Commit Graph

63049 Commits

Author SHA1 Message Date
Vincent Koc
18e33d44d4 test(i18n): use shared temp directory helper 2026-07-01 06:16:30 -07:00
Vincent Koc
b881a978fb fix(ci): refresh native locales for glossary changes 2026-07-01 06:16:30 -07:00
Vincent Koc
51f5164bf4 fix(i18n): preserve native printf placeholders 2026-07-01 06:16:30 -07:00
Vincent Koc
70ef7ee2c8 fix(i18n): name Swedish in translation prompts 2026-07-01 06:16:30 -07:00
Vincent Koc
8bc40fc8de fix(i18n): validate native refresh inputs 2026-07-01 06:16:30 -07:00
Vincent Koc
a0ab8a7475 fix(i18n): allow locale placeholder reordering 2026-07-01 06:16:30 -07:00
Vincent Koc
3029006364 test(ci): guard native locale refresh retries 2026-07-01 06:16:30 -07:00
Vincent Koc
096cc881c0 test(i18n): prove native refresh creation and no-op 2026-07-01 06:16:30 -07:00
Vincent Koc
40e0b3a597 fix(i18n): guard native refresh inputs 2026-07-01 06:16:30 -07:00
Vincent Koc
4fe3d46ae7 fix(i18n): cover all native source roots 2026-07-01 06:16:30 -07:00
Vincent Koc
281e164069 fix(i18n): validate Kotlin and Swift placeholders 2026-07-01 06:16:30 -07:00
Vincent Koc
90c46f48b6 fix(ci): restrict native locale refresh dispatch 2026-07-01 06:16:30 -07:00
Vincent Koc
a7d5fe6343 fix(i18n): validate native translation structure 2026-07-01 06:16:30 -07:00
Vincent Koc
ae272d2284 docs(i18n): clarify native artifact ownership 2026-07-01 06:16:30 -07:00
Vincent Koc
10d463d5ad fix(ci): commit first native locale artifacts 2026-07-01 06:16:30 -07:00
Vincent Koc
f588a49a36 feat(i18n): refresh every native locale 2026-07-01 06:16:30 -07:00
Vincent Koc
8d18dacaa9 feat(i18n): refresh native locale artifacts 2026-07-01 06:16:30 -07:00
amittell
7b5d86e89a fix(subagent): preserve steered task text on restart redispatch
Squashed from PR #77539 after maintainer CI repair.
2026-07-01 06:14:00 -07:00
Peter Steinberger
e7c689f410 fix: restore tooling CI after transcript test addition (#98610)
* test: update transcript helper routing expectation

* test: update transcript helper routing expectation

---------

Co-authored-by: Peter Steinberger <58493+steipete@users.noreply.github.com>
2026-07-01 14:04:00 +01:00
Vincent Koc
5e4d71686a fix(apple): preserve localized static labels 2026-07-01 05:19:12 -07:00
Vincent Koc
d3e6d1fd6c fix(macos): compile packaged localizations 2026-07-01 05:19:12 -07:00
Vincent Koc
be381c27a1 fix(macos): package localized app resources 2026-07-01 05:19:12 -07:00
Vincent Koc
a53b6823c6 test(apple): enforce phased catalog coverage 2026-07-01 05:19:12 -07:00
Vincent Koc
fe18aa38db feat(apple): complete core locale coverage 2026-07-01 05:19:12 -07:00
Vincent Koc
301d0d5551 style(apple): format localized share extension 2026-07-01 05:19:12 -07:00
Vincent Koc
9cfbd1b65c feat(apple): localize native app surfaces 2026-07-01 05:19:12 -07:00
Vincent Koc
02046b665f feat(apple): add Russian and Hindi app catalogs 2026-07-01 05:19:12 -07:00
Sanjay Santhanam
4dcd95d1bc fix(cli): show exit code when plugin npm install returns empty output (#98497)
* fix(cli): show exit code when npm install returns empty output

installPackageDir previously produced 'npm install failed:' with an empty
suffix when npm exited non-zero without writing to stdout or stderr. Users
running 'openclaw plugins install @openclaw/acpx' saw only that empty line
followed by the misleading hook-pack fallback error, leaving nothing
actionable in the output.

Add a small helper that keeps npm's own output when it exists but falls
back to reporting the exit code, signal, and termination reason when both
streams are empty. Regression tests cover the empty-output exit case and
the signal-terminated case; the existing stderr surfacing test still
passes unchanged.

Refs #98484

* fix(cli): narrow npm install failure diagnostics

---------

Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-07-01 05:04:27 -07:00
wangmiao0668000666
94cb14b97e fix(transcripts): close stream on parse failure 2026-07-01 04:52:13 -07:00
Sahibzada
90e31be388 fix(memory-core): skip qmd zero-hit search sync 2026-07-01 04:50:59 -07:00
lsr911
badbae77df fix(slack): guard relay frame parsing
* fix(slack): guard relay WebSocket frame JSON.parse against malformed input

Slack Socket Mode relay receives WebSocket frames from external
infrastructure. parseRelayFrame() used bare JSON.parse() which would
throw raw SyntaxError on malformed frames, potentially crashing the
relay connection.

Wrap JSON.parse in try/catch and throw SlackRelayMalformedFrameError
with the original SyntaxError as cause, so callers can distinguish
transport errors from parse errors.

D4 dimension — all competitors have zero coverage.

Signed-off-by: lsr911 <liao.shirong@xydigit.com>

* fix(slack): repair relay frame guard tests

---------

Signed-off-by: lsr911 <liao.shirong@xydigit.com>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-07-01 04:50:08 -07:00
Peter Steinberger
60d55a1725 fix: restore main lint after timer repairs
Preserve the Tailscale timeout cleanup from #98134 and the Feishu TDZ fix from #98137 while satisfying the repository lint rules.

Credit: @zhangLei99586 authored both underlying fixes.

Co-authored-by: Peter Steinberger <58493+steipete@users.noreply.github.com>
Co-authored-by: zhangLei99586 <zhang.lei162@xydigit.com>
2026-07-01 04:43:24 -07:00
lizeyu
1b0b8c294a fix(reload): cancel deferred channel reload on restart
Fixes #79487
2026-07-01 04:35:16 -07:00
Moeed Ahmed
c99add65a2 fix(reply): honor suppressToolErrors for progress
5.22 already drops the tool-error WARNING text via payloads.ts, but the
error tool-result payload was still delivered as channel progress unless
sourceReplyDeliveryMode was message_tool_only. Operators who opt into
messages.suppressToolErrors expect no tool-error noise in chat at all.
Add a config-gated early-return in the onToolResult dispatch path so the
visible progress delivery is dropped too, matching the warning-text policy.
No-op unless messages.suppressToolErrors is true. Folds the mac-mini deploy
hotfix into the tracked branch.

(cherry picked from commit a973410e6d3ddbbaa4c3fb308ad4247274a9633a)

Co-authored-by: amittell <mittell@me.com>
2026-07-01 04:15:23 -07:00
VectorPeak
1cf6ff3bdc fix(browser): decode CDP URL credentials 2026-07-01 04:14:20 -07:00
Wynne668
06b841fa58 fix(sms): strip internal tool traces from replies 2026-07-01 04:12:55 -07:00
zhangLei99586
3241936526 fix: clear Tailscale probe timeout
The checkBinary helper used Promise.race with a setTimeout-based timeout
but never cleared the timer when runExec completed first. Wrap the race
in a try/finally that clears the timer handle to avoid a dangling timer.
2026-07-01 04:08:39 -07:00
zhangLei99586
8b14321c11 fix(feishu): hoist abortable delay timer binding
The finish() closure referenced timer which was declared with const after
finish was defined. If finish(false) ran via the abort signal check at
line 99 or via the abort event listener before the const timer assignment,
accessing timer in the temporal dead zone would throw a ReferenceError.

Hoist timer as a let binding above finish so it is safely undefined when
finish fires early, and the  guard in finish handles it.
2026-07-01 04:06:33 -07:00
Alix-007
76038c3a62 fix(matrix): bound raw transport response reads
* fix(matrix): bound raw transport response reads to prevent OOM

* test(matrix): add real node:http server proof for bound transport

Two new integration-style tests drive performMatrixRequest against a real
node:http server (no stubRuntimeFetch mock) using real undici + SSRF
dispatcher and ssrfPolicy.allowPrivateNetwork:

- over-cap: server declares Content-Length > MATRIX_SDK_RESPONSE_MAX_BYTES
  with maxBytes omitted → rejects MatrixMediaSizeLimitError (68 ms wall)
- under-cap: server returns small payload with maxBytes omitted → Buffer
  returned correctly (12 ms wall)

Addresses ClawSweeper feedback: previous proof showed only Vitest mock
output; these tests exercise the real Matrix runtime fetch path end-to-end.

* test(matrix): satisfy lint for transport proof

* fix(matrix): preserve encrypted media download limits

* test(matrix): add streaming OOM guard proof via real node:http server without Content-Length

Drive readResponseWithLimit directly by omitting Content-Length so that
enforceDeclaredResponseSize is a no-op and the streaming byte cap is the
sole enforcement path. A 20 MiB chunked server response with a 16 MiB
cap confirms the stream is canceled before full buffering (chunksWritten
< TOTAL_CHUNKS). A second case verifies under-cap payloads pass through.

* test(matrix): fix lint errors in real HTTP server proof (curly)

* test(matrix): add under-cap proof to real HTTP server test
2026-07-01 04:02:13 -07:00
Yuval Dinodia
acb0e8e88d fix(irc): classify host-less nick!user allowlist entries as mutable
An IRC sender mask is nick!user@host where only host is server verified;
nick and user (ident) are client supplied and spoofable. The allowlist
identity classifier treated any entry containing "!" or "@" as a verified
stable identity, so a host-less nick!user entry was classified stable and
matched by the host-less nick!user subject candidate. With
dangerouslyAllowNameMatching at its secure default (off), the mutable
identifier policy only strips entries owned by a dangerous field, so the
host-less entry was never stripped and a remote sender presenting the same
nick and ident was admitted regardless of host.

Require a verified @host component before an entry or subject is classified
stable. Host-less nick and host-less nick!user are now both routed to a
dangerous (mutable) field so they are gated by the same name-matching policy.
The doctor mutable-allowlist detector now also flags host-less nick!user
entries so operators who typed that undocumented shape get a warning. The
documented full nick!user@host mask stays stable and unaffected.
2026-07-01 04:01:05 -07:00
wm0018
dcc2db1825 feat(node): add gateway context path support 2026-07-01 03:58:47 -07:00
An Dang
98254634f1 fix(docker): reduce local build memory pressure 2026-07-01 03:58:21 -07:00
lizeyu
daffe593aa fix(embedded-agent): classify Cloudflare challenge HTML as upstream failure
* fix: #94432 classify Cloudflare challenge 403 as upstream_html instead of auth_html

* chore: trigger CI re-run for Real behavior proof validation

* fix: align Cloudflare challenge detector with shared challenge markers

Extend CLOUDFLARE_CHALLENGE_RE to also match cdn-cgi/challenge-platform
and challenge-error-text — patterns already recognized by the shared
STANDALONE_HTML_ERROR_HINT_RE in assistant-error-format.ts.

Add regression tests for both new marker variants to ensure coverage.

* fix(embedded-agent): suppress raw Cloudflare HTML in console after upstream_html reclassification

- Add upstream_html to RAW_ERROR_CONSOLE_SUPPRESSED_FAILURE_KINDS so
  Cloudflare challenge 403 pages classified as upstream_html do not
  leak raw HTML into lifecycle/failover console rawError= diagnostics
- Add regression test verifying upstream_html suppression in
  failover observation console messages

Re: #94432

---------

Co-authored-by: lzyyzznl <lzyyzznl@users.noreply.github.com>
Co-authored-by: lizeyu-xydt <lizeyu@xydigit.com>
2026-07-01 03:58:09 -07:00
Wynne668
2af2eb2dfb fix(message-tool): apply responsePrefix to outbound sends
* fix(message-tool): apply messages.responsePrefix to outbound sends

* fix(message-tool): interpolate responsePrefix templates on sends and skip unresolved model tokens
2026-07-01 03:57:30 -07:00
xingzhou
36e7f214db fix(sessions): preserve lineage metadata in JSON 2026-07-01 03:54:57 -07:00
Eldar Shlomi
5d52b5be38 fix(agents): skip implicit discovery in models replace mode
* fix(agents): skip implicit provider discovery when models.mode is 'replace' [AI-assisted]

resolveProvidersForModelsJsonWithDeps unconditionally awaited the implicit
provider resolver before honoring models.mode. With mode: 'replace' the user
opts out of discovery, so add a 3-line early-return guard that returns only the
explicit providers — eliminating the (slow) discovery pass for replace-mode.

Closes #66957.
AI-assisted contribution.

* chore: re-trigger CI (transient checkout/flaky core-check failures + cancelled gates; no code change)
2026-07-01 03:54:26 -07:00
VectorPeak
fbceb309e7 fix(media): normalize Windows inbound paths case-insensitively
* fix Windows inbound media path casing

* test: cover Windows inbound path casing

* test(plugin-sdk): cover media runtime inbound path casing
2026-07-01 03:53:54 -07:00
Vincent Koc
9c130388a3 fix(android): validate resource apostrophe syntax 2026-07-01 03:43:03 -07:00
Vincent Koc
03d3f49c3d fix(android): preserve Swedish app name 2026-07-01 03:43:03 -07:00
Vincent Koc
5e786ac27a test(android): enforce localized resource coverage 2026-07-01 03:43:03 -07:00