vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-06 05:00:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
41,577 Commits 1,843 Branches 149 Tags
main
Commit Graph

340 Commits

Author SHA1 Message Date
Val Alexander
36df0d93b9 fix: repair iOS LAN pairing 
Fix iOS LAN/setup-code pairing policy for #47887.

- Allow explicit private LAN and .local plaintext ws:// setup/manual connects where policy allows it.
- Keep public hosts, .ts.net, and Tailscale CGNAT plaintext fail-closed.
- Prefer explicit passwords over stale bootstrap tokens in Swift and TypeScript gateway clients.
- Update setup-code/device-pair coverage, docs, and changelog with source credit for #65185.

Verification:
- pnpm install
- git diff --check origin/main..HEAD
- pnpm exec oxfmt --check --threads=1 src/gateway/client.ts src/gateway/client.test.ts src/pairing/setup-code.ts src/pairing/setup-code.test.ts extensions/device-pair/index.ts extensions/device-pair/index.test.ts
- pnpm format:docs:check
- pnpm test src/gateway/client.test.ts src/pairing/setup-code.test.ts extensions/device-pair/index.test.ts
- cd apps/shared/OpenClawKit && swift test --filter 'DeepLinksSecurityTests|GatewayNodeSessionTests'
- pnpm lint:swift passes with the existing TalkModeRuntime.swift type-body-length warning

Blocked locally:
- iOS app-target xcodebuild tests require unavailable watchOS 26.4 runtime here.
- Testbox check:changed previously failed because the image lacks swiftlint; local swiftlint passes.
 2026-05-05 21:07:19 -05:00
Peter Steinberger
466f718320 feat: wire talk handoff into native nodes 2026-05-06 02:39:15 +01:00
Val Alexander
b2efd19648 fix(ios): harden gateway pairing setup 
Harden iOS gateway setup-code pairing by rejecting non-loopback plaintext ws:// setup URLs before bootstrap token issuance, consolidating iOS setup parsing, and adding QR scan support from Settings.

Verification:
- pnpm test extensions/device-pair/index.test.ts
- swift test --package-path apps/shared/OpenClawKit --filter DeepLinksSecurityTests
- XcodeBuildMCP OpenClawLogicTests/DeepLinkParserTests
- targeted SwiftLint for touched iOS/OpenClawKit files
- pnpm exec oxfmt --check --threads=1 extensions/device-pair/index.ts extensions/device-pair/index.test.ts
- git diff --check origin/main...HEAD
- GitHub PR checks green on 58e5e60a5c
 2026-05-04 02:11:47 -05:00
Peter Steinberger
bdba90a20b feat: add authenticated iOS background presence beacon (#73330) 
* feat: add iOS background presence beacon

Co-authored-by: ngutman <1540134+ngutman@users.noreply.github.com>

* fix: keep iOS background reconnects ahead of beacon throttle

* build: refresh gateway protocol swift models

* fix: emit swift protocol string enums

---------

Co-authored-by: ngutman <1540134+ngutman@users.noreply.github.com>
 2026-04-28 08:10:35 +01:00
Peter Steinberger
482c74b724 refactor: remove narrow SwiftLint suppressions 2026-04-28 02:38:44 +01:00
Peter Steinberger
b294f7c467 fix: harden ios app build hygiene 2026-04-28 01:42:10 +01:00
Peter Steinberger
02f3e9cfa2 fix(talk): honor configured speech locale 2026-04-25 21:05:24 +01:00
Peter Steinberger
73f4bfadc1 style: fix ios app lint warnings 2026-04-20 14:17:25 +01:00
Nimrod Gutman
f3c304917a revert: undo background alive review findings fix 2026-04-08 14:02:49 +03:00
Nimrod Gutman
b328c66115 fix: resolve background alive beacon review findings 2026-04-08 13:46:39 +03:00
Nimrod Gutman
6681878339 feat(ios): pin calver release versioning (#63001) 
* feat(ios): decouple app versioning from gateway

* feat(ios): pin calver release versioning

* refactor(ios): drop prerelease version helper fields

* docs(changelog): note pinned ios release versioning (#63001) (thanks @ngutman)
 2026-04-08 11:25:35 +03:00
Nimrod Gutman
6380c872bc feat(ios): improve gateway connection error ux (#62650) 
* feat(ios): improve gateway connection error ux

* fix(ios): address gateway problem review feedback

* feat(ios): improve gateway connection error ux (#62650) (thanks @ngutman)
 2026-04-07 21:53:22 +03:00
Nimrod Gutman
6f566585d8 fix(ios): harden watch exec approval review (#61757) 
* fix(ios): harden watch exec approval review

* fix(ios): address watch approval review feedback

* fix(ios): finalize watch approval background recovery

* fix(ios): finalize watch approval background recovery (#61757) (thanks @ngutman)
 2026-04-06 17:42:42 +03:00
Nimrod Gutman
28955a36e7 feat(ios): add exec approval notification flow (#60239) 
* fix(auth): hand off qr bootstrap to bounded device tokens

* feat(ios): add exec approval notification flow

* fix(gateway): harden approval notification delivery

* docs(changelog): add ios exec approval entry (#60239) (thanks @ngutman)
 2026-04-05 16:33:22 +03:00
Nimrod Gutman
226ca1f324 fix(auth): address qr bootstrap review feedback 2026-04-04 15:57:38 +09:00
Nimrod Gutman
a9140abea6 fix(auth): hand off qr bootstrap to bounded device tokens 2026-04-04 15:57:38 +09:00
Agustin Rivera
49d08382a9 iOS: restrict A2UI action dispatch to trusted canvas URLs (#58471) 
* fix(ios): restrict a2ui bridge trust

* test(ios): cover fragment-strip trust and document raw-string equality

* fix(ios): normalize capability URL before trust comparison in canvas commands

* fix(ios): trim canvas.navigate url before trust comparison

* chore: add changelog for iOS A2UI trust boundary

---------

Co-authored-by: Devin Robison <drobison@nvidia.com>
 2026-04-02 11:51:09 -06:00
Nimrod Gutman
69fe999373 fix(pairing): restore qr bootstrap onboarding handoff (#58382) (thanks @ngutman) 
* fix(pairing): restore qr bootstrap onboarding handoff

* fix(pairing): tighten bootstrap handoff follow-ups

* fix(pairing): migrate legacy gateway device auth

* fix(pairing): narrow qr bootstrap handoff scope

* fix(pairing): clear ios tls trust on onboarding reset

* fix(pairing): restore qr bootstrap onboarding handoff (#58382) (thanks @ngutman)
 2026-03-31 21:11:35 +03:00
Nimrod Gutman
f38b7291f9 fix(ios): mark activitykit import as preconcurrency (#57180) 
* fix(ios): mark activitykit import as preconcurrency

* fix: note iOS ActivityKit preconcurrency build fix (#57180) (thanks @ngutman)
 2026-03-29 21:24:25 +03:00
scoootscooob
19093112ce Chat UI: tighten compact transport handling 2026-03-24 10:58:09 -07:00
Val Alexander
2fd372836e iOS: improve QR pairing flow (#51359) 
- improve QR pairing UX and bootstrap token handling
- preserve repeated optimistic user messages during refresh
- add regression coverage for refresh reconciliation

Thanks @ImLukeF
 2026-03-21 01:10:29 -05:00
Nimrod Gutman
496176d738 feat(ios): add onboarding welcome pager (#45054) 
* feat(ios): add onboarding welcome pager

* feat(ios): add onboarding welcome pager (#45054) (thanks @ngutman)
 2026-03-13 14:24:15 +02:00
Nachx639
e951a42bcb fix(mac): adopt canonical session key and add reset triggers (#10898) 
Add shared native chat handling for /new, /reset, and /clear.

This also aligns main session key handling in the shared chat UI and includes follow-up test and CI fixes needed to keep the branch mergeable.

Co-authored-by: Nachx639 <71144023+Nachx639@users.noreply.github.com>
Co-authored-by: Luke <92253590+ImLukeF@users.noreply.github.com>
 2026-03-13 12:35:39 +11:00
Peter Steinberger
bf89947a8e fix: switch pairing setup codes to bootstrap tokens 2026-03-12 22:23:07 +00:00
Nimrod Gutman
b77b7485e0 feat(push): add iOS APNs relay gateway (#43369) 
* feat(push): add ios apns relay gateway

* fix(shared): avoid oslog string concatenation

# Conflicts:
#	apps/shared/OpenClawKit/Sources/OpenClawKit/GatewayChannel.swift

* fix(push): harden relay validation and invalidation

* fix(push): persist app attest state before relay registration

* fix(push): harden relay invalidation and url handling

* feat(push): use scoped relay send grants

* feat(push): configure ios relay through gateway config

* feat(push): bind relay registration to gateway identity

* fix(push): tighten ios relay trust flow

* fix(push): bound APNs registration fields (#43369) (thanks @ngutman)
 2026-03-12 18:15:35 +02:00
Nimrod Gutman
2d91284fdb feat(ios): add local beta release flow (#42991) 
Merged via squash.

Prepared head SHA: 82b38fe93b
Co-authored-by: ngutman <1540134+ngutman@users.noreply.github.com>
Co-authored-by: ngutman <1540134+ngutman@users.noreply.github.com>
Reviewed-by: @ngutman
 2026-03-11 12:32:28 +02:00
Nimrod Gutman
c2e41c57c9 fix(ios): make pairing instructions generic 2026-03-10 21:44:00 +02:00
Nimrod Gutman
6bcf89b09b feat(ios): refresh home canvas toolbar 2026-03-10 21:44:00 +02:00
Mariano Belinky
67746a12de iOS: add welcome home canvas 2026-03-10 21:44:00 +02:00
Mariano
0bcddb3d4f iOS: reconnect gateway on foreground return (#41384) 
Merged via squash.

Prepared head SHA: 0e2e0dcc36
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
 2026-03-09 21:12:23 +01:00
Peter Steinberger
f9706fde6a build: bump unreleased version to 2026.3.9 2026-03-09 08:33:58 +00:00
Mariano
abb8f63107 iOS: auto-load the scoped gateway canvas with safe fallback (#40282) 
Merged via squash.

- mb-server validation: `swift test --package-path apps/shared/OpenClawKit --filter GatewayNodeSessionTests`
- mb-server validation: `pnpm build`
- Scope note: top-level `RootTabs` shell change was intentionally removed from this PR before merge
 2026-03-08 22:47:39 +01:00
Mariano
e806c479f5 Gateway/iOS: replay queued foreground actions safely after resume (#40281) 
Merged via squash.

- Local validation: `pnpm exec vitest run --config vitest.gateway.config.ts src/gateway/server-methods/nodes.invoke-wake.test.ts`
- Local validation: `pnpm build`
- mb-server validation: `pnpm exec vitest run --config vitest.gateway.config.ts src/gateway/server-methods/nodes.invoke-wake.test.ts`
- mb-server validation: `pnpm build`
- mb-server validation: `pnpm protocol:check`
 2026-03-08 22:46:54 +01:00
Peter Steinberger
f399a818ef refactor: extract ios watch reply coordinator 2026-03-08 18:40:15 +00:00
Peter Steinberger
16a5f0b006 refactor: split talk gateway config loaders 2026-03-08 16:22:48 +00:00
Peter Steinberger
8d3d742c6a refactor: require canonical talk resolved payload 2026-03-08 16:22:48 +00:00
Peter Steinberger
b4c8950417 refactor: centralize talk silence timeout defaults 2026-03-08 14:58:29 +00:00
Peter Steinberger
4f482d2a2b refactor: share Apple talk config parsing 2026-03-08 14:58:29 +00:00
Peter Steinberger
0af3118d08 fix: harden talk silence timeout parsing (#39607) (thanks @danodoesdesign) 
Co-authored-by: dano does design <dano.does.design@gmail.com>
 2026-03-08 14:30:25 +00:00
dano does design
6ff7e8f42e talk: add configurable silence timeout 2026-03-08 14:30:25 +00:00
Peter Steinberger
05217845a7 build: bump version to 2026.3.8 2026-03-08 05:59:04 +00:00
Nimrod Gutman
1eb7198bad fix(ios): skip quick setup when a gateway is configured (#38964) 
* fix(ios): hide quick setup when gateway is configured

* fix: note ios quick setup gating for configured gateways (#38964) (thanks @ngutman)
 2026-03-07 17:46:16 +02:00
Nimrod Gutman
43ab4f33ad feat(ios): prepare app store connect release assets 2026-03-07 17:21:07 +02:00
Peter Steinberger
997a9f5b9e chore: bump version to 2026.3.7 2026-03-07 10:09:02 +00:00
Vincent Koc
42e3d8d693 Secrets: add inline allowlist review set (#38314) 
* Secrets: add inline allowlist review set

* Secrets: narrow detect-secrets file exclusions

* Secrets: exclude Docker fingerprint false positive

* Secrets: allowlist test and docs false positives

* Secrets: refresh baseline after allowlist updates

* Secrets: fix gateway chat fixture pragma

* Secrets: format pre-commit config

* Android: keep talk mode fixture JSON valid

* Feishu: rely on client timeout injection

* Secrets: allowlist provider auth test fixtures

* Secrets: allowlist onboard search fixtures

* Secrets: allowlist onboard mode fixture

* Secrets: allowlist gateway auth mode fixture

* Secrets: allowlist APNS wake test key

* Secrets: allowlist gateway reload fixtures

* Secrets: allowlist moonshot video fixture

* Secrets: allowlist auto audio fixture

* Secrets: allowlist tiny audio fixture

* Secrets: allowlist embeddings fixtures

* Secrets: allowlist resolve fixtures

* Secrets: allowlist target registry pattern fixtures

* Secrets: allowlist gateway chat env fixture

* Secrets: refresh baseline after fixture allowlists

* Secrets: reapply gateway chat env allowlist

* Secrets: reapply gateway chat env allowlist

* Secrets: stabilize gateway chat env allowlist

* Secrets: allowlist runtime snapshot save fixture

* Secrets: allowlist oauth profile fixtures

* Secrets: allowlist compaction identifier fixture

* Secrets: allowlist model auth fixture

* Secrets: allowlist model status fixtures

* Secrets: allowlist custom onboarding fixture

* Secrets: allowlist mattermost token summary fixtures

* Secrets: allowlist gateway auth suite fixtures

* Secrets: allowlist channel summary fixture

* Secrets: allowlist provider usage auth fixtures

* Secrets: allowlist media proxy fixture

* Secrets: allowlist secrets audit fixtures

* Secrets: refresh baseline after final fixture allowlists

* Feishu: prefer explicit client timeout

* Feishu: test direct timeout precedence
 2026-03-06 19:35:26 -05:00
Mariano
bd25182d5a feat(ios): add Live Activity connection status + stale cleanup (#33591) 
* feat(ios): add live activity connection status and cleanup

Add lock-screen/Dynamic Island connection health states and prune duplicate/stale activities before reuse. This intentionally excludes AI/title generation and heavier UX rewrites from #27488.

Co-authored-by: leepokai <1663017+leepokai@users.noreply.github.com>

* fix(ios): treat ended live activities as inactive

* chore(changelog): add PR reference and author thanks

---------

Co-authored-by: leepokai <1663017+leepokai@users.noreply.github.com>
 2026-03-04 07:44:42 +00:00
Mariano
2a733a8444 fix(ios): harden watch messaging activation concurrency (#33306) 
Merged via squash.

Prepared head SHA: d40f8c4afb
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
 2026-03-03 22:38:54 +00:00
Mariano
a36ccf4156 fix(ios): start incremental speech at soft boundaries (#33305) 
Merged via squash.

Prepared head SHA: d1acf72317
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
 2026-03-03 22:36:40 +00:00
Mariano
bf7061092a iOS Security Stack 4/5: TTS PCM->MP3 Fallback (#30885) (#33032) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: f77e3d7644
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
 2026-03-03 16:33:55 +00:00
Mariano
a3112d6c5f iOS Security Stack 3/5: Runtime Security Guards (#33031) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 9917165401
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
 2026-03-03 16:30:27 +00:00