vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-03-12 15:30:39 +00:00
Code Issues Packages Projects Releases Wiki Activity
17,664 Commits 682 Branches 76 Tags
dependabot/github_actions/actions/setup-python-6
Commit Graph

31 Commits

Author SHA1 Message Date
Vincent Koc
a19a7f5e6e feat(security): Harden Docker browser container chromium flags (#23889) (#31504) 
* Gateway: honor OPENCLAW_GATEWAY_URL override for remote/local calls

* Agents: fix sandbox sessionKey usage for PI embedded subagent calls

* Sandbox: tighten browser container Chromium runtime flags

* fix: add sandbox browser defaults for container hardening

* docs: expand sandbox browser default flags list

* fix: make sandbox browser flags optional and preserve gateway env auth overrides

* docs: scope PR 31504 changelog entry

* style: format gateway call override handling

* fix: dedupe sandbox browser chrome args

* fix: preserve remote tls fingerprint for env gateway override

* fix: enforce auth for env gateway URL override

* chore: document gateway override auth security expectations
 2026-03-02 11:28:27 -08:00
Vincent Koc
f4785c1a7b Docs: expand sandbox guide for common image and Docker bootstrap 2026-03-01 23:16:00 -08:00
Agent
002539c01e fix(security): harden sandbox novnc observer flow 2026-03-01 22:44:28 +00:00
Peter Steinberger
14b6eea6e3 feat(sandbox): block container namespace joins by default 2026-02-24 23:20:34 +00:00
Peter Steinberger
f48698a50b fix(security): harden sandbox browser network defaults 2026-02-21 14:02:53 +01:00
Peter Steinberger
8c1518f0f3 fix(sandbox): use one-time noVNC observer tokens 2026-02-21 13:56:58 +01:00
Peter Steinberger
621d8e1312 fix(sandbox): require noVNC observer password auth 2026-02-21 13:44:24 +01:00
Peter Steinberger
1b6704ef53 docs: update sandbox bind mount guidance 2026-02-16 03:05:16 +01:00
seheepeak
cb9a5e1cb9 feat(sandbox): separate bind mounts for browser containers (#16230) 
* feat(sandbox): add separate browser.binds config for browser containers

Allow configuring bind mounts independently for browser containers via
sandbox.browser.binds. When set, browser containers use browser-specific
binds instead of inheriting docker.binds. Falls back to docker.binds
when browser.binds is not configured for backwards compatibility.

Closes #14614

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix(sandbox): honor empty browser binds override (#16230) (thanks @seheepeak)

---------

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
 2026-02-14 15:27:41 +01:00
Seb Slight
929a3725d3 docs: canonicalize docs paths and align zh navigation (#11428) 
* docs(navigation): canonicalize paths and align zh nav

* chore(docs): remove stray .DS_Store

* docs(scripts): add non-mint docs link audit

* docs(nav): fix zh source paths and preserve legacy redirects (#11428) (thanks @sebslight)

* chore(docs): satisfy lint for docs link audit script (#11428) (thanks @sebslight)
 2026-02-07 15:40:35 -05:00
cpojer
8cab78abbc chore: Run pnpm format:fix. 2026-01-31 21:13:13 +09:00
Peter Steinberger
9a7160786a refactor: rename to openclaw 2026-01-30 03:16:21 +01:00
Peter Steinberger
6d16a658e5 refactor: rename clawdbot to moltbot with legacy compat 2026-01-27 12:21:02 +00:00
Peter Steinberger
0f8f0fb9d7 docs: clarify command authorization for exec directives 2026-01-26 22:18:41 +00:00
Peter Steinberger
04ee9e7765 docs: clarify sandbox env + recreate guidance 2026-01-20 15:00:25 +00:00
Peter Steinberger
79d8267413 feat: auto-recreate sandbox containers on config change 2026-01-19 01:35:27 +00:00
Peter Steinberger
59c8d2d17f docs: clarify sandbox bind mounts (#790) 2026-01-12 22:06:35 +00:00
Aaron Konyer
0b2b8c7c52 Add docker bind mounds for sandboxing 2026-01-12 21:57:51 +00:00
Peter Steinberger
8b4bdaa8a4 feat: add apply_patch tool (exec-gated) 2026-01-12 03:42:56 +00:00
Peter Steinberger
98337a14b3 fix: rename bash tool to exec (#748) (thanks @myfunc) 2026-01-12 02:49:55 +00:00
Peter Steinberger
07be761779 feat: add sandbox browser control allowlists 2026-01-11 01:52:32 +01:00
Peter Steinberger
326fb04d12 feat: add browser target selection for sandboxed agents 2026-01-11 01:31:56 +01:00
Peter Steinberger
9f9098406c feat(sandbox): add sandbox explain inspector 2026-01-10 20:28:43 +01:00
Peter Steinberger
2dc7872ad1 feat: auto-start sandbox browser 2026-01-10 02:06:21 +00:00
Peter Steinberger
7b81d97ec2 feat: wire multi-agent config and routing 
Co-authored-by: Mark Pors <1078320+pors@users.noreply.github.com>
 2026-01-09 12:48:42 +00:00
Peter Steinberger
dfbee10377 docs: clarify sandbox non-main behavior 2026-01-09 03:23:36 +01:00
Peter Steinberger
e09708e82d feat: sync skills into sandbox workspace 2026-01-09 00:33:09 +01:00
Peter Steinberger
dc1992cbb5 docs: note elevated no-op when unsandboxed 2026-01-08 23:18:33 +01:00
Peter Steinberger
014667e00b fix: tighten group elevated targeting 2026-01-08 22:57:18 +01:00
Peter Steinberger
13ddd40a59 docs: clarify sandboxing config option 2026-01-08 21:51:21 +01:00
Peter Steinberger
d55750189e docs: add sandboxing page and cross-links 2026-01-08 21:49:26 +01:00