vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-06 09:20:43 +00:00
Code Issues Packages Projects Releases Wiki Activity
38,817 Commits 1,843 Branches 149 Tags
1a2228d291514c744ebb2dbba1f2b0e3f50d4ddc
Commit Graph

38817 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Peter Steinberger
1a2228d291 fix: align tool-result guard budget 2026-04-30 16:36:55 +01:00
NVIDIAN
797d574dfd fix(deepseek): expose V4 max thinking levels (#73008) 
Merged via squash.

Prepared head SHA: ef561a59de
Co-authored-by: ai-hpc <183861985+ai-hpc@users.noreply.github.com>
Co-authored-by: hxy91819 <8814856+hxy91819@users.noreply.github.com>
Reviewed-by: @hxy91819
 2026-04-30 23:34:05 +08:00
konanok
0eb8f34000 refactor(usage): add precise token buckets for Usage Mosaic (#74337) 
Merged via squash.

Prepared head SHA: 15185354c4
Co-authored-by: konanok <30515586+konanok@users.noreply.github.com>
Co-authored-by: hxy91819 <8814856+hxy91819@users.noreply.github.com>
Reviewed-by: @hxy91819
 2026-04-30 23:32:34 +08:00
Peter Steinberger
9289a502bb fix(gateway): stop systemd EADDRINUSE restart loops 2026-04-30 16:30:56 +01:00
Peter Steinberger
de1ac12f1c fix: keep telegram polling timeout above long poll 2026-04-30 16:11:42 +01:00
Vincent Koc
d6e568ec95 docs(changelog): backfill b85147ff76 mid-turn compaction precheck 2026-04-30 08:07:57 -07:00
Peter Steinberger
32d429e647 test(signal): cover inbound prompt body contract 2026-04-30 16:06:37 +01:00
marchpure
b85147ff76 feat(agents): add mid-turn compaction precheck (#73499) 
Co-authored-by: haoxingjun <haoxingjun@bytedance.com>
 2026-04-30 23:05:31 +08:00
Peter Steinberger
b743506549 fix: reduce runtime mirror and signal group regressions 2026-04-30 15:59:03 +01:00
Peter Steinberger
29a35f04a9 fix(browser): use source config for proxy decisions 2026-04-30 15:56:49 +01:00
Peter Steinberger
eb8e892df9 fix(plugins): harden runtime mirrors 2026-04-30 15:56:08 +01:00
Peter Steinberger
a3228977fb test(signal): cover group mention gating defaults 2026-04-30 15:53:09 +01:00
Peter Steinberger
b40c679630 fix(signal): match group allowlists against group ids 2026-04-30 15:49:44 +01:00
Peter Steinberger
65c94df872 test(infra): cover fallback tmp chmod race 2026-04-30 15:45:58 +01:00
Peter Steinberger
165d62b15f fix(infra): tolerate concurrent tmp dir repair 2026-04-30 15:45:57 +01:00
Peter Steinberger
11a56db5c1 docs(changelog): credit refresh guard contributors 2026-04-30 15:45:45 +01:00
Peter Steinberger
c5bc4b6892 fix: repair telegram transcript echo routing 2026-04-30 15:39:33 +01:00
Peter Steinberger
cf772079c6 fix(browser): share control runtime state 2026-04-30 15:35:42 +01:00
Peter Steinberger
44ad65f02b fix(signal): harden signal-cli installer downloads 2026-04-30 15:34:37 +01:00
Peter Steinberger
8291537710 fix(auto-reply): preserve visible fallback for requested modes 2026-04-30 15:26:55 +01:00
Peter Steinberger
ac599c9e53 fix: retain local memory runtime deps 2026-04-30 15:22:26 +01:00
Peter Steinberger
9d037d2f5a docs(changelog): note Signal regression fixes 2026-04-30 15:14:26 +01:00
Peter Steinberger
3b0ed18b86 fix(signal): handle attachment and SSE regressions 2026-04-30 15:14:26 +01:00
Peter Steinberger
4e168de6d9 fix: avoid provider policy runtime deps 2026-04-30 15:13:35 +01:00
Peter Steinberger
98b96182f8 test(gateway): cover web fetch startup bind 2026-04-30 14:59:30 +01:00
Peter Steinberger
2a54427aba fix(plugins): keep runtime deps manifest complete 
Co-authored-by: HCL <chenglunhu@gmail.com>
 2026-04-30 14:55:40 +01:00
Peter Steinberger
82ca6ecdde fix(auto-reply): surface private group replies 2026-04-30 14:54:34 +01:00
Peter Steinberger
8b665e0d70 fix(slack): gate bot room relays on owner presence 2026-04-30 14:46:31 +01:00
Peter Steinberger
afb17eade9 fix(secrets): skip optional web fetch discovery before bind 2026-04-30 14:45:55 +01:00
Peter Steinberger
3766bbb674 fix(models): restore codex mini oauth route 2026-04-30 14:43:39 +01:00
Peter Steinberger
0f120c09ba fix(agents): bound subagent orphan recovery 2026-04-30 14:43:18 +01:00
Vincent Koc
f3145f6db8 fix(telegram): remove unused draft stream helper 2026-04-30 06:19:08 -07:00
Vincent Koc
ad7fa6c387 docs(tools): note explicit alsoAllow needed under restrictive profiles (4aa08e9d79) 2026-04-30 05:38:28 -07:00
Ayaan Zaidi
823f13c6e4 fix: remove Telegram native draft previews (#75073) 2026-04-30 18:07:57 +05:30
Ayaan Zaidi
565f4314fe docs(telegram): remove native draft fallback note 2026-04-30 18:07:57 +05:30
Ayaan Zaidi
c9d9067931 test(telegram): cover message-only previews 2026-04-30 18:07:57 +05:30
Ayaan Zaidi
2a4dd89253 fix(telegram): remove native draft preview transport 2026-04-30 18:07:57 +05:30
Alex Knight
4aa08e9d79 fix(security): stop implicit tool grants from config sections (#47487) (#75055) 
* fix(security): stop implicit tool grants from config sections (#47487)

Configured tool sections (tools.exec, tools.fs) no longer implicitly
widen restrictive profiles (messaging, minimal). Previously, having a
tools.exec section anywhere in config — even just safety settings like
security: "allowlist" — would automatically add exec and process to the
profile's allowed tools, defeating the purpose of the restrictive
profile.

The same pattern existed in tool-fs-policy.ts where tools.fs presence
would add read/write/edit to the profile allowlist for root expansion.

Changes:
- pi-tools.policy.ts: Stop merging implicit grants into profileAlsoAllow.
  Renamed resolveImplicitProfileAlsoAllow → detectImplicitProfileGrants
  and use it only for a startup warning that tells users to add explicit
  alsoAllow entries.
- tool-fs-policy.ts: Remove the implicit read/write/edit grant from
  resolveEffectiveToolFsRootExpansionAllowed when tools.fs is present.
  Root expansion now requires actual read access via profile or alsoAllow.
- Updated 4 existing tests and added 3 new regression tests.

Migration: users who relied on tools.exec or tools.fs implicitly granting
access under a restrictive profile should add explicit alsoAllow entries:

  tools:
    profile: "messaging"
    alsoAllow: ["exec", "process"]  # was implicit, now required
    exec: { security: "allowlist" }

Fixes #47487

* fix: address tool policy review feedback
 2026-04-30 22:19:26 +10:00
Nimrod Gutman
58a0b077c1 fix(macos): keep A2UI canvas content visible (#75039) 2026-04-30 14:21:06 +03:00
Nimrod Gutman
eecd758e39 fix(macos): repair stale gateway tls pins (#75038) 
Merged via squash.

Prepared head SHA: 35196f8f71
Co-authored-by: ngutman <1540134+ngutman@users.noreply.github.com>
Co-authored-by: ngutman <1540134+ngutman@users.noreply.github.com>
Reviewed-by: @ngutman
 2026-04-30 14:14:03 +03:00
clawsweeper[bot]
29d3b65a83 fix(ci): bound manual stale closure backfill 
Co-authored-by: openclaw-clawsweeper[bot] <280122609+openclaw-clawsweeper[bot]@users.noreply.github.com>
 2026-04-30 03:52:23 -07:00
Radek Sienkiewicz
52e2d4e16a fix(cli): avoid progress spinners in active TUI input (#75003) 
Merged via squash.

Prepared head SHA: 129e23e716
Co-authored-by: velvet-shark <126378+velvet-shark@users.noreply.github.com>
Co-authored-by: velvet-shark <126378+velvet-shark@users.noreply.github.com>
Reviewed-by: @velvet-shark
 2026-04-30 12:31:05 +02:00
Vincent Koc
9cb71f7672 chore(barnacle): add false positive close label (#75014) 2026-04-30 02:55:45 -07:00
Val Alexander
20cbc1f216 fix(control-ui): wire slash menu accessibility 
Wire the Control UI chat slash-command menu to the composer with stable listbox and option IDs, active-descendant updates, and a live status announcement. Keep the native textarea role conforming while preserving the menu relationships and tests.
 2026-04-30 04:53:27 -05:00
clawsweeper[bot]
099037cca6 fix(channels): align Yuanbao catalog id 
Co-authored-by: openclaw-clawsweeper[bot] <280122609+openclaw-clawsweeper[bot]@users.noreply.github.com>
 2026-04-30 02:50:35 -07:00
Vincent Koc
9d68c6768a ci: shallow checkout OpenGrep PR scan 2026-04-30 02:43:00 -07:00
Vincent Koc
9f0bf1c71e chore(ci): skip maintainer assignees in stale backfill 2026-04-30 02:13:18 -07:00
Vincent Koc
d117ed183a chore(ci): tune stale policy and add backfill 
* chore(ci): tune stale grace periods

* chore(ci): add stale closure backfill
 2026-04-30 02:01:02 -07:00
Vincent Koc
005eeca06f ci: right-size OpenGrep PR scan 
* ci: right-size opengrep pr scan

* ci: avoid opengrep rulepack self-scan

* ci: opt opengrep workflows into node24 actions

* ci: update opengrep workflow action majors
 2026-04-30 01:52:12 -07:00
Vincent Koc
d50ad19e4b test(gateway): avoid post-close auth rotation rpc 2026-04-30 01:50:39 -07:00