Peter Steinberger
1b3af45657
fix(gateway): admit reconnect delivery drains ( #104143 )
2026-07-10 22:33:33 -07:00
Peter Steinberger
81a201df26
feat: add portable table presentation blocks ( #103583 )
...
* feat(presentation): add portable table blocks
* chore(presentation): refresh generated contracts
* fix(slack): preserve table fallback payloads
* docs(changelog): note portable message tables
* fix(presentation): preserve cross-channel fallback delivery
* chore(plugin-sdk): refresh rebased contracts
* test(slack): align accessibility expectations
* fix(presentation): harden cross-channel fallback delivery
* chore(plugin-sdk): refresh rebased contracts
* docs(changelog): defer portable table release note
* fix(presentation): satisfy extension lint
* chore(plugin-sdk): refresh surface budgets
* fix(telegram): preserve reactions after progress replies
* fix(slack): preserve rendered preview fallback text
* fix(feishu): preserve oversized presentation fallbacks
* docs(changelog): note portable message tables
* docs(changelog): defer portable table release note
* chore(plugin-sdk): refresh rebased contracts
---------
Co-authored-by: Peter Steinberger <steipete@openai.com >
2026-07-10 22:29:13 -07:00
xingzhou
e009a41410
fix(agents): repair orphaned queued turns before assembly ( #90759 )
...
* fix(agent): keep orphaned user turns contextual
* test(agent): prove orphan repair targets active prompt
* fix(agent): repair orphaned user behind session metadata
* fix(agent): satisfy orphan repair CI types
* fix(agent): preserve orphan repair state entries
* fix(agent): filter repaired orphan from assembled history
* fix(embedded-agent): repair orphan session entry types
* fix(embedded-agent): remap replayed metadata labels
* fix(embedded-agent): skip dangling replay labels
* fix(agents): repair orphan history before assembly
---------
Co-authored-by: 张贵萍0668001030 <zhang.guiping@xydigit.com >
Co-authored-by: Ayaan Zaidi <hi@obviy.us >
2026-07-11 09:56:40 +05:30
Peter Steinberger
05ebaf41f6
fix(tool-call-repair): bound serialized stream normalization ( #104100 )
...
* fix(tool-call-repair): bound serialized stream normalization
Co-authored-by: wuqingxuan <wu.qingxuan@xydigit.com >
Co-authored-by: 徐闻涵0668001344 <xu.wenhan1@xydigit.com >
Co-authored-by: qingminlong <qing.minlong@xydigit.com >
Co-authored-by: WangYan <wang.yan29@xydigit.com >
* fix(tool-call-repair): preserve strict scan narrowing
* fix(tool-call-repair): lint serialized name validation
* fix(tool-call-repair): replay split suffix whitespace
* fix(tool-call-repair): cap complete-call whitespace
* test(tool-call-repair): assert bounded whitespace replay
---------
Co-authored-by: wuqingxuan <wu.qingxuan@xydigit.com >
Co-authored-by: 徐闻涵0668001344 <xu.wenhan1@xydigit.com >
Co-authored-by: qingminlong <qing.minlong@xydigit.com >
Co-authored-by: WangYan <wang.yan29@xydigit.com >
2026-07-10 20:00:11 -07:00
James Armstead
65cc86f45c
Refresh MCP OAuth auth-profile tokens ( #96120 )
...
* Refresh MCP OAuth auth-profile tokens
* Rotate Codex MCP binding on bearer changes
* Preserve agent scope for MCP auth profiles
* Preserve Codex MCP tool filters
* Keep Codex MCP projection helper local-only
* Fix Codex projection package boundary artifacts
* Revert "Fix Codex projection package boundary artifacts"
This reverts commit 13bcaed3da .
* Revert "Keep Codex MCP projection helper local-only"
This reverts commit 19751f4922 .
* Trigger CI rerun for OAuth MCP PR
* Fail closed for remote Codex MCP bearer projection
* Fix MCP OAuth bearer token projection
* fix: project MCP-native OAuth credentials
* fix: align MCP SDK surface budget
* fix(mcp): keep agents available before OAuth login
---------
Co-authored-by: Josh Lehman <josh@martian.engineering >
2026-07-10 17:49:43 -07:00
xingzhou
babc287afe
fix(slack): time out stalled external file uploads ( #103442 )
...
* fix(slack): time out stalled external file uploads
* fix(slack): scope external upload timeout
* fix(slack): restrict external upload transport
* fix(slack): restrict external upload transport
* fix(slack): preserve external upload retry safety
* test(slack): use compatible guarded fetch runtime
* test(plugin-sdk): update public export baseline
* fix(slack): harden external upload delivery
* refactor(slack): isolate upload completion
Keep ordinary Enterprise Grid traffic on the Bolt listener client. Use a team-scoped no-retry client only for one-shot external upload completion, while preserving the bounded raw-upload timeout and safe durable replay classification.
* fix(slack): refresh upload release metadata
* chore(slack): leave release notes release-owned
* fix(slack): classify failed uploads before completion
* fix(slack): keep upload completion untimed
* test(plugin-sdk): refresh public export baseline
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com >
2026-07-10 23:52:35 +01:00
Peter Steinberger
9b1c36d23c
fix: prevent exec approval revocation races ( #103515 )
...
* fix(security): serialize exec approval mutations
* fix(security): preserve additive approval writes
* test(cli): expect normalized approval shape
* fix(security): preserve exec approval compatibility
* test(security): exercise locked approval initialization
* test(security): mock serialized approval helpers
* test(exec): derive enforced command path from plan
* fix(gateway): always return approval CAS conflicts
* fix(macos): serialize exec approvals writes
* fix(security): repair approval build errors
* fix(security): serialize exec approval mutations
* fix(security): fail closed on approval persistence errors
* test(security): cover detached approval persistence failures
* fix(security): harden exec approval state
* style(macos): format exec approval sources
* fix(security): complete exec approval hardening
Co-authored-by: Coy Geek <65363919+coygeek@users.noreply.github.com >
* fix(macos): preserve approved login-shell semantics
* fix(macos): keep login shell approvals one-shot
* fix(security): linearize exec authorization
Co-authored-by: Coy Geek <65363919+coygeek@users.noreply.github.com >
* fix(security): preserve durable approval basis
Co-authored-by: Coy Geek <65363919+coygeek@users.noreply.github.com >
* fix(security): bind exec grants to current policy
Co-authored-by: Coy Geek <65363919+coygeek@users.noreply.github.com >
* test(security): fix exec revocation fixtures
* test(security): align gateway approval fixtures
* fix(macos): return approval decisions
* chore(i18n): sync native approval strings
* test(security): align approval hardening fixtures
* test(node): authorize completed event fixture
* test(security): fix approval decision fixtures
* test(security): await durable approval visibility
* fix(exec): preserve concurrent approval grants
* fix(exec): address exact-head CI failures
* fix(exec): preserve concurrent approval promotions
* fix(exec): make Swift shutdown state explicit
* test(macos): handle approval read failures
* fix(macos): harden approval socket paths
* fix(macos): preserve exact shell payload bytes
* test(macos): make approval fixtures explicit
* test(macos): fix approval suite compilation
* fix(macos): bound approval socket JSONL reads
* chore: move exec approval note to release process
* chore: move exec approval note to release process
---------
Co-authored-by: Coy Geek <65363919+coygeek@users.noreply.github.com >
2026-07-10 21:35:05 +01:00
Peter Steinberger
1bcc4c5e70
feat(gateway): add cooperative host suspension ( #103618 )
...
* feat(gateway): add cooperative suspension preparation
* style: satisfy suspension lint checks
* test(gateway): reset work admission between shared suites
* fix(gateway): reject upgrades during suspension
* fix(gateway): preserve admitted work during suspension
* test(gateway): isolate suspension and restart state
* fix(gateway): close suspension false-ready gaps
* refactor(protocol): slim suspension declaration graph
* refactor(plugin-sdk): sever protocol registry edges
* fix(gateway): preserve admitted restart follow-ups
* fix(gateway): make suspension recovery fail closed
* fix(protocol): keep validation formatter re-export only
* test(gateway): simplify deferred fixture type
* style(gateway): clarify suspension entry name
* fix(gateway): retain detached work admission
2026-07-10 20:24:53 +01:00
Peter Steinberger
e1934d968e
fix(nodes): stop advertising a disabled browser proxy ( #103894 )
...
* fix(nodes): hide disabled browser proxy capability
* chore: defer node fix changelog to release
* chore: ratchet plugin SDK surface budget
2026-07-10 20:06:53 +01:00
Peter Steinberger
9b4c7c0991
test(openai): align auth contract with provider default ( #103760 )
2026-07-10 16:28:07 +01:00
JC
59e95fe3fd
feat: support GPT-5.6 Ultra across OpenClaw and Codex runtimes ( #98021 )
...
* feat: support GPT-5.6 Ultra across agent runtimes
Co-authored-by: J Cai <anyech@gmail.com >
* fix: keep harness projections discovery-free
* fix(codex): mirror V2 native subagent tasks
* chore: refresh plugin SDK surface budgets
* test: expose Ultra wire effort proof
* test(cron): avoid hoisted mock initialization race
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com >
2026-07-10 15:23:24 +01:00
Yuval Dinodia
b7ab62c2cf
fix(mattermost): preserve text-block boundaries in draft preview ( #87322 ) ( #87449 )
...
* fix(mattermost): preserve text-block boundaries in draft preview (#87322 )
* fix(mattermost): preserve block preview boundaries
* fix(mattermost): reset progress at tool boundaries
* docs(plugin-sdk): refresh API baseline
* fix(mattermost): group parallel tool previews
* fix(mattermost): stage tool previews before awaits
* fix(mattermost): satisfy tool boundary return contract
* fix(mattermost): serialize preview block generations
Co-authored-by: Yuval Dinodia <yetvald@gmail.com >
* fix(mattermost): preserve complete block previews
* test(agents): align streaming assertions
* test(telegram): align reply pipeline mock
* fix(plugin-sdk): keep reply prefix options compatible
* test(mattermost): exercise threaded final participation
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com >
2026-07-10 14:32:11 +01:00
Peter Steinberger
505f8ae6a3
fix(control-ui): harden workspace avatar projection ( #103657 )
...
* fix(control-ui): harden workspace avatar projection
Co-authored-by: LZY3538 <liu.zhenye@xydigit.com >
* refactor(gateway): remove dead avatar URL mapper
* test(control-ui): track avatar temp directories
---------
Co-authored-by: LZY3538 <liu.zhenye@xydigit.com >
2026-07-10 13:31:22 +01:00
Peter Steinberger
2c909212f1
fix(tool-call-repair): preserve stream content order after repair ( #103585 )
...
Keep byte-over-cap visible suffixes at their streamed content indexes when terminal message snapshots are normalized.
Co-authored-by: ZOOWH <ZOOWH@users.noreply.github.com >
2026-07-10 10:16:09 +01:00
wuqxuan
9e74dabad2
fix: parse zero-argument XML tool calls ( #103220 )
...
* fix: parse zero-argument XML tool calls
* fix(tool-call-repair): handle empty XML calls safely
---------
Co-authored-by: Peter Steinberger <peter@steipete.me >
Co-authored-by: Peter Steinberger <steipete@gmail.com >
2026-07-10 07:39:23 +01:00
Pavan Kumar Gondhi
c70f3d0dae
fix: block unspecified trusted DNS targets ( #103075 )
2026-07-10 11:16:26 +05:30
Peter Steinberger
75dfd3dc09
feat(xai): support Grok Imagine Video 1.5 ( #103316 )
...
* feat(media): add per-model generation catalog metadata
* feat(xai): support Grok Imagine Video 1.5
* test(plugin-sdk): update public surface budget
2026-07-10 04:49:42 +01:00
Peter Steinberger
add2c586c2
feat(slack): support native chart presentations ( #102635 )
2026-07-10 04:05:23 +01:00
qingminlong
2fd0f88f62
fix: ignore invalid Retry-After HTTP dates ( #102987 )
...
* fix: ignore invalid Retry-After HTTP dates
* fix(ai): centralize strict Retry-After dates
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com >
Co-authored-by: Peter Steinberger <peter@steipete.me >
2026-07-10 04:02:44 +01:00
Ayaan Zaidi
04ff278a1d
refactor(device-bootstrap): close bootstrap purpose type
2026-07-10 07:53:37 +05:30
Ayaan Zaidi
c64db7c9c7
feat(plugin-sdk): export dashboard bootstrap helpers
2026-07-10 07:53:37 +05:30
Peter Steinberger
8b300e57f0
fix(browser): keep remote CDP credentials out of responses ( #103139 )
...
* fix(browser): contain remote CDP credentials
* fix(browser): probe authenticated discovery before attach
* chore: keep release note in PR metadata
2026-07-10 01:12:51 +01:00
Peter Steinberger
d185f9a0b4
fix(infra): preserve characters in truncated response snippets ( #103136 )
...
* fix(infra): preserve bounded response text characters
Co-authored-by: qingminlong <34085845+qingminglong@users.noreply.github.com >
* ci(plugin-sdk): refresh API baseline
---------
Co-authored-by: qingminlong <34085845+qingminglong@users.noreply.github.com >
2026-07-09 23:43:26 +01:00
VACInc
740e7687e8
fix(anthropic): don't crash models list when a configured Sonnet 5 model has no cost ( #102186 )
...
* fix(anthropic): don't crash models list when a configured Sonnet 5 model has no cost
applyAnthropicSonnet5Cost read params.model.cost.input unconditionally, so
'openclaw models list' aborted with 'Cannot read properties of undefined
(reading input)' whenever config supplied an anthropic Sonnet 5 model row
without cost metadata (e.g. an agents.defaults.models runtime binding).
Guard with optional chaining — a costless model now falls through and gets
the canonical Sonnet 5 cost applied.
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com >
* fix(models): normalize missing Sonnet 5 costs
Co-authored-by: VACInc <3279061+VACInc@users.noreply.github.com >
* chore(plugin-sdk): refresh API baseline
* ci(plugin-sdk): update surface budgets
---------
Co-authored-by: VACInc <3279061+VACInc@users.noreply.github.com >
Co-authored-by: Claude Fable 5 <noreply@anthropic.com >
Co-authored-by: Peter Steinberger <steipete@gmail.com >
2026-07-09 22:13:56 +01:00
Oliver Mee
ae11ea5ba9
feat(qwen): add Token Plan (Team Edition) provider ( #94419 )
...
* feat(qwen): add Token Plan provider
Co-authored-by: Oliver Mee <102673257+Omee11@users.noreply.github.com >
* docs: regenerate documentation map
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com >
Co-authored-by: Oliver Mee <102673257+Omee11@users.noreply.github.com >
2026-07-09 22:07:01 +01:00
Peter Steinberger
5ef269c2bb
fix: keep bounded Unicode text valid across UTF-16 boundaries ( #102823 )
...
* fix(text): keep bounded output UTF-16 safe
Co-authored-by: 黄剑雄0668001315 <huang.jianxiong@xydigit.com >
Co-authored-by: 0668000539 <shu.zongyu@xydigit.com >
Co-authored-by: 张鹊平0668001085 <zhang.queping@xydigit.com >
Co-authored-by: 赵旺0668001248 <zhao.wang1@xydigit.com >
Co-authored-by: 陈宪彪0668000387 <chen.xianbiao@xydigit.com >
Co-authored-by: lizeyu-xydt <li.zeyu@xydigit.com >
* chore(changelog): defer release note to automation
* refactor(qa-lab): keep text helper behind SDK
---------
Co-authored-by: 黄剑雄0668001315 <huang.jianxiong@xydigit.com >
Co-authored-by: 0668000539 <shu.zongyu@xydigit.com >
Co-authored-by: 张鹊平0668001085 <zhang.queping@xydigit.com >
Co-authored-by: 赵旺0668001248 <zhao.wang1@xydigit.com >
Co-authored-by: 陈宪彪0668000387 <chen.xianbiao@xydigit.com >
Co-authored-by: lizeyu-xydt <li.zeyu@xydigit.com >
2026-07-09 15:21:23 +01:00
Alix-007
65b2e7a4e3
fix(mattermost): add timeout to REST client requests ( #102027 )
...
* fix(mattermost): add timeout to REST client requests
* fixup: preserve Mattermost DM retry timeout
* test(mattermost): reuse hanging server helper
* test(mattermost): satisfy timeout lint
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com >
2026-07-09 12:12:30 +01:00
Sally O'Malley
e595a8c0ac
Add Vault SecretRef plugin ( #89255 )
...
* Add Vault SecretRef plugin
Signed-off-by: sallyom <somalley@redhat.com >
* expand Vault setup to registered SecretRef targets
Signed-off-by: sallyom <somalley@redhat.com >
* fix(vault): use sdk secret target seam
* fix(vault): preserve auth profile target paths
* docs(vault): document plugin enable step
* fix(vault): make status provider-alias aware
* fix(vault): reject noncanonical secret ids
* fix(vault): separate resolver timeout deadlines
* fix(vault): forward private CA trust settings
* fix(secrets): preserve plugin policy boundaries
---------
Signed-off-by: sallyom <somalley@redhat.com >
Co-authored-by: joshavant <830519+joshavant@users.noreply.github.com >
2026-07-09 05:30:12 -05:00
kevinlin-openai
245b91b83d
feat(slack): support Enterprise Grid org installs ( #102372 )
...
* feat(slack): support Enterprise Grid org installs
* docs: refresh generated docs map
* fix(slack): satisfy enterprise routing CI
* fix(slack): accept org auth without app id
* docs(plugin-sdk): document channel policy hooks
* fix(slack): reuse canonical sender for enterprise replies
* test(slack): fix enterprise sender lint
---------
Co-authored-by: Kevin Lin <kevin@dendron.so >
2026-07-08 23:53:19 -07:00
qingminlong
b20b02a476
fix(tool-payload): enforce UTF-8 byte limits for serialized payloads ( #102450 )
...
* fix(tool-payload): reject oversized XML payload bytes
* fix(tools): enforce serialized payload byte limits
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com >
2026-07-09 07:47:23 +01:00
Tobias Oort
0307deacfa
feat(github-copilot): support GitHub Enterprise data-residency Copilot auth ( #99221 )
...
Adds GitHub Enterprise data-residency support to the existing bundled GitHub Copilot provider.
Maintainer proof:
- GitHub CI green on head 54010a6538
- `check-lint`, `check-additional-extension-bundled`, and `check-shrinkwrap` passed in CI
- local `pnpm lint:extensions:bundled`, `pnpm lint`, and focused GitHub Copilot Vitest passed
- AWS Crabbox proof passed
- live microsoft.ghe.com device-flow/token-exchange/model-catalog proof passed
Co-authored-by: Tobias Oort <tobias.oort@ict.nl >
Co-authored-by: Gio Della-Libera <235387111+giodl73-repo@users.noreply.github.com >
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com >
2026-07-08 18:59:41 -07:00
Vincent Koc
aad99747cd
fix(onboard): omit empty provider request settings
2026-07-08 17:26:29 -07:00
Tran Quang
19f7b72a74
fix(voice-call): preserve per-call agent routing ( #77763 )
...
* fix(voice-call): preserve per-call agent routing
Co-authored-by: Tran Quang <randytran8800@gmail.com >
* chore: keep release notes in PR metadata
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com >
Co-authored-by: Peter Steinberger <peter@steipete.me >
2026-07-08 07:06:35 +01:00
Vishal Dharmadhikari
d708df47a3
improve(google): identify OpenClaw Gemini API traffic ( #101834 )
2026-07-07 16:09:02 -06:00
machine3at
a00e9fc228
fix(ssrf): block loopback addresses for trusted hostname origins ( #100835 )
...
* fix(ssrf): block loopback addresses for trusted hostname origins
* fix(ssrf): allow loopback resolution for explicitly trusted loopback/localhost hostnames
* refactor(cron): remove unrelated cron session option changes from ssrf branch
* test(ssrf): add explicit loopback-origin allow tests to close ClawSweeper proof gap
* test(ssrf): add real gateway runtime proof script for loopback rebinding
* fix(ssrf): harden trusted-host loopback checks
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com >
2026-07-07 11:08:51 +01:00
Peter Steinberger
a2a68d154b
fix(agent): preserve explicit recipient sessions ( #101507 )
...
* fix(agent): honor recipient session routing
Co-authored-by: vincentkoc <25068+vincentkoc@users.noreply.github.com >
Co-authored-by: pingfanfan <pingfan.work@gmail.com >
* fix(agent): preserve canonical recipient routes
* fix(agent): require exact recipient routes
Co-authored-by: vincentkoc <25068+vincentkoc@users.noreply.github.com >
Co-authored-by: pingfanfan <pingfan.work@gmail.com >
* fix(agent): harden recipient route resolution
* fix(imessage): require canonical recipient handles
* fix(agent): refine provider recipient exactness
* fix(agent): bound direct alias session routing
* fix(signal): preserve direct alias route type
* fix(agent): honor binding-scoped recipient sessions
* fix(routing): honor configured main session aliases
* fix(clickclack): align account-owned session routes
* fix(twitch): preserve canonical recipient sessions
* fix(routing): isolate stable outbound identities
* chore: defer recipient session changelog
* fix(sms): use dedicated channel SDK facade
---------
Co-authored-by: vincentkoc <25068+vincentkoc@users.noreply.github.com >
Co-authored-by: pingfanfan <pingfan.work@gmail.com >
2026-07-07 10:07:13 +01:00
xingzhou
de152b1f65
fix(plugin-sdk): align speech runtime packaging ( #89899 )
...
Co-authored-by: Peter Steinberger <steipete@gmail.com >
2026-07-07 07:38:41 +01:00
Peter Steinberger
7b366e16b0
fix: Windows CLI backends fail through npm shims ( #101378 )
...
* fix(process): resolve Windows npm CLI shims directly
Co-authored-by: wendy-chsy <wan.wenyan@xydigit.com >
* docs(changelog): note Windows CLI shim fix
* docs(process): explain Windows shim boundary
* chore: keep release changelog owner-only
* test(process): isolate Windows shim resolution
* fix(process): classify Windows forwarding shims safely
---------
Co-authored-by: wendy-chsy <wan.wenyan@xydigit.com >
2026-07-07 06:57:16 +01:00
Josh Lehman
5d9a2b114f
feat(context-engine): report compaction successors as typed session targets ( #101182 )
2026-07-06 22:14:46 -07:00
Peter Steinberger
1834592be1
fix(auth): use OpenClaw lobster logo on OAuth callback pages
...
The shared provider OAuth success/error page (OpenAI/Codex and Anthropic
login flows) still embedded the legacy Pi logo SVG. Swap it for the
OpenClaw lobster mascot, matching ui/public/favicon.svg.
2026-07-07 04:48:01 +01:00
Dallin Romney
253b784468
test(qa): use qa flow for channel routing scenarios ( #101076 )
...
* test(qa): canonicalize channel routing scenarios
* test(qa): enforce Crabline actor allowlists
* test(qa): preserve canonical flow integration
* test(matrix): use retained topology fixture id
* test(qa): preserve WhatsApp live defaults
* QA: declare channel transport policy in scenarios
* refactor(qa): keep transport policy type local
* refactor(qa): keep transport policy on leaf contract
* test(matrix): use retained routing fixture
2026-07-06 18:35:41 -07:00
Josh Lehman
cb0d8a1294
refactor(sessions): move inbound meta, goals, and delivery reads behind the session accessor ( #101180 )
2026-07-06 18:07:26 -07:00
Vincent Koc
f305e707a3
feat(models): add Claude Mythos 5 support ( #101238 )
2026-07-06 17:19:49 -07:00
Vortex Openclaw
1f6ddb5df0
feat(models): add Claude Sonnet 5 support ( #98254 )
...
* feat(models): add Claude Sonnet 5 support
Co-authored-by: Ariel Bravy <ariel@vortexradar.com >
* fix(models): align Sonnet 5 validation baselines
* fix(models): satisfy Sonnet 5 CI contracts
* fix(models): enforce Sonnet 5 provider contracts
* docs(changelog): defer Sonnet 5 release note
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com >
Co-authored-by: Ariel Bravy <ariel@vortexradar.com >
2026-07-07 00:05:35 +01:00
NIO
2f510a0ac1
fix(plugin-sdk): bound Copilot token exchange JSON response reads ( #97579 )
...
* fix(plugin-sdk): bound Copilot token exchange JSON response reads
* test(plugin-sdk): add HTTP transport proof for Copilot token bounds
* fix(test): cast HTTP transport fetch mocks to typeof fetch
---------
Co-authored-by: NIO <nocodet@mail.com >
2026-07-06 13:10:19 -04:00
Dallin Romney
5af7ba92ce
refactor: consolidate byte-size formatting ( #99768 )
...
* refactor: consolidate byte-size formatting
* fix: stabilize byte formatter import boundary
* fix: keep byte formatter within SDK budget
* fix: emit byte formatter package entry
* refactor: trim byte formatter surface
* fix: use narrow byte formatter import
* refactor: remove byte formatter dependency changes
* fix: refresh rebased byte formatter baseline
2026-07-06 09:26:04 -07:00
Dallin Romney
b29d472e41
refactor(qa): add canonical live channel adapters ( #99707 )
2026-07-06 09:24:34 -07:00
machine3at
3c84a8453a
fix(agents): preserve blank lines in multi-question user input fallback parsing ( #100832 )
2026-07-06 06:37:47 -07:00
Peter Steinberger
f53346944d
feat: correlate native search outcomes in audit history ( #98704 )
...
* feat: correlate native search outcomes in audit history
Metadata-only audit ledger for agent runs and tool actions in the shared
state DB: stable event identity, closed action/status/error vocabularies,
one-way-hashed tool-call ids, never-inferred terminal outcomes for native
web-search (explicit completed/failed only; otherwise unknown), bounded
retention, audit.list gateway RPC and openclaw audit CLI. Squashed from
the 82-commit audit stack for replay onto current main.
* feat(audit): add audit.enabled config gate (default on)
The metadata-only audit ledger records by default: an audit trail enabled
only after an incident cannot explain the incident, and the rows are
strictly less sensitive than the transcripts every install already
stores. audit.enabled=false stops new writes at the gateway subscription
seam; audit.list and openclaw audit keep serving existing records until
they expire. Documented in the configuration reference, protocol page,
and CLI reference.
* fix: repair full-matrix CI findings after rebase
- break the dynamic-tools/dynamic-tool-execution import cycle by
extracting resolveCodexToolAbortTerminalReason into a leaf module
- restore main's session-worktree protocol exports lost in the
index.ts auto-merge
- register the audit event writer worker as a knip entry point
- docs table formatting; subagent wait-cancellation test scoped to its
audit intent (outcome + timing) and advanced past main's new
lifecycle-timeout retry grace
2026-07-06 12:30:12 +01:00
Peter Steinberger
827402243d
feat: add Anthropic and OpenAI cost history ( #100672 )
...
* feat(providers): add admin cost history
* fix(ui): sync cron raw-copy baseline
* fix(usage): harden provider cost credentials
* fix(ui): refresh raw-copy baseline
* docs: refresh documentation map
* fix(ci): sync provider usage baselines
* fix(ui): hide zero-cost history bars
* docs(changelog): defer provider cost note
2026-07-06 12:06:55 +01:00