vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-04-06 23:01:08 +00:00
Code Issues Packages Projects Releases Wiki Activity
25,955 Commits 1,135 Branches 96 Tags
359c6dedbe2ac3dc671d1fe10d755d4a490a23ca
Commit Graph

772 Commits

Author SHA1 Message Date
Peter Steinberger
6507f54965 docs: refresh generic model examples 2026-04-04 07:27:32 +01:00
Peter Steinberger
666f1f4db0 refactor(providers): remove core default and usage bias 2026-04-04 07:19:29 +01:00
Peter Steinberger
b32a2cadc2 docs(acp): clarify default startup and runtime paths 2026-04-04 15:10:26 +09:00
Peter Steinberger
ae7942bf5e fix: prefer Claude CLI in Anthropic onboarding 2026-04-04 14:49:55 +09:00
Peter Steinberger
0ebc7b6077 docs: clarify anthropic claude cli migration 2026-04-04 14:38:42 +09:00
Peter Steinberger
bc8048250e fix(agents): harden claude cli parsing and queueing 2026-04-04 14:07:19 +09:00
Peter Steinberger
4ed17fd987 refactor(voice-call): migrate legacy config via doctor 2026-04-04 14:06:52 +09:00
Peter Steinberger
58d2b9dd46 fix: add runtime model contextTokens caps 2026-04-04 09:36:53 +09:00
Peter Steinberger
45675c1698 docs: update Anthropic subscription billing guidance 2026-04-04 09:32:13 +09:00
Gustavo Madeira Santana
1f660bf930 Docs: document agent skill allowlists 2026-04-03 14:23:05 -04:00
Peter Steinberger
865fa2ba72 fix: narrow auth permanent lockouts 2026-04-04 02:35:27 +09:00
huntharo
c4f40c3f7d Plugins: allow unsafe-force override on update 2026-04-04 01:49:35 +09:00
Tak Hoffman
78c390ea86 docs: align messages config support notes 2026-04-03 10:08:34 -05:00
Peter Steinberger
e2e1197fa9 refactor(gateway): clarify local mode guardrails 2026-04-03 20:02:32 +09:00
Peter Steinberger
2c7eea8f10 fix(gateway): fail closed on missing mode 2026-04-03 19:50:45 +09:00
Peter Steinberger
a6649201b7 docs: clarify default subagent allowlists 2026-04-03 19:45:05 +09:00
Peter Steinberger
d921784718 fix: support default subagent allowlists (#59944) (thanks @hclsys) 2026-04-03 19:43:17 +09:00
Ayaan Zaidi
a2b53522eb fix(pairing): allow private lan mobile ws 2026-04-03 14:51:24 +05:30
Ayaan Zaidi
acd5734aa9 fix(pairing): align mobile setup with secure endpoints 2026-04-03 14:51:24 +05:30
Vincent Koc
2f013b68f8 docs: add missing changelog entries and update context visibility security docs 2026-04-03 12:39:45 +09:00
Peter Steinberger
35e1605147 feat: add configurable context visibility 2026-04-03 04:34:57 +09:00
Vincent Koc
d9c662dc69 docs: restructure automation section as Automation & Tasks 2026-04-03 03:16:51 +09:00
Peter Steinberger
4269f40811 docs(security): clarify exec yolo default 2026-04-02 14:52:51 +01:00
Vincent Koc
326490ab76 docs: cover compaction notifyUser config and provider replay hooks 2026-04-02 10:23:33 +09:00
Vincent Koc
fd4dbad38c docs: cover cron --tools allowlist and agents.defaults.params config reference 2026-04-01 22:29:53 +09:00
Vincent Koc
c42659176a docs: cover unreleased feature gaps (Telegram errorPolicy, Android notifications, node pairing, Slack approvals, MCP transport, reactions) 2026-04-01 22:20:20 +09:00
Peter Steinberger
8b2d24b62b docs(security): clarify node pairing trust boundary 2026-04-01 18:27:23 +09:00
Peter Steinberger
4ceb01f9ed docs(gateway): document node pairing repair flow 2026-04-01 18:02:56 +09:00
Forgely3D
4fa11632b4 fix: escalate to model fallback after rate-limit profile rotation cap (#58707) 
* fix: escalate to model fallback after rate-limit profile rotation cap

Per-model rate limits (e.g. Anthropic Sonnet-only quotas) are not
relieved by rotating auth profiles — if all profiles share the same
model quota, cycling between them loops forever without falling back
to the next model in the configured fallbacks chain.

Apply the same rotation-cap pattern introduced for overloaded_error
(#58348) to rate_limit errors:

- Add `rateLimitedProfileRotations` to auth.cooldowns config (default: 1)
- After N profile rotations on a rate_limit error, throw FailoverError
  to trigger cross-provider model fallback
- Add `resolveRateLimitProfileRotationLimit` helper following the same
  pattern as `resolveOverloadProfileRotationLimit`

Fixes #58572

* fix: cap prompt-side rate-limit failover (#58707) (thanks @Forgely3D)

* fix: restore latest-main gates for #58707

---------

Co-authored-by: Ember (Forgely3D) <ember@forgely.co>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
 2026-04-01 17:54:10 +09:00
Peter Steinberger
95182d51cc fix: harden bundled plugin runtime deps 2026-04-01 08:55:00 +01:00
Peter Steinberger
f5431bc07e docs: clarify doctor cron migration guidance 2026-04-01 16:44:10 +09:00
Peter Steinberger
418fa12dfa fix: make overload failover configurable 2026-03-31 21:34:35 +01:00
Vincent Koc
5c9408d3ca docs: update docs for unreleased channel and gateway changes 
Cover Teams member-info action, Teams/Matrix sender-allowlist
context filtering, macOS MagicDNS discovery preference, and
trusted-proxy mixed token config hardening.
 2026-04-01 02:20:44 +09:00
Peter Steinberger
0d7f1e2c84 feat(security): fail closed on dangerous skill installs 2026-03-31 23:27:20 +09:00
Peter Steinberger
44b9936136 feat(plugins): add dangerous unsafe install override 2026-03-31 23:16:11 +09:00
Peter Steinberger
dc0e0b0f68 docs(security): mark shared-secret HTTP auth as designed 2026-03-31 22:58:09 +09:00
Peter Steinberger
cbfeecfab4 fix(gateway): restore shared-secret HTTP tool invoke auth 2026-03-31 22:55:15 +09:00
Vincent Koc
5474796735 docs(security): clarify acpx yolo mode 2026-03-31 20:54:30 +09:00
Peter Steinberger
0633406ff6 fix(gateway): restore compat HTTP operator auth 2026-03-31 16:49:30 +09:00
Josh Avant
788f56f30f Secrets: hard-fail unsupported SecretRef policy and fix gateway restart token drift (#58141) 
* Secrets: enforce C2 SecretRef policy and drift resolution

* Tests: add gateway auth startup/reload SecretRef runtime coverage

* Docs: sync C2 SecretRef policy and coverage matrix

* Config: hard-fail parent SecretRef policy writes

* Secrets: centralize unsupported SecretRef policy metadata

* Daemon: test service-env precedence for token drift refs

* Config: keep per-ref dry-run resolvability errors

* Docs: clarify config-set parent-object policy checks

* Gateway: fix drift fallback and schema-key filtering

* Gateway: align drift fallback with credential planner

* changelog

Signed-off-by: joshavant <830519+joshavant@users.noreply.github.com>

---------

Signed-off-by: joshavant <830519+joshavant@users.noreply.github.com>
 2026-03-31 02:37:31 -05:00
Vincent Koc
5ee054e9db docs: merge network-model stub into network hub, improve bridge deprecation 
- network.md: add Core model prose (loopback-first, canvas host, remote access)
  from the 22-line network-model.md stub
- network-model.md: add redirect note pointing to /network#core-model
- bridge-protocol.md: replace scattered deprecation notes with prominent
  <Warning> callout at the top
 2026-03-31 14:37:43 +09:00
Vincent Koc
b970187379 docs: fix oxfmt formatting in remote.md and THREAT-MODEL-ATLAS.md 2026-03-31 14:36:49 +09:00
Vincent Koc
ff1ae5df22 docs: add 8 missing doctor checks and --generate-gateway-token flag 2026-03-31 14:34:56 +09:00
Vincent Koc
1bf8fb26f4 docs: fix config examples -- perSession deprecation and dmScope guidance 
- Replace perSession: true with scope: "session" (preferred syntax)
- Add dmScope: "per-channel-peer" to expanded example for multi-user safety
 2026-03-31 14:34:56 +09:00
Vincent Koc
4ab7947ec0 docs: merge remote-gateway-readme content into remote.md 2026-03-31 14:34:56 +09:00
Vincent Koc
637f15375b docs: fix Gateway & Ops audit findings (7 pages) 
- cli-backends.md: remove duplicate modelAliases key
- discovery.md: add missing transport=gateway and displayName TXT keys
- authentication.md: retitle to "Authentication (Model Providers)", add
  disambiguation Note pointing to gateway connection auth docs
- health.md: expand frontmatter scope, add --probe flag and response shape docs
- gateway-lock.md: remove stale hardcoded date, add Related section
- troubleshooting.md: fix wrong auth cross-link (model auth -> gateway config)
- logging.md: add Related section linking to gateway logging internals
 2026-03-31 14:24:19 +09:00
Vincent Koc
d352bd050a docs: fix tools-invoke default deny list (was missing 8 of 13 entries) 2026-03-31 14:24:19 +09:00
Vincent Koc
ab8d999917 docs: fix sandbox scope default (session -> agent per resolveSandboxScope) 2026-03-31 14:24:19 +09:00
Josh Avant
81b777c768 fix(config): harden SecretRef round-trip handling in Control UI and RPC writes (#58044) 
* Config: harden SecretRef round-trip handling

* Gateway: test SecretRef preflight on config writes

* Agents: align skill loader with upstream Skill type

* Docs: align SecretRef write semantics with Control UI and RPC behavior

* Config: add UI and gateway regression evidence for SecretRef hardening

* Config: add token SecretRef restore regression and skill sourceInfo compat

* UI: scope structured-value lockout to SecretRef fields

* Agents: remove out-of-scope skill loader compat edits

* UI: reduce app-render churn to rawAvailable-only changes

* Gateway: scope SecretRef preflight to submitted config

* Docs: clarify config write SecretRef preflight scope

* changelog

Signed-off-by: joshavant <830519+joshavant@users.noreply.github.com>

---------

Signed-off-by: joshavant <830519+joshavant@users.noreply.github.com>
 2026-03-30 23:55:03 -05:00
BUGKillerKing
d4cccda570 fix: add requireAgentId to block sessions_spawn without explicit agen… (#29380) 
* fix: add requireAgentId to block sessions_spawn without explicit agentId (#29368)

* Config: regenerate base schema for requireAgentId

Signed-off-by: sallyom <somalley@redhat.com>

---------

Signed-off-by: sallyom <somalley@redhat.com>
Co-authored-by: 周鹤0668001310 <zhou.he3@xydigit.com>
Co-authored-by: sallyom <somalley@redhat.com>
 2026-03-30 23:06:59 -04:00