vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-03-13 19:10:39 +00:00
Code Issues Packages Projects Releases Wiki Activity
15,056 Commits 691 Branches 77 Tags
2ef109f00a75c793b4a69269108930df159ca025
Commit Graph

9547 Commits

Author SHA1 Message Date
joshavant
2ef109f00a Onboard OpenAI: explicit secret-input-mode behavior 2026-02-26 14:47:22 +00:00
joshavant
e8d1725187 Onboard auth: remove leftover merge marker 2026-02-26 14:47:22 +00:00
joshavant
fce4d76a78 Tests: narrow OpenAI default model assertion typing 2026-02-26 14:47:22 +00:00
joshavant
68b9d89ee7 Onboard: store OpenAI auth in profiles instead of .env 2026-02-26 14:47:22 +00:00
joshavant
09c7cb5d34 Tests: update onboard credential expectations for explicit ref mode 2026-02-26 14:47:22 +00:00
joshavant
b50d2ce93c Tests: align auth-choice helper expectations with secret mode 2026-02-26 14:47:22 +00:00
joshavant
04aa856fc0 Onboard: require explicit mode for env secret refs 2026-02-26 14:47:22 +00:00
joshavant
103d02f98c Auth choice tests: expect env-backed key refs 2026-02-26 14:47:22 +00:00
joshavant
56f73ae080 Auth choice tests: assert env-backed keyRef persistence 2026-02-26 14:47:22 +00:00
joshavant
58590087de Onboard auth: use shared secret-ref helpers 2026-02-26 14:47:22 +00:00
joshavant
7e1557b8c9 Onboard: persist env-backed API keys as secret refs 2026-02-26 14:47:22 +00:00
joshavant
363334253b Secrets migrate: split plan/apply/backup modules 2026-02-26 14:47:22 +00:00
joshavant
4807e40cbd Agents: restore auth.json static scrub during pi auth discovery 2026-02-26 14:47:22 +00:00
joshavant
8e439e2d81 Secrets migrate: ensure unique backup ids per write 2026-02-26 14:47:22 +00:00
joshavant
a74067d00b Secrets migrate: share helpers and narrow env scrub scope 2026-02-26 14:47:22 +00:00
joshavant
f6a854bd37 Secrets: add migrate rollback and skill ref support 2026-02-26 14:47:22 +00:00
joshavant
2e53033f22 Gateway: serialize secrets activation across reload paths 2026-02-26 14:47:22 +00:00
joshavant
fe56700026 Gateway: add manual secrets reload command 2026-02-26 14:47:22 +00:00
joshavant
301fe18909 Agents: inject pi auth storage from runtime profiles 2026-02-26 14:47:22 +00:00
joshavant
6a251d8d74 Auth profiles: resolve keyRef/tokenRef outside gateway 2026-02-26 14:47:22 +00:00
joshavant
5ae367aadd Tests: stub discoverAuthStorage in model catalog mocks 2026-02-26 14:47:22 +00:00
joshavant
cec404225d Auth labels: handle token refs and share Pi credential conversion 2026-02-26 14:47:22 +00:00
joshavant
e1301c31e7 Auth profiles: never persist plaintext when refs are present 2026-02-26 14:47:22 +00:00
joshavant
4c5a2c3c6d Agents: inject pi auth storage from runtime profiles 2026-02-26 14:47:22 +00:00
joshavant
45ec5aaf2b Secrets: keep read-only runtime sync in-memory 2026-02-26 14:47:22 +00:00
joshavant
8e33ebe471 Secrets: make runtime activation auth loads read-only 2026-02-26 14:47:22 +00:00
joshavant
3dbb6be270 Gateway tests: handle async restart callback path 2026-02-26 14:47:22 +00:00
joshavant
1560f02561 Gateway: mark restart callback promise as intentionally detached 2026-02-26 14:47:22 +00:00
joshavant
eb855f75ce Gateway: emit one-shot operator events for secrets degraded/recovered 2026-02-26 14:47:22 +00:00
joshavant
e45729a430 Secrets runtime: include sourceConfig in prepared snapshot type 2026-02-26 14:47:22 +00:00
joshavant
e4915cb107 Secrets: preserve runtime snapshot source refs on write 2026-02-26 14:47:22 +00:00
joshavant
b1533bc80c Gateway: avoid double secrets activation at startup 2026-02-26 14:47:22 +00:00
joshavant
b50c4c2c44 Gateway: add eager secrets runtime snapshot activation 2026-02-26 14:47:22 +00:00
joshavant
2f3b919b94 Config: remove unused extension path helper 2026-02-26 14:47:22 +00:00
joshavant
d00ed73026 Config: enforce source-specific SecretRef id validation 2026-02-26 14:47:22 +00:00
joshavant
c3a4251a60 Config: add secret ref schema and redaction foundations 2026-02-26 14:47:22 +00:00
Peter Steinberger
79659b2b14 fix(browser): land PR #11880 decodeURIComponent guardrails 
Guard malformed percent-encoding in relay target routes and browser dispatcher params, add regression tests, and update changelog.
Landed from contributor @Yida-Dev (PR #11880).

Co-authored-by: Yida-Dev <reyifeijun@gmail.com>
 2026-02-26 14:37:48 +00:00
Harold Hunt
dbfdf60a42 fix(telegram): Allow ephemeral webhookPort 2026-02-26 20:01:50 +05:30
Harold Hunt
296210636d fix(telegram): Log bound port if ephemeral (0) is configured 2026-02-26 20:01:50 +05:30
Harold Hunt
840b768d97 Telegram: improve webhook config guidance and startup fallback 2026-02-26 20:01:50 +05:30
Peter Steinberger
5416cabdf8 fix(browser): land PR #21277 dedupe concurrent relay init 
Add shared per-port relay initialization dedupe so concurrent callers await a single startup lifecycle, with regression coverage and changelog entry.
Landed from contributor @HOYALIM (PR #21277).

Co-authored-by: Ho Lim <subhoya@gmail.com>
 2026-02-26 14:30:46 +00:00
Peter Steinberger
ce833cd6de fix(browser): land PR #24142 flush relay pending timers on stop 
Flush pending extension request timers/rejections during relay shutdown and document in changelog.
Landed from contributor @kevinWangSheng (PR #24142).

Co-authored-by: Shawn <118158941+kevinWangSheng@users.noreply.github.com>
 2026-02-26 14:20:43 +00:00
Peter Steinberger
42cf32c386 fix(browser): land PR #26015 query-token auth for /json relay routes 
Align relay HTTP /json auth with websocket auth by accepting query-param tokens, add regression coverage, and update changelog.
Landed from contributor @Sid-Qin (PR #26015).

Co-authored-by: SidQin-cyber <sidqin0410@gmail.com>
 2026-02-26 14:17:41 +00:00
张哲芳
77a3930b72 fix(gateway): allow cron commands to use gateway.remote.token (#27286) 
* fix(gateway): allow cron commands to use gateway.remote.token

* fix(gateway): make local remote-token fallback effective

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
 2026-02-26 14:17:30 +00:00
Peter Steinberger
4c75eca580 fix(browser): land PR #23962 extension relay CORS fix 
Reworks browser relay CORS handling for extension-origin preflight and JSON responses, adds regression tests, and updates changelog.
Landed from contributor @miloudbelarebia (PR #23962).

Co-authored-by: Miloud Belarebia <miloudbelarebia@users.noreply.github.com>
 2026-02-26 14:14:30 +00:00
Peter Steinberger
081b1aa1ed refactor(gateway): unify v3 auth payload builders and vectors 2026-02-26 15:08:50 +01:00
Peter Steinberger
8315c58675 refactor(auth-profiles): unify coercion and add rejected-entry diagnostics 2026-02-26 14:42:11 +01:00
Peter Steinberger
96aad965ab fix: land NO_REPLY announce suppression and auth scope assertions 
Landed follow-up for #27535 and aligned shared-auth gateway expectations after #27498.

Co-authored-by: kevinWangSheng <118158941+kevinWangSheng@users.noreply.github.com>
 2026-02-26 13:40:58 +00:00
SidQin-cyber
eb9a968336 fix(slack): suppress NO_REPLY before Slack API call 
Guard sendMessageSlack against NO_REPLY tokens reaching the Slack API,
which caused truncated push notifications before the reply filter could
intercept them.

Made-with: Cursor
(cherry picked from commit fab9b52039)
 2026-02-26 13:40:58 +00:00
Kevin Shenghui
9c142993b8 fix: preserve operator scopes for shared auth connections 
When connecting via shared gateway token (no device identity),
the operator scopes were being cleared, causing API operations
to fail with 'missing scope' errors.

This fix preserves scopes when sharedAuthOk is true, allowing
headless/API operator clients to retain their requested scopes.

Fixes #27494

(cherry picked from commit c71c8948bd)
 2026-02-26 13:40:58 +00:00