Commit Graph

23487 Commits

Author SHA1 Message Date
Peter Steinberger
165d62b15f fix(infra): tolerate concurrent tmp dir repair 2026-04-30 15:45:57 +01:00
Peter Steinberger
c5bc4b6892 fix: repair telegram transcript echo routing 2026-04-30 15:39:33 +01:00
Peter Steinberger
8291537710 fix(auto-reply): preserve visible fallback for requested modes 2026-04-30 15:26:55 +01:00
Peter Steinberger
ac599c9e53 fix: retain local memory runtime deps 2026-04-30 15:22:26 +01:00
Peter Steinberger
4e168de6d9 fix: avoid provider policy runtime deps 2026-04-30 15:13:35 +01:00
Peter Steinberger
98b96182f8 test(gateway): cover web fetch startup bind 2026-04-30 14:59:30 +01:00
Peter Steinberger
2a54427aba fix(plugins): keep runtime deps manifest complete
Co-authored-by: HCL <chenglunhu@gmail.com>
2026-04-30 14:55:40 +01:00
Peter Steinberger
82ca6ecdde fix(auto-reply): surface private group replies 2026-04-30 14:54:34 +01:00
Peter Steinberger
afb17eade9 fix(secrets): skip optional web fetch discovery before bind 2026-04-30 14:45:55 +01:00
Peter Steinberger
3766bbb674 fix(models): restore codex mini oauth route 2026-04-30 14:43:39 +01:00
Peter Steinberger
0f120c09ba fix(agents): bound subagent orphan recovery 2026-04-30 14:43:18 +01:00
Alex Knight
4aa08e9d79 fix(security): stop implicit tool grants from config sections (#47487) (#75055)
* fix(security): stop implicit tool grants from config sections (#47487)

Configured tool sections (tools.exec, tools.fs) no longer implicitly
widen restrictive profiles (messaging, minimal). Previously, having a
tools.exec section anywhere in config — even just safety settings like
security: "allowlist" — would automatically add exec and process to the
profile's allowed tools, defeating the purpose of the restrictive
profile.

The same pattern existed in tool-fs-policy.ts where tools.fs presence
would add read/write/edit to the profile allowlist for root expansion.

Changes:
- pi-tools.policy.ts: Stop merging implicit grants into profileAlsoAllow.
  Renamed resolveImplicitProfileAlsoAllow → detectImplicitProfileGrants
  and use it only for a startup warning that tells users to add explicit
  alsoAllow entries.
- tool-fs-policy.ts: Remove the implicit read/write/edit grant from
  resolveEffectiveToolFsRootExpansionAllowed when tools.fs is present.
  Root expansion now requires actual read access via profile or alsoAllow.
- Updated 4 existing tests and added 3 new regression tests.

Migration: users who relied on tools.exec or tools.fs implicitly granting
access under a restrictive profile should add explicit alsoAllow entries:

  tools:
    profile: "messaging"
    alsoAllow: ["exec", "process"]  # was implicit, now required
    exec: { security: "allowlist" }

Fixes #47487

* fix: address tool policy review feedback
2026-04-30 22:19:26 +10:00
Radek Sienkiewicz
52e2d4e16a fix(cli): avoid progress spinners in active TUI input (#75003)
Merged via squash.

Prepared head SHA: 129e23e716
Co-authored-by: velvet-shark <126378+velvet-shark@users.noreply.github.com>
Co-authored-by: velvet-shark <126378+velvet-shark@users.noreply.github.com>
Reviewed-by: @velvet-shark
2026-04-30 12:31:05 +02:00
clawsweeper[bot]
099037cca6 fix(channels): align Yuanbao catalog id
Co-authored-by: openclaw-clawsweeper[bot] <280122609+openclaw-clawsweeper[bot]@users.noreply.github.com>
2026-04-30 02:50:35 -07:00
Vincent Koc
d50ad19e4b test(gateway): avoid post-close auth rotation rpc 2026-04-30 01:50:39 -07:00
clawsweeper[bot]
9061d1e4c3 fix(agents): preserve string user content when merging turns
Co-authored-by: openclaw-clawsweeper[bot] <280122609+openclaw-clawsweeper[bot]@users.noreply.github.com>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-04-30 01:27:57 -07:00
clawsweeper[bot]
e20147a1b6 fix: warning text cli correctness issue (#74964)
Co-authored-by: openclaw-clawsweeper[bot] <280122609+openclaw-clawsweeper[bot]@users.noreply.github.com>
2026-04-30 01:26:01 -07:00
clawsweeper[bot]
53dff569b8 fix: bounded directory scan actionable regression (#74942)
* fix: bounded directory scan actionable regression

* fix: current main remaining regression

* fix(skills): compose workspace scan caps

---------

Co-authored-by: openclaw-clawsweeper[bot] <280122609+openclaw-clawsweeper[bot]@users.noreply.github.com>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-04-30 00:54:02 -07:00
ethanclaw
dc0c54c7f1 fix(cron): warn when --agent is not specified on cron add (#42245)
* fix(cron): warn when --agent is not specified on cron add

Warn users when creating a cron job without specifying the --agent flag,
so they know the job will run with the default agent (main).

Fixes #42196

* fix(cron): warn when cron add omits --agent

* fix(cron): name default agent in warning

---------

Co-authored-by: openclaw-clownfish[bot] <280122609+openclaw-clownfish[bot]@users.noreply.github.com>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-04-30 00:45:41 -07:00
JC
83753535eb fix(pdf): resolve standard fonts from pdfjs package root (#70936)
* fix(pdf): resolve standard fonts from pdfjs package root

Resolve PDF.js standard fonts via pdfjs-dist/package.json instead of a
relative ../../node_modules path so the fallback renderer does not depend
on emitted dist chunk layout.

Add focused regression coverage that asserts the forwarded
standardFontDataUrl matches the installed pdfjs-dist package root and
exists on disk.

* fix(pdf): resolve pdfjs standard fonts from package root

* fix(pdf): use PDF.js font URL separator

---------

Co-authored-by: Dr JCai <jingxiao.cai@gmail.com>
Co-authored-by: vincentkoc <25068+vincentkoc@users.noreply.github.com>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-04-30 00:38:48 -07:00
Val Alexander
13e917e292 fix: derive dynamic context-window guard thresholds
Derive context-window guard thresholds from the effective model window, keeping 10% hard-min and 20% warning ratios with 4k/8k floors.

Stop the embedded runner from forcing old fixed guard overrides so runtime admission uses the dynamic resolver.

Validation:
- CI run 25151866833 passed, including build-artifacts and checks-node-channels.
- Parity gate 25151866868 passed.
- Testbox pnpm test:channels passed: 54 files / 433 tests.

Fixes #42999.

Prepared head SHA: 9c80383639
2026-04-30 02:33:43 -05:00
clawsweeper[bot]
554b32feea fix: change disables bundled dependency repair when plugins.enabled: false, but the same fall... (#74916)
Co-authored-by: openclaw-clawsweeper[bot] <280122609+openclaw-clawsweeper[bot]@users.noreply.github.com>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-04-30 00:13:52 -07:00
clawsweeper[bot]
402b826ba2 fix: existing doctor-contract Windows loader test still expects Jiti to be called for contrac... (#74923)
Co-authored-by: openclaw-clawsweeper[bot] <280122609+openclaw-clawsweeper[bot]@users.noreply.github.com>
2026-04-30 00:13:42 -07:00
Vincent Koc
7c5bf1c675 fix(security): remediate CodeQL alerts 2026-04-30 00:12:50 -07:00
Vincent Koc
a093b5b2de fix(skills): bound grouped skill directory scans 2026-04-30 00:03:19 -07:00
Vincent Koc
02597caa8b chore(ci): add agent CodeQL PR quality guard
Promotes the existing agent-runtime quality shard to PR/manual selection and documents the expanded twelve-shard PR quality set.
2026-04-30 00:01:12 -07:00
Otto Deng
8ca1f6d590 fix(skills): scan grouped skill directories
* fix(skills): scan nested subdirectories for grouped skill layouts

Previously, skill discovery only checked immediate children of the
skills root for SKILL.md files. Skills organized in subdirectories
(e.g. ~/.openclaw/skills/coze/koze-retrieval/SKILL.md) were silently
ignored.

Now, when an immediate child directory does not contain a SKILL.md,
its own children are checked one level deeper. This supports grouped
skill layouts while keeping the scan depth bounded (max 2 levels) to
avoid unbounded filesystem traversal.

The existing per-source skill count limits and containment checks
still apply to nested discoveries.

Fixes #56915

* test(skills): cover nested grouped skill discovery

* fix(skills): cache contained-path checks and cap nested scans

- Reuse skillDirRealPath captured during the collection phase so the load
  loop no longer re-runs resolveContainedSkillPath on the same directory.
- Apply the per-root candidate cap (and the matching warning log) when
  descending into nested grouped skill directories, matching the outer
  scan's behavior.

Addresses Greptile P2 feedback on PR #72534.

* fix(skills): load grouped skill directories under skills roots

* fix(clownfish): address review for ghcrawl-156697-autonomous-smoke (1)

---------

Co-authored-by: Otto Deng <otto@ottodeng.com>
Co-authored-by: vincentkoc <25068+vincentkoc@users.noreply.github.com>
Co-authored-by: Otto Deng <ottodeng2@github.local>
2026-04-29 23:56:19 -07:00
Vincent Koc
d18fdecd53 test(channels): align module loader jiti fixture 2026-04-29 23:46:39 -07:00
NianJiu
43ca7399e5 Fix CLI text command hangs (#74220)
* fix(cli): keep agents list off plugin preload

* docs(changelog): note cli text hang fix

* test(cli): update preaction agents list expectations
2026-04-30 06:36:24 +00:00
Galin Iliev
c4a4c189f1 fix: enable native require fast path on Windows for bundled plugins (#74173)
Removes the win32 exclusion from supportsNativeJitiRuntime() and adds { allowWindows: true } to all tryNativeRequireJavaScriptModule call sites, so bundled plugin modules use native require() instead of Jiti on Windows. Also adds an attempted-load counter to the debug timing log and a changelog entry.

Fixes #68656

Co-authored-by: Galin Iliev <galiniliev@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-29 23:32:20 -07:00
clawsweeper[bot]
6dbaa0a278 fix(plugins): keep disabled plugin runtime deps off
Co-authored-by: openclaw-clawsweeper[bot] <280122609+openclaw-clawsweeper[bot]@users.noreply.github.com>
2026-04-29 23:15:47 -07:00
clawsweeper[bot]
3c9437ae54 fix: configs that used the previously documented WhatsApp exposeErrorText key now fail valida... (#74667)
* fix: configs that used the previously documented WhatsApp exposeErrorText key now fail valida...

* fix(clawsweeper): address review for clawsweeper-commit-openclaw-openclaw-4cba08df01ea (1)

---------

Co-authored-by: openclaw-clawsweeper[bot] <280122609+openclaw-clawsweeper[bot]@users.noreply.github.com>
2026-04-29 22:34:59 -07:00
clawsweeper[bot]
1ff1fbe682 fix(plugins): honor runtime deps fallback install option
Co-authored-by: openclaw-clawsweeper[bot] <280122609+openclaw-clawsweeper[bot]@users.noreply.github.com>
2026-04-29 22:28:15 -07:00
clawsweeper[bot]
b876ecdb84 fix(plugins): select runtime deps by configured models
Co-authored-by: openclaw-clawsweeper[bot] <280122609+openclaw-clawsweeper[bot]@users.noreply.github.com>
2026-04-29 22:27:54 -07:00
clawsweeper[bot]
0459206c40 fix(gateway): preserve rpc abort terminal snapshots
Co-authored-by: openclaw-clawsweeper[bot] <280122609+openclaw-clawsweeper[bot]@users.noreply.github.com>
2026-04-29 22:27:44 -07:00
clawsweeper[bot]
59e7053464 fix(plugins): prefer require export conditions
* fix: fixed condition order prefers a top-level require export before a node condition, which...

* fix(clawsweeper): address review for clawsweeper-commit-openclaw-openclaw-6877360218c9 (1)

---------

Co-authored-by: openclaw-clawsweeper[bot] <280122609+openclaw-clawsweeper[bot]@users.noreply.github.com>
2026-04-29 22:25:48 -07:00
openclaw-clownfish[bot]
3af4575a84 fix(media): treat legacy Word docs as binary attachments
Co-authored-by: openclaw-clownfish[bot] <280122609+openclaw-clownfish[bot]@users.noreply.github.com>
2026-04-29 22:07:21 -07:00
clawsweeper[bot]
ccb43f95cb fix(channels): suppress observe-only prepared dispatch
Co-authored-by: openclaw-clawsweeper[bot] <280122609+openclaw-clawsweeper[bot]@users.noreply.github.com>
2026-04-29 22:05:28 -07:00
clawsweeper[bot]
6689e414bb fix(gateway): avoid caching empty model catalogs
Co-authored-by: openclaw-clawsweeper[bot] <280122609+openclaw-clawsweeper[bot]@users.noreply.github.com>
2026-04-29 21:53:25 -07:00
clawsweeper[bot]
54bebc5f5e fix(commands): require gateway memory probe skipped state
Co-authored-by: openclaw-clawsweeper[bot] <280122609+openclaw-clawsweeper[bot]@users.noreply.github.com>
2026-04-29 21:52:07 -07:00
拐爷&&老拐瘦
3224075edc fix: reject invalid cron edits on disabled jobs (#74720)
* fix(cron): reject invalid disabled schedule updates

* docs: add cron validation changelog entry

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-04-30 04:33:43 +00:00
hcl
2de6ad4544 fix(exec): preserve turnSourceChannel as messageProvider in approval followup runs (#74666)
When an exec-approval followup run has no deliverable route and no
gateway-internal channel, buildAgentFollowupArgs was passing channel=undefined
to the spawned agent. This left defaults.messageProvider=undefined in the
followup run, causing tools.elevated.allowFrom.<provider> checks to always
fail with provider=null after the user approved an async elevated command.

Thread turnSourceChannel through buildAgentFollowupArgs and use it as a
fallback when sessionOnlyOriginChannel is absent. Fixes #74646.

Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-30 04:25:16 +00:00
hcl
5716428adc fix(acp): fall through to thread-bound resolution when token is unresolvable (#66299) (#74641)
* fix(acp): fall through to thread-bound resolution when token is unresolvable (#66299)

resolveAcpTargetSessionKey returned an error immediately when an explicit
session token was supplied but could not be resolved as a key/id/label.
This blocked the thread-bound and requester-session fallback paths from
ever being reached.

Discord slash commands auto-fill the current thread ID as a positional
ACP target. That value is not a session identifier, so the gateway lookup
returns null, and the command returned 'Unable to resolve session target'
instead of falling through to the thread-bound session that was already
known via the binding context.

Fix: when the token lookup returns null, skip the early-exit error and
fall through to thread-bound → requester-session → error in the normal
way. The 'Missing session key' error still surfaces when neither fallback
produces a binding.

Adds a focused regression test: unresolvable token + bound thread session
→ steer command reaches the thread-bound session, not an error.

Fixes #66299

* fix(changelog): add Thanks @martingarramon attribution for #66299

Per clawsweeper P2 review — every new CHANGELOG entry must credit
at least one author. martingarramon authored the issue analysis and
explicitly invited the PR.

* fix(acp): preserve bad-token diagnostics after thread fallback

---------

Co-authored-by: clawsweeper-repair <clawsweeper-repair@users.noreply.github.com>
2026-04-30 04:24:21 +00:00
Peter Steinberger
e648f38efc fix: stabilize Parallels update restart checks 2026-04-30 05:22:04 +01:00
Peter Steinberger
d5e4ec9ea8 fix: accept extensionless runtime dependency mains 2026-04-30 05:22:04 +01:00
Peter Steinberger
c976cf6ebd chore: refresh a2ui bundle hash 2026-04-30 05:22:04 +01:00
Shubhankar Tripathy
0142c79123 config: accept browser.tabCleanup keys in zod schema (#74577) (#74638)
* config: accept browser.tabCleanup keys in zod schema (#74577)

* docs: update config baseline hash

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-04-30 04:21:09 +00:00
HCL
96482b3e62 test(doctor): add skipped: false to gateway error and timeout test assertions 2026-04-30 05:10:32 +01:00
HCL
549624ffb2 fix(doctor): add skipped discriminator to distinguish probe skip from gateway timeout
Previously both a planned probe skip (probe:false path) and a transport timeout
returned checked:false, so the renderer's !checked early return would silently
suppress diagnostics for key-optional providers even when the gateway had timed out.

- Add `skipped?: boolean` to GatewayMemoryProbe: true for gateway-confirmed skip,
  false for timeout/unavailable paths
- Renderer now guards on `probe.skipped` instead of `!probe.checked`, so timeouts
  fall through to the existing warning path
- Update doctor-memory-search inline type and buildGatewayProbeWarning signature
- Update skipped-probe tests to pass { skipped: true }; add regression test for
  key-optional timeout (lmstudio gateway timeout now warns)

Addresses clawsweeper P2: src/commands/doctor-memory-search.ts:416
2026-04-30 05:10:32 +01:00
HCL
34d62b0650 fix(doctor): propagate gateway skipped-probe flag through adapter
clawsweeper P1: probeGatewayMemoryStatus always returned checked: true
on successful RPC, silently discarding payload.embedding.checked === false
from the SKIPPED_MEMORY_EMBEDDING_PROBE gateway response. The renderer
guard in noteMemorySearchHealth (added in prior commit) never saw checked:
false in real execution — only on timeout paths.

Fix: propagate checked flag from payload.embedding.checked so a skipped
gateway probe surfaces as checked: false to the renderer, allowing the
key-optional provider guard to suppress the false-positive warning.

Add adapter-level regression test that verifies the skipped payload shape
from doctor.memory.status reaches GatewayMemoryProbe as checked: false.
2026-04-30 05:10:32 +01:00