Commit Graph

65467 Commits

Author SHA1 Message Date
lzyyzznl
0aae1ea816 fix(slack): use truncateUtf16Safe for message body preview truncation (#102612)
* fix(slack): use truncateUtf16Safe for message body preview truncation

One .slice(0, 160) truncation site in the Slack message handler may
cut UTF-16 surrogate pairs in half when the message body preview
contains multi-byte characters such as emoji. Replace it with
truncateUtf16Safe to keep the truncated output valid Unicode.

* test(slack): cover UTF-16 preview boundary

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 12:37:49 +01:00
wings1029
0bdd646fc2 fix(text): keep context tails UTF-16 safe (#102599)
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 12:37:07 +01:00
Peter Steinberger
6621ead871 improve(ios): manage notifications from Privacy (#102733)
* improve(ios): manage notifications from privacy

Co-authored-by: Sahil Satralkar <62758655+sahilsatralkar@users.noreply.github.com>

* fix(ios): make notification status returns explicit

---------

Co-authored-by: Sahil Satralkar <62758655+sahilsatralkar@users.noreply.github.com>
2026-07-09 12:35:29 +01:00
Gary
981d67a703 fix(browser): remove hardcoded profile="user" suggestion from tool description (#102582)
* fix(browser): remove hardcoded profile="user" suggestion from browser tool description

The browser tool description hardcoded a suggestion to use profile="user"
for logged-in sessions, even when the operator has configured a different
default profile (e.g. browser.defaultProfile: "openclaw").

Replace with profile-agnostic guidance that references the configured
browser.defaultProfile setting instead of prescribing a specific value.

Fixes #102566

* test: update browser tool description assertion for profile-agnostic wording

* refactor(browser): unify tool profile guidance

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 12:32:56 +01:00
Peter Steinberger
3ada371449 fix(gateway): accept Mac approval usage timestamps (#102688)
* fix(gateway): accept Mac approval usage timestamps

* chore: move release note to PR body
2026-07-09 12:32:23 +01:00
Peter Steinberger
3ccf2a0739 feat: render inline web chat widgets via capability-gated show_widget tool (#101840)
Adds client-capability-gated tool availability: gateway clients declare
capabilities at connect (new inline-widgets cap), chat.send stamps them into
the run context, and every tool assembly path (embedded runner, queued
followups, Codex app-server harness, plugin-only construction plans) drops
tools whose requiredClientCaps the originating client did not declare. The
Canvas plugin ships the first such tool, show_widget: agents pass SVG or an
HTML fragment plus a title; the plugin hosts it as a bounded, retention-scoped
Canvas document and returns the existing canvas preview handle, which web chat
renders as a sandboxed iframe fitted to the widget's reported content height.
Widget frames never get allow-same-origin (per-preview sandbox ceiling,
including the sidebar path) and the Canvas host serves widget documents with a
CSP sandbox header so direct navigation runs in an opaque origin. Verified
live end-to-end on a Testbox with gpt-5.5 (screenshots on the PR). CLI-backed
model backends do not carry client caps yet and stay fail-closed (#102577).

Closes #101790
2026-07-09 12:29:50 +01:00
QiuYuang
de2af01c9c fix(agents): classify code mode aborts separately from timeouts (#102494)
* fix(agents): classify code mode aborts separately from timeouts

* fix(cron): accept aborted code mode trigger failures

* fix(agents): keep code mode wall-clock timeouts classified

* fix(cron): preserve abort and timeout ownership

* test(cron): preserve typed abort reasons

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 12:29:04 +01:00
Ayaan Zaidi
f32c36cdc8 fix(auto-reply): surface periodic usage-limit failures in group chats 2026-07-09 16:58:23 +05:30
Ayaan Zaidi
34d257713e fix(context): show transcript conversation in /context map 2026-07-09 16:56:13 +05:30
Peter Steinberger
2806195e11 feat(ui): redesign Gateway Host settings card as identity block with resource meters (#102714) 2026-07-09 12:22:30 +01:00
lzyyzznl
6c3a46fb41 fix(openai): use truncateUtf16Safe for image gen log value truncation (#102611)
* fix(openai): use truncateUtf16Safe for image gen log value truncation

One .slice(0, N) truncation site in the OpenAI image generation
provider may cut UTF-16 surrogate pairs in half when the log value
contains multi-byte characters such as emoji. Replace it with
truncateUtf16Safe to keep the truncated output valid Unicode.

* fix(openai): keep image auth logs UTF-16 safe

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 12:21:24 +01:00
velanir-ai-manager
e84a0dde17 fix(msteams): surface quoted message body in Teams quote replies (#101856)
* fix(msteams): surface quoted message body in Teams quote replies

Teams sends the quoted text of a 1:1 DM quote-reply in <p itemprop="preview">
(a truncated snippet), not <p itemprop="copy"> which the parser matched. The
match failed, so quoteInfo was undefined and nothing was surfaced to the agent.

Fix 1 (primary): extractMSTeamsQuoteInfo now accepts copy OR preview (prefers
copy, falls back to preview) and captures the blockquote itemid as the quoted
message id.

Fix 2 (enhancement): when the quoted message id is known, fetch the full text
via the app-only Graph endpoint GET /chats/{chatId}/messages/{id} (permitted
with Chat.Read.All, unlike the delegated /me/chats listing) and use it as the
quote body. Restricted to chats (DM + group) whose Graph chat id is a 19: id;
any failure degrades to the truncated preview so message handling never breaks.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* fix(msteams): address review — DM-only full-text fetch, drop unsupported $select, fix mocks

Addresses ClawSweeper review on the quote-reply PR:

- Security (P1): restrict the app-only Graph full-text quote fetch to 1:1 DMs.
  Previously it ran for any non-channel chat, so in a group an allowlisted
  sender could quote a non-allowlisted member and the fetched full body would
  bypass the supplemental-quote visibility allowlist. Group/channel quotes keep
  the (now-surfaced) truncated preview from fix 1.
- Graph contract (P2): the get-chatMessage endpoint does not support OData
  query params; drop the ?$select=id,body that tenants enforcing the contract
  would reject (which would silently fall back to the preview).
- Tests (P1): add fetchChatMessageText to the two vi.mock(../graph-thread.js)
  factories prod now touches, and add a group-chat regression test proving the
  Graph full-text fetch does not fire for group quotes.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* docs(msteams): add redacted real Teams quote-reply proof screenshots

Real-behavior evidence for the quote-reply fix (personal names + avatars
redacted): a 1:1 DM where the bot now reads back the full quoted message.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* docs(msteams): remove committed proof screenshots from branch

Proof media should live as external PR artifacts, not in the product tree.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* test(msteams): bound and prove quote enrichment

* test(msteams): use valid open DM fixture

---------

Co-authored-by: Yash Inani <yashinani@Yashs-MacBook-Pro.local>
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 12:20:54 +01:00
huangjianxiong
ac71074807 fix(mattermost): keep slash command error truncation UTF-16 safe (#102607)
* fix(mattermost): keep slash command error truncation UTF-16 safe

Replace `.slice(0, 300)` and `.slice(0, 200)` with `truncateUtf16Safe`
in sanitizeCommandLookupError and sanitizeMattermostLogValue to prevent
surrogate pair corruption.

Ref. lsr911 pattern — mechanical substitution, no behavior change.

* test(mattermost): cover UTF-16-safe slash logs

Co-authored-by: 黄剑雄0668001315 <huang.jianxiong@xydigit.com>

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 12:20:38 +01:00
pengxuewu-lab
fb52a989b2 fix(plugin-sdk): update ssrf-runtime import path in cdp-proxy-bypass (#96994)
* fix(plugin-sdk): update ssrf-runtime import path in cdp-proxy-bypass.ts

The import path `openclaw/plugin-sdk/ssrf-runtime-internal` was renamed
to `openclaw/plugin-sdk/ssrf-runtime` in a previous version, but
cdp-proxy-bypass.ts still referenced the old path. The neighbouring
cdp.helpers.ts already uses the correct path. This caused the browser
plugin to fail to load with "Package subpath is not defined by exports".

Fixes #96639

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

* fix(plugin-sdk): update ssrf-runtime import path in cdp-proxy-bypass

The import path `openclaw/plugin-sdk/ssrf-runtime-internal` was renamed
to `openclaw/plugin-sdk/ssrf-runtime` in a previous version, but
cdp-proxy-bypass.ts still referenced the old path. The neighbouring
cdp.helpers.ts already uses the correct path. This caused the browser
plugin to fail to load with "Package subpath is not defined by exports".

Update the corresponding vi.mock path in the test file to match.

Fixes #96639

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

* fix(plugin-sdk): promote managed-proxy bypass exports to public ssrf-runtime

Export registerManagedProxyBrowserCdpBypass and fetchConfiguredLocalOriginWithSsrFGuard
from the public ssrf-runtime path so that the browser plugin and ollama embedding
provider can lazy-load without hitting the private ssrf-runtime-internal subpath
that is excluded from package.json exports.

Fixes #96639

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

* fix(build): bundle private SSRF runtime for packaged plugins

---------

Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 12:20:18 +01:00
Peter Steinberger
c046fbd451 fix(macos): open dashboard for existing gateways (#102677)
* fix(macos): skip onboarding for existing gateways

* chore: keep changelog release-owned

* chore(macos): refresh native i18n inventory
2026-07-09 12:17:41 +01:00
Peter Steinberger
09a6b5e5c8 test(infra): stabilize session cost stream errors (#102704)
Co-authored-by: Agent Jack <jack@thecaselygroup.com>
2026-07-09 12:15:10 +01:00
Peter Steinberger
7abf1c7f85 improve(ui): calmer sessions roster with dot status and drawer-level runtime (#102664)
Feedback pass on the sessions redesign: status pills become a plain colored
dot + label (green pulse for live, green dot with neutral label for done,
muted idle, red failed) in both the roster and the drawer hero, and the
Runtime column moves out of the table into the row drawer as Runtime (agent
runtime) plus Run duration. Runtime stays searchable. Responsive breakpoints
reflow for the 7-column roster and the actions column shrinks to the chevron
and row menu that landed in #102564.

Closes #102654
2026-07-09 12:13:19 +01:00
Alix-007
65b2e7a4e3 fix(mattermost): add timeout to REST client requests (#102027)
* fix(mattermost): add timeout to REST client requests

* fixup: preserve Mattermost DM retry timeout

* test(mattermost): reuse hanging server helper

* test(mattermost): satisfy timeout lint

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 12:12:30 +01:00
lzyyzznl
08663917fa fix(inworld): use truncateUtf16Safe for error body and parse error truncation (#102608)
* fix(inworld): use truncateUtf16Safe for error body and parse error truncation

Two .slice(0, N) truncation sites in the Inworld TTS extension may
cut UTF-16 surrogate pairs in half when the error body or parse error
message contains multi-byte characters such as emoji. Replace both
with truncateUtf16Safe to keep the truncated output valid Unicode.

* test(inworld): cover UTF-16-safe TTS errors

Co-authored-by: lizeyu-xydt <li.zeyu@xydigit.com>

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 12:09:34 +01:00
sunlit-deng
1e377e3660 fix(clickclack): bound inbound websocket payloads (#102480)
* fix(clickclack): bound inbound websocket payloads

* fix(clickclack): bound inbound websocket payloads

Co-authored-by: sunlit-deng <yang.jiajun1@xydigit.com>

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 12:09:30 +01:00
Ho Lim
99d82a2f21 fix(realtime): preserve reconnect budget across flaps (#102348)
Reset reconnect attempts only after a provider-ready connection stays stable, and cover both flap exhaustion and stable recovery.

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 12:08:50 +01:00
Yuval Dinodia
9706aae10a fix(plugins): terminate git clone args so git: specs cannot inject options (#102398)
* fix(plugins): terminate git clone args so git: specs cannot inject options

A git: install spec whose base ends in .git or is scp-form was passed to
git clone as a bare positional. A spec beginning with a dash, such as
git:--upload-pack=/path/pwn.git, was parsed by git as an option rather than
a repository, reaching a command-execution primitive. The sibling
git switch --detach -- <ref> in the same files was already hardened; the
clone sites were missed.

Add a -- option terminator before the URL at both clone call sites
(installPluginFromGitSpec and installSkillFromSource) and reject a
leading-dash URL in isGitUrl as defense in depth.

* test(plugins): prove git option rejection boundary

Co-authored-by: yetval <yetvald@gmail.com>

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 12:08:39 +01:00
Yuval Dinodia
0c0cbf9709 fix(backup): write backup archive with owner-only 0o600 permissions (#102403)
* fix(backup): write backup archive with owner-only 0o600 permissions

The published openclaw backup .tar.gz was created via createWriteStream
with no mode, so it landed at 0644 and world-readable. The archive
bundles auth.json OAuth access and refresh tokens, openclaw.json provider
API keys, and the state database, exposing all of them to any local user.

The intermediate SQLite snapshot is already chmod 0o600, but that
mitigation never reached the final artifact that actually matters. Create
the archive stream with mode 0o600 so the published backup is owner-only.
publishTempArchive preserves the source mode: fs.link shares the inode and
fs.copyFile copies the source mode, so the single write-site fix reaches
both publish paths.

* fix(backup): create archives owner-only

Co-authored-by: yetval <yetvald@gmail.com>

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 12:08:05 +01:00
huangjianxiong
5ba981a437 fix(qa-matrix): keep room scenario preview truncation UTF-16 safe (#102606)
* fix(qa-matrix): keep room scenario preview truncation UTF-16 safe

Replace 7x `.slice(0, N)` with `truncateUtf16Safe(..., N)` in
runMatrixStreamingPreviewScenario and runMatrixToolProgressScenario
to prevent surrogate pair corruption in body/formattedBody previews.

Ref. lsr911 pattern — mechanical substitution, no behavior change.

* test(qa-matrix): prove UTF-16 artifact boundaries

Co-authored-by: 黄剑雄0668001315 <huang.jianxiong@xydigit.com>

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 12:07:23 +01:00
snowzlmbot
6fef79a28d feat(android): add Skill Workshop settings panel (#101911)
* feat(android): add Skill Workshop settings

* fix(android): scope Skill Workshop state by agent

* fix(android): confirm Skill Workshop proposal actions

* fix(android): strengthen Skill Workshop action proof gates

* fix(android): satisfy Skill Workshop action ktlint

* fix(android): serialize Skill Workshop lifecycle actions

* chore(android): refresh native i18n inventory

---------

Co-authored-by: snowzlmbot <293528334+snowzlmbot@users.noreply.github.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 12:07:04 +01:00
Masato Hoshino
c9ec548e6f fix(browser): preserve strict CDP discovery policy on target-list lookup (#102328)
* fix(browser): preserve strict CDP discovery policy on target-list lookup

findPageByTargetIdViaTargetList fetched the CDP /json/list endpoint without
passing an ssrfPolicy argument, so the caller's discovery policy was dropped at
the fetch layer while the sibling tryTerminateExecutionViaCdp scoped it. Build
the scoped control policy with scopeCdpPolicyToConfiguredEndpoint and pass it to
fetchJson, matching the sibling lookup path.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>

* test(browser): tighten target-list CDP policy test comment

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>

* test(browser): consolidate target-list SSRF coverage

---------

Co-authored-by: Claude Fable 5 <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 12:04:39 +01:00
Vincent Koc
0ac8933721 fix(text): keep diagnostic truncation UTF-16 safe
Co-authored-by: chengzhichao-xydt <chengzhichao-xydt@users.noreply.github.com>
Co-authored-by: wangmiao0668000666 <wang.miao86@xydigit.com>
Co-authored-by: 黄剑雄0668001315 <huang.jianxiong@xydigit.com>
2026-07-09 04:02:39 -07:00
qingminlong
56096eb859 fix(browser): report malformed relay CDP frames (#102070)
* fix(browser): report malformed relay CDP frames

* refactor(browser): streamline relay frame validation

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 12:00:38 +01:00
Miorbnli
61a7fc5da6 fix(plugins): fall back to os.homedir() when HOME/OPENCLAW_HOME is empty (#102413)
* fix(plugins): fall back to os.homedir() when HOME/OPENCLAW_HOME is empty

manifest-metadata-scan resolved the home directory with
`env.OPENCLAW_HOME ?? env.HOME ?? env.USERPROFILE ?? os.homedir()`. The nullish
coalescing operator only catches null/undefined, so an empty or whitespace home
variable (e.g. HOME="" in a stripped-down container/sandbox env) was kept as ""
and path.join("", ".openclaw") resolved to a RELATIVE ".openclaw" under the cwd.
Plugin discovery then read global extensions from the wrong directory.

Normalize each candidate with the already-imported normalizeOptionalString (which
returns undefined for empty/whitespace) so an empty value falls through to
os.homedir(), matching the canonical home resolver in src/infra/home-dir.ts.

Co-Authored-By: Claude <noreply@anthropic.com>

* refactor(plugins): reuse canonical manifest paths

Co-authored-by: liyuanbin <li.yuanbin1@xydigit.com>

---------

Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 12:00:12 +01:00
Eulices
182376ea83 fix: iOS chat streaming stays visually stable as replies arrive (#50483)
* fix(ios): stabilize visible chat streaming

Co-authored-by: Eulices Lopez <leulices@gmail.com>

* fix(ios): keep chat segment IDs out of localization

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 11:59:42 +01:00
qingminlong
2f8f8ae1ae fix(read): reject non-positive offsets (#102481)
* fix(read): reject non-positive offsets

* fix(read): validate offsets before filesystem access

Co-authored-by: qingminlong <qing.minlong@xydigit.com>

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 11:59:29 +01:00
SunnyShu
65c3061ad7 fix(agents): emit model.failover diagnostic on normal model fallback transitions (#102051)
* [AI] fix(agents): emit model.failover diagnostic on normal model fallback transitions

Restructure observeFailedCandidate to emit the existing model.failover
diagnostic event for candidate run failures when an actual next fallback
candidate exists.

Previously emitFailoverEvent was only called in the cooldown lane-suspension
branch.  Normal fallback transitions only reached the trajectory recorder
(onFallbackStep) and were invisible in OTel traces.

Key design decisions:
- Emit inside observeFailedCandidate so both LiveSessionModelSwitchError
  and generic error paths are covered automatically
- Guard emission on nextCandidate to avoid false telemetry for single-model
  runs or terminal candidate exhaustion (the cooldown suspension branch
  already handles that case with suspended=true)
- Extract error reason via existing describeFailoverError helper

Related to #102015

Co-Authored-By: claude-4.6 <noreply@anthropic.com>

* [AI] test(agents): add regression tests for model.failover diagnostic emission

Covers three scenarios:
- Primary fails, fallback succeeds: verifies model.failover event payload
  (from/to provider/model, reason, cascadeDepth, suspended)
- Single-model run: verifies no false event emission
- Exhausted chain: verifies only real transition emits, terminal does not

Related to #102015

Co-Authored-By: claude-4.6 <noreply@anthropic.com>

* test(agents): consolidate failover diagnostics coverage

* test(agents): satisfy fallback diagnostic gates

---------

Co-authored-by: claude-4.6 <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 11:59:17 +01:00
qingminlong
6cd94f6049 fix(web): mark partial response reads when streams fail (#102550)
* fix(web): mark partial response reads when streams fail

* fix(web): report partial stream bytes accurately

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 11:58:56 +01:00
Peter Steinberger
5afd4707c7 fix(ui): split-view toolbar segments misalign with the panes they label (#102675)
* fix(ui): align split-view toolbar segments with the pane edges they label

* fix(ui): track pane gutter and horizontal overflow in the split toolbar

* fix(ui): reset split toolbar scroll offset on mode flips and reserve docked terminal space

* fix(ui): scroll clipped split panes into view when their toolbar segment gains focus
2026-07-09 11:58:31 +01:00
huangjianxiong
c067802cda fix(microsoft-foundry): keep connection test error truncation UTF-16 safe (#102605)
* fix(microsoft-foundry): keep connection test error truncation UTF-16 safe

Replace `.slice(0, 200)` with `truncateUtf16Safe(body, 200)` in
testFoundryConnection error messages to prevent surrogate pair corruption.

Ref. lsr911 pattern — mechanical substitution, no behavior change.

* test(microsoft-foundry): cover UTF-16-safe connection errors

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 11:51:38 +01:00
Alix-007
bebf0b98c1 fix(nextcloud-talk): add timeouts to Talk send requests (#102025)
* fix(nextcloud-talk): add timeouts to Talk send requests

* test(nextcloud-talk): simplify send timeout proof

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 11:49:48 +01:00
huangjianxiong
c335ecdb73 fix(microsoft-foundry): keep Azure CLI error truncation UTF-16 safe (#102604)
* fix(microsoft-foundry): keep Azure CLI error truncation UTF-16 safe

Replace `.slice(0, 300)` with `truncateUtf16Safe(normalized, 300)` in
summarizeAzErrorMessage to prevent surrogate pair corruption.

Ref. lsr911 pattern — mechanical substitution, no behavior change.

* test(microsoft-foundry): cover UTF-16-safe CLI errors

* test(microsoft-foundry): assert complete CLI error

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 11:49:35 +01:00
huangjianxiong
0a8677ec99 fix(whatsapp): keep echo tracker log truncation UTF-16 safe (#102603)
* fix(whatsapp): keep echo tracker log truncation UTF-16 safe

Replace `.slice(0, 50)` with `truncateUtf16Safe(text, 50)` in
echo tracker verbose log message to prevent surrogate pair corruption.

Ref. lsr911 pattern — mechanical substitution, no behavior change.

* test(whatsapp): cover UTF-16-safe echo previews

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 11:46:52 +01:00
Peter Steinberger
5154fe08fa feat: show Codex sessions across Gateway and paired nodes (#102586)
* feat(codex): add federated session catalog

* fix(codex): align session catalog checks

* fix(ui): translate Codex session catalog

---------

Co-authored-by: Peter Steinberger <peter@steipete.me>
2026-07-09 03:42:03 -07:00
Peter Steinberger
201acd4e7a fix(macos): keep Settings below native titlebar controls (#102663)
* fix(macos): clear settings titlebar controls

* chore: leave release notes to release automation
2026-07-09 11:41:29 +01:00
sunlit-deng
e635cdbbe9 fix(realtime-transcription): bound inbound websocket payloads (#102443)
* fix(realtime-transcription): bound inbound websocket payloads

* test(realtime-transcription): tighten payload cap proof

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 11:39:22 +01:00
huangjianxiong
29d2a1ed42 fix(ollama): use truncateUtf16Safe for malformed NDJSON log truncation (#102593)
* fix(ollama): use truncateUtf16Safe for malformed NDJSON log warning

The parseNdjsonStream function uses naive .slice(0, 120) on malformed
NDJSON data in log warnings which can split surrogate pairs. Replace
with truncateUtf16Safe().

* test(ollama): cover UTF-16-safe NDJSON warnings

* test(ollama): satisfy lint in NDJSON coverage

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 11:38:54 +01:00
Josh
ff031149f3 chore: align Android icons with favicon mark (#101423)
* chore: align Android icons with favicon mark

* fix(android): keep launcher mark inside adaptive safe zone

* docs(changelog): note Android launcher icon refresh

* chore: keep release changelog unchanged

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 11:37:24 +01:00
Peter Steinberger
bcc4517d99 test(ui): align sidebar ordering coverage (#102660) 2026-07-09 11:37:09 +01:00
Peter Steinberger
5b0e970dc7 fix(gateway): avoid reapproval on node permission loss (#102661) 2026-07-09 11:36:52 +01:00
clawSean
b8c1b220e4 fix(node-host): clarify unusable node exec cwd failures (#97105)
* fix(node-host): clarify unusable exec cwd failures

* fix(node-host): tighten cwd failure diagnostics

* refactor(node-host): keep cwd handling localized

* chore: leave release changelog ownership centralized

---------

Co-authored-by: clawSean <260045960+clawSean@users.noreply.github.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 11:34:25 +01:00
Sally O'Malley
e595a8c0ac Add Vault SecretRef plugin (#89255)
* Add Vault SecretRef plugin

Signed-off-by: sallyom <somalley@redhat.com>

* expand Vault setup to registered SecretRef targets

Signed-off-by: sallyom <somalley@redhat.com>

* fix(vault): use sdk secret target seam

* fix(vault): preserve auth profile target paths

* docs(vault): document plugin enable step

* fix(vault): make status provider-alias aware

* fix(vault): reject noncanonical secret ids

* fix(vault): separate resolver timeout deadlines

* fix(vault): forward private CA trust settings

* fix(secrets): preserve plugin policy boundaries

---------

Signed-off-by: sallyom <somalley@redhat.com>
Co-authored-by: joshavant <830519+joshavant@users.noreply.github.com>
2026-07-09 05:30:12 -05:00
maweibin
6a6aba0d5a fix(ui): validate realtime VAD threshold (#102161)
Co-authored-by: Peter Steinberger <steipete@gmail.com>
Co-authored-by: maweibin <maweibin@users.noreply.github.com>
2026-07-09 11:29:30 +01:00
Vincent Koc
45d15aabf9 fix(tts-local-cli): preserve file output on stream errors
Co-authored-by: 赵旺0668001248 <zhao.wang1@xydigit.com>
2026-07-09 03:28:51 -07:00
huangjianxiong
c87b9a7cee fix(parallel): use truncateUtf16Safe for MCP error JSON truncation (#102592)
* fix(parallel): use truncateUtf16Safe for MCP error JSON truncation

The extractMcpToolPayload function and error messages use naive
.slice(0, 500) on JSON-serialized errors and results which can split
surrogate pairs. Replace with truncateUtf16Safe().

* test(parallel): cover UTF-16-safe MCP errors

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 11:25:28 +01:00