vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-03-12 07:20:45 +00:00
Code Issues Packages Projects Releases Wiki Activity
18,082 Commits 680 Branches 76 Tags
12dc299cdef3759486b52033e78b550d985c3371
Commit Graph

4725 Commits

Author SHA1 Message Date
Vincent Koc
12dc299cde fix(imessage): dedupe reflected self-chat duplicates (#38440) 
* iMessage: drop reflected self-chat duplicates

* Changelog: add iMessage self-chat echo dedupe entry

* iMessage: keep self-chat dedupe scoped to final group identity

* iMessage: harden self-chat cache

* iMessage: sanitize self-chat duplicate logs

* iMessage: scope group self-chat dedupe by sender

* iMessage: move self-chat cache identity into cache

* iMessage: hash full self-chat text

* Update CHANGELOG.md
 2026-03-12 02:27:35 -04:00
Luke
8baf55d8ed Changelog: note Reminders permission fix 2026-03-12 17:01:42 +11:00
Ayaan Zaidi
f7416da905 style: format changelog 2026-03-12 11:28:27 +05:30
Vincent Koc
99a5a3c16a Update CHANGELOG.md 2026-03-12 01:37:33 -04:00
Vincent Koc
672924b01e Update CHANGELOG.md 2026-03-12 01:36:16 -04:00
Vincent Koc
4f462facda Infra: cap device tokens to approved scopes (#43686) 
* Infra: cap device tokens to approved scopes

* Changelog: note device token hardening
 2026-03-12 01:25:52 -04:00
Vincent Koc
2504cb6a1e Security: escape invisible exec approval format chars (#43687) 
* Infra: escape invisible exec approval chars

* Gateway: sanitize exec approval display text

* Tests: cover sanitized exec approval payloads

* Tests: cover sanitized exec approval forwarding

* Changelog: note exec approval prompt hardening
 2026-03-12 01:20:04 -04:00
Vincent Koc
1dcef7b644 Infra: block GIT_EXEC_PATH in host env sanitizer (#43685) 
* Infra: block GIT_EXEC_PATH in host env sanitizer

* Changelog: note host env hardening
 2026-03-12 01:16:03 -04:00
Vincent Koc
18f15850e6 fix(browser): restore proxy attachment media size cap (#43684) 
* browser: honor shared proxy file size cap

* test(browser): cover proxy file size cap

* docs(changelog): note browser proxy size cap fix
 2026-03-12 01:04:31 -04:00
Peter Steinberger
29dc65403f build: prepare 2026.3.11 release 2026-03-12 05:01:07 +00:00
Ayaan Zaidi
fbc1bd6f8e fix: clear telegram polling cleanup timers 2026-03-12 09:36:04 +05:30
Toven
ade748176f OpenRouter: surface free Hunter and Healer stealth models for the next week (#43642) 
* Models: add temporary Hunter and Healer alpha to OpenRouter catalog

* Add temporary OpenRouter stealth catalog entries

---------

Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-03-11 22:58:48 -05:00
Peter Steinberger
1fcee52a5c docs: reorder unreleased changelog by user impact 2026-03-12 03:42:39 +00:00
David Rudduck
f01c41b27a fix(context-engine): guard compact() throw + fire hooks for ownsCompaction engines (#41361) 
Merged via squash.

Prepared head SHA: 0957b32dc6
Co-authored-by: davidrudduck <47308254+davidrudduck@users.noreply.github.com>
Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com>
Reviewed-by: @jalehman
 2026-03-11 20:19:20 -07:00
Frank Yang
5231277163 fix(acp): rehydrate restarted main ACP sessions (#43285) 
Merged via squash.

Prepared head SHA: f06318e58f
Co-authored-by: frankekn <4488090+frankekn@users.noreply.github.com>
Co-authored-by: frankekn <4488090+frankekn@users.noreply.github.com>
Reviewed-by: @frankekn
 2026-03-12 11:05:09 +08:00
Robin Waslander
ebed3bbde1 fix(gateway): enforce browser origin check regardless of proxy headers 
In trusted-proxy mode, enforceOriginCheckForAnyClient was set to false
whenever proxy headers were present. This allowed browser-originated
WebSocket connections from untrusted origins to bypass origin validation
entirely, as the check only ran for control-ui and webchat client types.

An attacker serving a page from an untrusted origin could connect through
a trusted reverse proxy, inherit proxy-injected identity, and obtain
operator.admin access via the sharedAuthOk / roleCanSkipDeviceIdentity
path without any origin restriction.

Remove the hasProxyHeaders exemption so origin validation runs for all
browser-originated connections regardless of how the request arrived.

Fixes GHSA-5wcw-8jjv-m286
 2026-03-12 01:16:52 +01:00
Robin Waslander
3c0fd3dffe fix(daemon): replace bootout with kickstart -k for launchd restarts on macOS 
On macOS, launchctl bootout permanently unloads the LaunchAgent plist.
Even with KeepAlive: true, launchd cannot respawn a service whose plist
has been removed from its registry. This left users with a dead gateway
requiring manual 'openclaw gateway install' to recover.

Affected trigger paths:
- openclaw gateway restart from an agent session (#43311)
- SIGTERM on config reload (#43406)
- Gateway self-restart via SIGTERM (#43035)
- Hot reload on channel config change (#43049)

Switch restartLaunchAgent() to launchctl kickstart -k, which force-kills
and restarts the service without unloading the plist. When the restart
originates from inside the launchd-managed process tree, delegate to a
new detached handoff helper (launchd-restart-handoff.ts) to avoid the
caller being killed mid-command. Self-restart paths in process-respawn.ts
now schedule the detached start-after-exit handoff before exiting instead
of relying on exit/KeepAlive timing.

Fixes #43311, #43406, #43035, #43049
 2026-03-12 01:16:49 +01:00
Vincent Koc
b6d83749c8 fix(terminal): sanitize skills JSON and fallback on legacy Windows (#43520) 
* Terminal: use ASCII borders on legacy Windows consoles

* Skills: sanitize JSON output for control bytes

* Changelog: credit terminal follow-up fixes

* Update CHANGELOG.md

* Update CHANGELOG.md

Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>

* Skills: strip remaining escape sequences from JSON output

---------

Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
 2026-03-11 19:53:07 -04:00
zhoulf1006
453c8d7c1b fix(hooks): add missing trigger and channelId to agent_end, llm_input, and llm_output hook contexts (#42362) 
Merged via squash.

Prepared head SHA: e6d7b7e31a
Co-authored-by: zhoulf1006 <35586967+zhoulf1006@users.noreply.github.com>
Co-authored-by: hydro13 <6640526+hydro13@users.noreply.github.com>
Reviewed-by: @hydro13
 2026-03-11 23:40:13 +01:00
Gustavo Madeira Santana
d79ca52960 Memory: add multimodal image and audio indexing (#43460) 
Merged via squash.

Prepared head SHA: a994c07190
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-03-11 22:28:34 +00:00
Harold Hunt
20d097ac2f Gateway/Dashboard: surface config validation issues (#42664) 
Merged via squash.

Prepared head SHA: 43f66cdcf0
Co-authored-by: huntharo <5617868+huntharo@users.noreply.github.com>
Co-authored-by: huntharo <5617868+huntharo@users.noreply.github.com>
Reviewed-by: @huntharo
 2026-03-11 17:32:41 -04:00
Peter Steinberger
9c81c31232 chore: refresh dependencies except carbon 2026-03-11 20:10:33 +00:00
Squabble9
128e5bc317 fix: recognize Venice 402 billing errors for model fallback (#43205) 
Merged via squash.

Prepared head SHA: 1f6b10b9d9
Co-authored-by: Squabble9 <194720422+Squabble9@users.noreply.github.com>
Co-authored-by: altaywtf <9790196+altaywtf@users.noreply.github.com>
Reviewed-by: @altaywtf
 2026-03-11 22:15:32 +03:00
Gustavo Madeira Santana
01ffc5db24 memory: normalize Gemini embeddings (#43409) 
Merged via squash.

Prepared head SHA: 70613e0225
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-03-11 15:06:21 -04:00
ingyukoh
2a18cbb110 fix(agents): prevent false billing error replacing valid response text (#40616) 
Merged via squash.

Prepared head SHA: 05179362b4
Co-authored-by: ingyukoh <6015960+ingyukoh@users.noreply.github.com>
Co-authored-by: altaywtf <9790196+altaywtf@users.noreply.github.com>
Reviewed-by: @altaywtf
 2026-03-11 22:00:11 +03:00
ingyukoh
78b9384aa7 fix(discord): add missing autoThread to DiscordGuildChannelConfig type (#35608) 
Merged via squash.

Prepared head SHA: e62b88bb01
Co-authored-by: ingyukoh <6015960+ingyukoh@users.noreply.github.com>
Co-authored-by: altaywtf <9790196+altaywtf@users.noreply.github.com>
Reviewed-by: @altaywtf
 2026-03-11 21:54:49 +03:00
VibhorGautam
4473242b4f fix: use unknown instead of rate_limit as default cooldown reason (#42911) 
Merged via squash.

Prepared head SHA: bebf6704d7
Co-authored-by: VibhorGautam <55019395+VibhorGautam@users.noreply.github.com>
Co-authored-by: altaywtf <9790196+altaywtf@users.noreply.github.com>
Reviewed-by: @altaywtf
 2026-03-11 21:34:14 +03:00
Bill Chirico
60aed95346 feat(memory): add gemini-embedding-2-preview support (#42501) 
Merged via squash.

Prepared head SHA: c57b1f8ba2
Co-authored-by: BillChirico <13951316+BillChirico@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-03-11 14:28:53 -04:00
ademczuk
58634c9c65 fix(agents): check billing errors before context overflow heuristics (#40409) 
Merged via squash.

Prepared head SHA: c88f89c462
Co-authored-by: ademczuk <5212682+ademczuk@users.noreply.github.com>
Co-authored-by: altaywtf <9790196+altaywtf@users.noreply.github.com>
Reviewed-by: @altaywtf
 2026-03-11 21:08:55 +03:00
ingyukoh
f417d78eef fix(config): add missing editMessage and createForumTopic to Telegram actions schema (#35498) 
Merged via squash.

Prepared head SHA: 631fc14832
Co-authored-by: ingyukoh <6015960+ingyukoh@users.noreply.github.com>
Co-authored-by: altaywtf <9790196+altaywtf@users.noreply.github.com>
Reviewed-by: @altaywtf
 2026-03-11 20:59:27 +03:00
ingyukoh
a84bcf734c fix(signal): add missing accountUuid to Zod config schema (#35578) 
Merged via squash.

Prepared head SHA: 39e8e9ad62
Co-authored-by: ingyukoh <6015960+ingyukoh@users.noreply.github.com>
Co-authored-by: altaywtf <9790196+altaywtf@users.noreply.github.com>
Reviewed-by: @altaywtf
 2026-03-11 20:57:07 +03:00
ademczuk
8618a711ff fix(voice-call): add speed and instructions to OpenAI TTS config schema (#39226) 
Merged via squash.

Prepared head SHA: 775e3063b5
Co-authored-by: ademczuk <5212682+ademczuk@users.noreply.github.com>
Co-authored-by: obviyus <22031114+obviyus@users.noreply.github.com>
Reviewed-by: @obviyus
 2026-03-11 23:15:48 +05:30
Ayaan Zaidi
daf8afc954 fix(telegram): clear stale retain before transient final fallback (#41763) 
Merged via squash.

Prepared head SHA: c0940838bc
Co-authored-by: obviyus <22031114+obviyus@users.noreply.github.com>
Co-authored-by: obviyus <22031114+obviyus@users.noreply.github.com>
Reviewed-by: @obviyus
 2026-03-11 21:36:43 +05:30
Peter Steinberger
1435fce2de fix: tighten Ollama onboarding cloud handling (#41529) (thanks @BruceMacD) 2026-03-11 14:52:55 +00:00
Robin Waslander
62d5df28dc fix(agents): add nodes to owner-only tool policy fallbacks 
The nodes tool was missing from OWNER_ONLY_TOOL_NAME_FALLBACKS in
tool-policy.ts. applyOwnerOnlyToolPolicy() correctly removed gateway
and cron for non-owners but kept nodes, which internally issues
privileged gateway calls: node.pair.approve (operator.pairing) and
node.invoke (operator.write).

A non-owner sender could approve pending node pairings and invoke
arbitrary node commands, extending to system.run on paired nodes.

Add nodes to the fallback owner-only set. Non-owners no longer receive
the nodes tool after policy application; owners retain it.

Fixes GHSA-r26r-9hxr-r792
 2026-03-11 14:17:03 +01:00
Robin Waslander
a1520d70ff fix(gateway): propagate real gateway client into plugin subagent runtime 
Plugin subagent dispatch used a hardcoded synthetic client carrying
operator.admin, operator.approvals, and operator.pairing for all
runtime.subagent.* calls. Plugin HTTP routes with auth:"plugin" require
no gateway auth by design, so an unauthenticated external request could
drive admin-only gateway methods (sessions.delete, agent.run) through
the subagent runtime.

Propagate the real gateway client into the plugin runtime request scope
when one is available. Plugin HTTP routes now run inside a scoped
runtime client: auth:"plugin" routes receive a non-admin synthetic
operator.write client; gateway-authenticated routes retain admin-capable
scopes. The security boundary is enforced at the HTTP handler level.

Fixes GHSA-xw77-45gv-p728
 2026-03-11 14:17:01 +01:00
Robin Waslander
dafd61b5c1 fix(gateway): enforce caller-scope subsetting in device.token.rotate 
device.token.rotate accepted attacker-controlled scopes and forwarded
them to rotateDeviceToken without verifying the caller held those
scopes. A pairing-scoped token could rotate up to operator.admin on
any already-paired device whose approvedScopes included admin.

Add a caller-scope subsetting check before rotateDeviceToken: the
requested scopes must be a subset of client.connect.scopes via the
existing roleScopesAllow helper. Reject with missing scope: <scope>
if not.

Also add server.device-token-rotate-authz.test.ts covering both the
priv-esc path and the admin-to-node-invoke chain.

Fixes GHSA-4jpw-hj22-2xmc
 2026-03-11 14:16:59 +01:00
Vincent Koc
04e103d10e fix(terminal): stabilize skills table width across Terminal.app and iTerm (#42849) 
* Terminal: measure grapheme display width

* Tests: cover grapheme terminal width

* Terminal: wrap table cells by grapheme width

* Tests: cover emoji table alignment

* Terminal: refine table wrapping and width handling

* Terminal: stop shrinking CLI tables by one column

* Skills: use Terminal-safe emoji in list output

* Changelog: note terminal skills table fixes

* Skills: normalize emoji presentation across outputs

* Terminal: consume unsupported escape bytes in tables
 2026-03-11 09:13:10 -04:00
Andyliu
10e6e27451 fix(models): guard optional model input capabilities (#42096) 
Merged via squash.

Prepared head SHA: d398fa0222
Co-authored-by: andyliu <2377291+andyliu@users.noreply.github.com>
Co-authored-by: hydro13 <6640526+hydro13@users.noreply.github.com>
Reviewed-by: @hydro13
 2026-03-11 13:43:59 +01:00
Nimrod Gutman
144c1b802b macOS/onboarding: prompt for remote gateway auth tokens (#43100) 
Merged via squash.

Prepared head SHA: 00e2ad847b
Co-authored-by: ngutman <1540134+ngutman@users.noreply.github.com>
Co-authored-by: ngutman <1540134+ngutman@users.noreply.github.com>
Reviewed-by: @ngutman
 2026-03-11 13:53:19 +02:00
Luke
f063e57d4b fix(macos): use foundationValue when serializing browser proxy POST body (#43069) 
Merged via squash.

Prepared head SHA: 04c33fa061
Co-authored-by: ImLukeF <1272861+Effet@users.noreply.github.com>
Co-authored-by: frankekn <4488090+frankekn@users.noreply.github.com>
Reviewed-by: @frankekn
 2026-03-11 19:14:01 +08:00
Nimrod Gutman
2d91284fdb feat(ios): add local beta release flow (#42991) 
Merged via squash.

Prepared head SHA: 82b38fe93b
Co-authored-by: ngutman <1540134+ngutman@users.noreply.github.com>
Co-authored-by: ngutman <1540134+ngutman@users.noreply.github.com>
Reviewed-by: @ngutman
 2026-03-11 12:32:28 +02:00
Frank Yang
665f677265 docs(changelog): update context pruning PR reference 2026-03-11 18:07:37 +08:00
Frank Yang
d68d4362ee fix(context-pruning): cover image-only tool-result pruning 2026-03-11 18:07:37 +08:00
ademczuk
dc4441322f fix(agents): include azure-openai in Responses API store override (#42934) 
Merged via squash.

Prepared head SHA: d3285fef41
Co-authored-by: ademczuk <5212682+ademczuk@users.noreply.github.com>
Co-authored-by: frankekn <4488090+frankekn@users.noreply.github.com>
Reviewed-by: @frankekn
 2026-03-11 16:16:10 +08:00
Ayaan Zaidi
a2e30824e6 fix(telegram): fall back on ambiguous first preview sends 2026-03-11 11:23:10 +05:30
Wayne
e37e1ed24e fix(telegram): prevent duplicate messages with slow LLM providers (#41932) 
Merged via squash.

Prepared head SHA: 2f50c51d5a
Co-authored-by: hougangdev <105773686+hougangdev@users.noreply.github.com>
Co-authored-by: obviyus <22031114+obviyus@users.noreply.github.com>
Reviewed-by: @obviyus
 2026-03-11 11:19:55 +05:30
Luke
7761e7626f Providers: add Opencode Go support (#42313) 
* feat(providers): add opencode-go provider support and onboarding

* Onboard: unify OpenCode auth handling openclaw#42313 thanks @ImLukeF

* Docs: merge OpenCode Zen and Go docs openclaw#42313 thanks @ImLukeF

* Update CHANGELOG.md

---------

Co-authored-by: Ubuntu <ubuntu@vps-90352893.vps.ovh.ca>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
 2026-03-11 01:31:06 -04:00
Luke
061b8258bc macOS: add chat model selector and persist thinking (#42314) 
* feat(macos): add chat model selector and thinking persistence UX

* Chat UI: carry session model providers

* Docs: add macOS model selector changelog

* macOS: persist extended thinking levels

* Chat UI: keep model picker state in sync

* Chat UI tests: cover model selection races

---------

Co-authored-by: Ubuntu <ubuntu@vps-90352893.vps.ovh.ca>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
 2026-03-11 00:43:04 -04:00
Peter Steinberger
c91d1622d5 fix(gateway): split conversation reset from admin reset 2026-03-11 02:50:44 +00:00