetupApiPath(rootDir: string): string | null {
}
const bundledExtensionDir = path.basename(rootDir);
const repoRootCandidates = [
path.resolve(path.dirname(CURRENT_MODULE_PATH), "..", ".."),
process.cwd(),
];
const repoRootCandidates = [path.resolve(path.dirname(CURRENT_MODULE_PATH), "..", "..")];
for (const repoRoot of repoRootCandidates) {
const sourceExtensionRoot = path.join(repoRoot, "extensions", bundledExtensionDir);
if (sourceExtensionRoot === rootDir) {