openclaw

mirror of https://github.com/openclaw/openclaw.git synced 2026-03-12 23:40:45 +00:00

Author	SHA1	Message	Date
Peter Steinberger	1c9deeda97	refactor: split webhook ingress and policy guards	2026-03-02 18:02:21 +00:00
Peter Steinberger	d3e8b17aa6	fix: harden webhook auth-before-body handling	2026-03-02 17:21:09 +00:00
Peter Steinberger	7a7eee920a	refactor(gateway): harden plugin http route contracts	2026-03-02 16:48:00 +00:00
Peter Steinberger	2fd8264ab0	refactor(gateway): hard-break plugin wildcard http handlers	2026-03-02 16:24:06 +00:00
Peter Steinberger	b13d48987c	refactor(gateway): unify control-ui and plugin webhook routing	2026-03-02 16:18:12 +00:00
Peter Steinberger	741e74972b	refactor(plugin-sdk): share boolean action param parsing	2026-03-02 14:36:41 +00:00
Peter Steinberger	ad8d766f65	refactor(extensions): dedupe channel config, onboarding, and monitors	2026-03-02 08:54:20 +00:00
Tyler Yust	f918b336d1	fix: agent-only announce path, BB message IDs, sender identity, SSRF allowlist (#23970 ) * fix(agents): defer announces until descendant cleanup settles * fix(bluebubbles): harden message metadata extraction * feat(contributors): rank by composite score (commits, PRs, LOC, tenure) * refactor(control-ui): move method guard after path checks to improve request handling * fix subagent completion announce when only current run is pending * fix(subagents): keep orchestrator runs active until descendants finish * fix: prepare PR feedback follow-ups (#23970) (thanks @tyler6204)	2026-03-01 22:52:11 -08:00
Peter Steinberger	6ba7238ac6	build: bump versions to 2026.3.2	2026-03-02 04:55:53 +00:00
Peter Steinberger	41537e9303	fix(channels): add optional defaultAccount routing	2026-03-02 04:03:46 +00:00
Peter Steinberger	8e48520d74	fix(channels): align command-body parsing sources	2026-03-01 23:11:48 +00:00
Agent	e7cafed424	chore(release): bump version to 2026.3.1	2026-03-01 21:14:17 +00:00
Peter Steinberger	fe807e4bed	chore(release): bump 2026.2.27 and split changelog	2026-02-27 16:09:28 +01:00
Peter Steinberger	a0c5e28f3b	refactor(extensions): use scoped pairing helper	2026-02-26 21:57:52 +01:00
Peter Steinberger	dc6e4a5b13	fix: harden dm command authorization in open mode	2026-02-26 19:49:36 +01:00
Peter Steinberger	64de4b6d6a	fix: enforce explicit group auth boundaries across channels	2026-02-26 18:49:16 +01:00
Peter Steinberger	cd80c7e7ff	refactor: unify dm policy store reads and reason codes	2026-02-26 17:47:57 +01:00
Peter Steinberger	273973d374	refactor: unify typing dispatch lifecycle and policy boundaries	2026-02-26 17:36:16 +01:00
Peter Steinberger	7d9397099b	fix(bluebubbles): allow configured host for attachment SSRF guard Co-authored-by: damaozi <1811866786@qq.com>	2026-02-26 16:40:57 +01:00
Peter Steinberger	caace61ba1	chore: bump versions to 2026.2.26	2026-02-26 12:11:02 +01:00
Peter Steinberger	8f8e46d898	refactor: unify reaction ingress policy guards across channels	2026-02-26 01:34:47 +01:00
Shakker	2652bb1d7d	Release: sync plugin versions to 2026.2.25	2026-02-25 04:19:59 +00:00
Shakker	955cc9029f	chore: sync plugin versions to 2026.2.24	2026-02-24 22:45:46 +00:00
Marcus Castro	dd41a78458	fix(bluebubbles): pass SSRF policy for localhost attachment downloads (#24457 ) (cherry picked from commit `aff64567c7`)	2026-02-24 04:06:57 +00:00
Peter Steinberger	0183610db3	refactor: de-duplicate channel runtime and payload helpers	2026-02-23 21:25:28 +00:00
Peter Steinberger	75423a00d6	refactor: deduplicate shared helpers and test setup	2026-02-23 20:40:44 +00:00
Vignesh Natarajan	8d9d01447e	chore: align plugin versions and harden outbound cross-provider test	2026-02-22 23:04:17 -08:00
Peter Steinberger	1c753ea786	test: dedupe fixtures and test harness setup	2026-02-23 05:45:54 +00:00
Peter Steinberger	5056f4e142	fix(bluebubbles): tighten chat target handling	2026-02-22 11:29:31 +00:00
Peter Steinberger	26763d1910	fix: resolve extension type errors and harden probe mocks	2026-02-22 12:25:58 +01:00
Peter Steinberger	296b3f49ef	refactor(bluebubbles): centralize private-api status handling	2026-02-22 12:08:41 +01:00
Peter Steinberger	37f12eb7ee	fix: align BlueBubbles private-api null fallback + warning (#23459 ) (thanks @echoVic)	2026-02-22 11:47:57 +01:00
echoVic	888b6bc948	fix(bluebubbles): treat null privateApiStatus as disabled, not enabled Bug: privateApiStatus cache expires after 10 minutes, returning null. The check '!== false' treats null as truthy, causing 500 errors when trying to use Private API features that aren't actually available. Root cause: In JavaScript, null !== false evaluates to true. Fix: Changed all checks from '!== false' to '=== true', so null (cache expired/unknown) is treated as disabled (safe default). Files changed: - extensions/bluebubbles/src/send.ts (line 376) - extensions/bluebubbles/src/monitor-processing.ts (line 423) - extensions/bluebubbles/src/attachments.ts (lines 210, 220) Fixes #23393	2026-02-22 11:47:57 +01:00
Vignesh Natarajan	96c985400d	BlueBubbles: accept webhook payloads with missing handles	2026-02-21 22:10:30 -08:00
Ryan Haines	75a9ea004b	Fix BlueBubbles DM history backfill bug (#20302 ) * feat: implement DM history backfill for BlueBubbles - Add fetchBlueBubblesHistory function to fetch message history from API - Modify processMessage to fetch history for both groups and DMs - Use dmHistoryLimit for DMs and historyLimit for groups - Add InboundHistory field to finalizeInboundContext call Fixes #20296 * style: format with oxfmt * address review: in-memory history cache, resolveAccount try/catch, include is_from_me - Wrap resolveAccount in try/catch instead of unreachable guard (it throws) - Include is_from_me messages with 'me' sender label for full conversation context - Add in-memory rolling history map (chatHistories) matching other channel patterns - API backfill only on first message per chat, not every incoming message - Remove unused buildInboundHistoryFromEntries import * chore: remove unused buildInboundHistoryFromEntries helper Dead code flagged by Greptile — mapping is done inline in monitor-processing.ts. * BlueBubbles: harden DM history backfill state handling * BlueBubbles: add bounded exponential backoff and history payload guards * BlueBubbles: evict merged history keys * Update extensions/bluebubbles/src/monitor-processing.ts Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com> --------- Co-authored-by: Ryan Mac Mini <ryanmacmini@ryans-mac-mini.tailf78f8b.ts.net> Co-authored-by: Vincent Koc <vincentkoc@ieee.org> Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>	2026-02-21 20:00:09 -05:00
Peter Steinberger	0bd9f0d4ac	fix: enforce strict allowlist across pairing stores (#23017 )	2026-02-22 00:00:23 +01:00
Peter Steinberger	61dc7ac679	refactor(msteams,bluebubbles): dedupe inbound media download helpers	2026-02-21 23:08:07 +01:00
Peter Steinberger	73d93dee64	fix: enforce inbound media max-bytes during remote fetch	2026-02-21 23:02:29 +01:00
Peter Steinberger	549549f6a0	fix(ci): sync plugin versions and harden install smoke	2026-02-21 20:18:37 +01:00
Peter Steinberger	4540790cb6	refactor(bluebubbles): share dm/group access policy checks	2026-02-21 20:08:33 +01:00
Peter Steinberger	2ba6de7eaa	refactor(security): make empty allowlist behavior explicit	2026-02-21 19:54:59 +01:00
Peter Steinberger	9632b9bcf0	fix(security): fail closed parsed chat allowlist	2026-02-21 19:51:36 +01:00
Peter Steinberger	283029bdea	refactor(security): unify webhook auth matching paths	2026-02-21 11:52:34 +01:00
Peter Steinberger	6b2f2811dc	fix(security): require BlueBubbles webhook auth	2026-02-21 11:41:50 +01:00
Peter Steinberger	9231d7d30f	chore: bump version to 2026.2.21	2026-02-21 11:02:30 +01:00
Peter Steinberger	f66b23de75	chore(release): bump versions to 2026.2.20	2026-02-20 00:02:53 +01:00
Peter Steinberger	b0e55283d5	chore: bump release metadata to 2026.2.19	2026-02-19 16:17:34 +01:00
Peter Steinberger	53aecf7a8e	test(bluebubbles): merge typing start stop method checks	2026-02-19 10:09:34 +00:00
Peter Steinberger	32ba62dc69	test(bluebubbles): merge setGroupIcon credential checks	2026-02-19 09:51:35 +00:00
Peter Steinberger	0c1d3b866c	test(bluebubbles): collapse duplicate credential and chatGuid cases	2026-02-19 09:48:47 +00:00

1 2 3 4

179 Commits