Onur
8ba1b6eff1
ci: add npm release workflow and CalVer checks ( #42414 ) (thanks @onutc)
2026-03-10 20:09:25 +01:00
Josh Avant
f0eb67923c
fix(secrets): resolve web tool SecretRefs atomically at runtime
2026-03-09 22:57:03 -05:00
Rémi
2970d72554
docs: update Brave Search API docs for Feb 2026 plan restructuring ( #40111 )
...
Merged via squash.
Prepared head SHA: c651f078551299873+remusao@users.noreply.github.com >
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com >
Reviewed-by: @gumadeiras
2026-03-08 14:06:21 -04:00
Josh Avant
8e20dd22d8
Secrets: harden SecretRef-safe models.json persistence ( #38955 )
2026-03-07 11:28:39 -06:00
Peter Steinberger
1dd4f92ea2
fix: default local onboarding tools profile to coding
2026-03-07 16:41:27 +00:00
Kesku
3d7bc5958d
feat(onboarding): add web search to onboarding flow ( #34009 )
...
* add web search to onboarding flow
* remove post onboarding step (now redundant)
* post-onboarding nudge if no web search set up
* address comments
* fix test mocking
* add enabled: false assertion to the no-key test
* --skip-search cli flag
* use provider that a user has a key for
* add assertions, replace the duplicated switch blocks
* test for quickstart fast-path with existing config key
* address comments
* cover quickstart falls through to key test
* bring back key source
* normalize secret inputs instead of direct string trimming
* preserve enabled: false if it's already set
* handle missing API keys in flow
* doc updates
* hasExistingKey to detect both plaintext strings and SecretRef objects
* preserve enabled state only on the "keep current" paths
* add test for preserving
* better gate flows
* guard against invalid provider values in config
* Update src/commands/configure.wizard.ts
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
* format fix
* only mentions env var when it's actually available
* search apiKey fields now typed as SecretInput
* if no provider check if any search provider key is detectable
* handle both kimi keys
* remove .filter(Boolean)
* do not disable web_search after user enables it
* update resolveSearchProvider
* fix(onboarding): skip search key prompt in ref mode
* fix: add onboarding web search step (#34009 ) (thanks @kesku)
---------
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
Co-authored-by: Shadow <hi@shadowing.dev >
2026-03-06 13:09:00 -06:00
Josh Avant
72cf9253fc
Gateway: add SecretRef support for gateway.auth.token with auth-mode guardrails ( #35094 )
2026-03-05 12:53:56 -06:00
青雲
96021a2b17
fix: align AGENTS.md template section names with post-compaction extraction ( #25029 ) ( #25098 )
...
Merged via squash.
Prepared head SHA: 8cd6cc804916428813+echoVic@users.noreply.github.com >
Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com >
Reviewed-by: @jalehman
2026-03-04 12:16:00 -08:00
joshavant
a9969e641a
docs: fix secretref marker rendering in credential surface
2026-03-03 15:08:41 -06:00
joshavant
490670128b
fix(docs): avoid MDX regex markers in secretref page
2026-03-03 14:00:09 -06:00
joshavant
70c6bc8581
fix(docs): use MDX-safe secretref markers
2026-03-03 13:54:03 -06:00
Henry Loenwind
75775f2fe6
chore: Updated Brave documentation ( #26860 )
...
Merged via squash.
Prepared head SHA: f8fc4bf01e1485873+HenryLoenwind@users.noreply.github.com >
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com >
Reviewed-by: @gumadeiras
2026-03-03 01:34:15 -05:00
Josh Avant
806803b7ef
feat(secrets): expand SecretRef coverage across user-supplied credentials ( #29580 )
...
* feat(secrets): expand secret target coverage and gateway tooling
* docs(secrets): align gateway and CLI secret docs
* chore(protocol): regenerate swift gateway models for secrets methods
* fix(config): restore talk apiKey fallback and stabilize runner test
* ci(windows): reduce test worker count for shard stability
* ci(windows): raise node heap for test shard stability
* test(feishu): make proxy env precedence assertion windows-safe
* fix(gateway): resolve auth password SecretInput refs for clients
* fix(gateway): resolve remote SecretInput credentials for clients
* fix(secrets): skip inactive refs in command snapshot assignments
* fix(secrets): scope gateway.remote refs to effective auth surfaces
* fix(secrets): ignore memory defaults when enabled agents disable search
* fix(secrets): honor Google Chat serviceAccountRef inheritance
* fix(secrets): address tsgo errors in command and gateway collectors
* fix(secrets): avoid auth-store load in providers-only configure
* fix(gateway): defer local password ref resolution by precedence
* fix(secrets): gate telegram webhook secret refs by webhook mode
* fix(secrets): gate slack signing secret refs to http mode
* fix(secrets): skip telegram botToken refs when tokenFile is set
* fix(secrets): gate discord pluralkit refs by enabled flag
* fix(secrets): gate discord voice tts refs by voice enabled
* test(secrets): make runtime fixture modes explicit
* fix(cli): resolve local qr password secret refs
* fix(cli): fail when gateway leaves command refs unresolved
* fix(gateway): fail when local password SecretRef is unresolved
* fix(gateway): fail when required remote SecretRefs are unresolved
* fix(gateway): resolve local password refs only when password can win
* fix(cli): skip local password SecretRef resolution on qr token override
* test(gateway): cast SecretRef fixtures to OpenClawConfig
* test(secrets): activate mode-gated targets in runtime coverage fixture
* fix(cron): support SecretInput webhook tokens safely
* fix(bluebubbles): support SecretInput passwords across config paths
* fix(msteams): make appPassword SecretInput-safe in onboarding/token paths
* fix(bluebubbles): align SecretInput schema helper typing
* fix(cli): clarify secrets.resolve version-skew errors
* refactor(secrets): return structured inactive paths from secrets.resolve
* refactor(gateway): type onboarding secret writes as SecretInput
* chore(protocol): regenerate swift models for secrets.resolve
* feat(secrets): expand extension credential secretref support
* fix(secrets): gate web-search refs by active provider
* fix(onboarding): detect SecretRef credentials in extension status
* fix(onboarding): allow keeping existing ref in secret prompt
* fix(onboarding): resolve gateway password SecretRefs for probe and tui
* fix(onboarding): honor secret-input-mode for local gateway auth
* fix(acp): resolve gateway SecretInput credentials
* fix(secrets): gate gateway.remote refs to remote surfaces
* test(secrets): cover pattern matching and inactive array refs
* docs(secrets): clarify secrets.resolve and remote active surfaces
* fix(bluebubbles): keep existing SecretRef during onboarding
* fix(tests): resolve CI type errors in new SecretRef coverage
* fix(extensions): replace raw fetch with SSRF-guarded fetch
* test(secrets): mark gateway remote targets active in runtime coverage
* test(infra): normalize home-prefix expectation across platforms
* fix(cli): only resolve local qr password refs in password mode
* test(cli): cover local qr token mode with unresolved password ref
* docs(cli): clarify local qr password ref resolution behavior
* refactor(extensions): reuse sdk SecretInput helpers
* fix(wizard): resolve onboarding env-template secrets before plaintext
* fix(cli): surface secrets.resolve diagnostics in memory and qr
* test(secrets): repair post-rebase runtime and fixtures
* fix(gateway): skip remote password ref resolution when token wins
* fix(secrets): treat tailscale remote gateway refs as active
* fix(gateway): allow remote password fallback when token ref is unresolved
* fix(gateway): ignore stale local password refs for none and trusted-proxy
* fix(gateway): skip remote secret ref resolution on local call paths
* test(cli): cover qr remote tailscale secret ref resolution
* fix(secrets): align gateway password active-surface with auth inference
* fix(cli): resolve inferred local gateway password refs in qr
* fix(gateway): prefer resolvable remote password over token ref pre-resolution
* test(gateway): cover none and trusted-proxy stale password refs
* docs(secrets): sync qr and gateway active-surface behavior
* fix: restore stability blockers from pre-release audit
* Secrets: fix collector/runtime precedence contradictions
* docs: align secrets and web credential docs
* fix(rebase): resolve integration regressions after main rebase
* fix(node-host): resolve gateway secret refs for auth
* fix(secrets): harden secretinput runtime readers
* gateway: skip inactive auth secretref resolution
* cli: avoid gateway preflight for inactive secret refs
* extensions: allow unresolved refs in onboarding status
* tests: fix qr-cli module mock hoist ordering
* Security: align audit checks with SecretInput resolution
* Gateway: resolve local-mode remote fallback secret refs
* Node host: avoid resolving inactive password secret refs
* Secrets runtime: mark Slack appToken inactive for HTTP mode
* secrets: keep inactive gateway remote refs non-blocking
* cli: include agent memory secret targets in runtime resolution
* docs(secrets): sync docs with active-surface and web search behavior
* fix(secrets): keep telegram top-level token refs active for blank account tokens
* fix(daemon): resolve gateway password secret refs for probe auth
* fix(secrets): skip IRC NickServ ref resolution when NickServ is disabled
* fix(secrets): align token inheritance and exec timeout defaults
* docs(secrets): clarify active-surface notes in cli docs
* cli: require secrets.resolve gateway capability
* gateway: log auth secret surface diagnostics
* secrets: remove dead provider resolver module
* fix(secrets): restore gateway auth precedence and fallback resolution
* fix(tests): align plugin runtime mock typings
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com >
2026-03-03 02:58:20 +00:00
nico-hoff
3eec79bd6c
feat(memory): add Ollama embedding provider ( #26349 )
...
Merged via /review-pr -> /prepare-pr -> /merge-pr.
Prepared head SHA: ac4138654343175972+nico-hoff@users.noreply.github.com >
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com >
Reviewed-by: @gumadeiras
2026-03-02 20:56:40 -05:00
Peter Steinberger
6b85ec3022
docs: tighten subscription guidance and update MiniMax M2.5 refs
2026-03-03 00:02:37 +00:00
Peter Steinberger
cf5702233c
docs(security)!: document messaging-only onboarding default and hook/model risk
2026-03-02 18:15:49 +00:00
Peter Steinberger
842deefe5d
test: split fast lane from channel and gateway suites
2026-03-02 05:33:07 +00:00
Agent
063c4f00ea
docs: clarify Anthropic context1m long-context requirements
2026-03-01 22:35:26 +00:00
Vincent Koc
c161e141f3
Docs tests: add CLI startup benchmark usage
2026-03-01 12:56:56 -08:00
Peter Steinberger
0ec7711bc2
fix(agents): harden compaction and reset safety
...
Co-authored-by: jaden-clovervnd <91520439+jaden-clovervnd@users.noreply.github.com >
Co-authored-by: Sid <201593046+Sid-Qin@users.noreply.github.com >
Co-authored-by: Marcus Widing <245375637+widingmarcus-cyber@users.noreply.github.com >
2026-02-26 17:41:24 +01:00
joshavant
bde9cbb058
docs(secrets): align provider model and add exec resolver coverage
2026-02-26 14:47:22 +00:00
joshavant
c0a3801086
Docs: document secrets refs runtime and migration
2026-02-26 14:47:22 +00:00
Peter Steinberger
eb73e87f18
fix(session): prevent silent overflow on parent thread forks ( #26912 )
...
Lands #26912 from @markshields-tl with configurable session.parentForkMaxTokens and docs/tests/changelog updates.
Co-authored-by: Mark Shields <239231357+markshields-tl@users.noreply.github.com >
2026-02-25 23:54:02 +00:00
Peter Steinberger
eb4a93a8db
refactor(sandbox): share container-path utils and tighten fs bridge tests
2026-02-25 01:59:53 +00:00
Peter Steinberger
e806b34779
chore: remove changelog add helper script
2026-02-24 15:33:09 +00:00
Peter Steinberger
d18ae2256f
refactor: unify channel plugin resolution, family ordering, and changelog entry tooling
2026-02-24 15:15:22 +00:00
Peter Steinberger
8ea936cdda
docs: clarify prompt caching intro
2026-02-24 05:22:00 +00:00
Gustavo Madeira Santana
eff3c5c707
Session/Cron maintenance hardening and cleanup UX ( #24753 )
...
Merged via /review-pr -> /prepare-pr -> /merge-pr.
Prepared head SHA: 7533b851565599352+gumadeiras@users.noreply.github.com >
Co-authored-by: shakkernerd <165377636+shakkernerd@users.noreply.github.com >
Reviewed-by: @shakkernerd
2026-02-23 22:39:48 +00:00
Peter Steinberger
69b17a37e8
docs(reference): add cache trace diagnostics knobs to prompt-caching guide
2026-02-23 19:39:35 +00:00
Peter Steinberger
46dee26600
docs(reference): add prompt-caching guide and knobs
...
Co-authored-by: Axel Svensson <svenssonaxel@users.noreply.github.com >
2026-02-23 19:19:45 +00:00
Peter Steinberger
78e7f41d28
docs: detail per-agent prompt caching configuration
2026-02-23 18:46:40 +00:00
Vincent Koc
f03ff39754
Providers: skip context1m beta for Anthropic OAuth tokens ( #24620 )
...
* Providers: skip context1m beta for Anthropic OAuth tokens
* Tests: cover OAuth context1m beta skip behavior
* Docs: note context1m OAuth incompatibility
* Agents: add context1m-aware context token resolver
* Agents: cover context1m context-token resolver
* Commands: apply context1m-aware context tokens in session store
* Commands: apply context1m-aware context tokens in status summary
* Status: resolve context tokens with context1m model params
* Status: test context1m status context display
2026-02-23 12:29:09 -05:00
Vincent Koc
d92ba4f8aa
feat: Provider/Mistral full support for Mistral on OpenClaw 🇫🇷 ( #23845 )
...
* Onboard: add Mistral auth choice and CLI flags
* Onboard/Auth: add Mistral provider config defaults
* Auth choice: wire Mistral API-key flow
* Onboard non-interactive: support --mistral-api-key
* Media understanding: add Mistral Voxtral audio provider
* Changelog: note Mistral onboarding and media support
* Docs: add Mistral provider and onboarding/media references
* Tests: cover Mistral media registry/defaults and auth mapping
* Memory: add Mistral embeddings provider support
* Onboarding: refresh Mistral model metadata
* Docs: document Mistral embeddings and endpoints
* Memory: persist Mistral embedding client state in managers
* Memory: add regressions for mistral provider wiring
* Gateway: add live tool probe retry helper
* Gateway: cover live tool probe retry helper
* Gateway: retry malformed live tool-read probe responses
* Memory: support plain-text batch error bodies
* Tests: add Mistral Voxtral live transcription smoke
* Docs: add Mistral live audio test command
* Revert: remove Mistral live voice test and docs entry
* Onboard: re-export Mistral default model ref from models
* Changelog: credit joeVenner for Mistral work
* fix: include Mistral in auto audio key fallback
* Update CHANGELOG.md
* Update CHANGELOG.md
---------
Co-authored-by: Shakker <shakkerdroid@gmail.com >
2026-02-23 00:03:56 +00:00
Peter Steinberger
30e8f41cfc
docs: fix stale release checklist source paths
2026-02-22 21:15:09 +01:00
Peter Steinberger
6fda04e938
refactor: tighten onboarding dmScope typing and docs links
2026-02-22 12:46:09 +01:00
Peter Steinberger
65dccbdb4b
fix: document onboarding dmScope default as breaking change ( #23468 ) (thanks @bmendonca3)
2026-02-22 12:36:49 +01:00
Vincent Koc
7ce357ff8b
docs: add Vincent Koc to contributor credits
2026-02-19 15:13:38 -08:00
Peter Steinberger
c90b09cb02
feat(agents): support Anthropic 1M context beta header
2026-02-18 03:29:48 +01:00
Peter Steinberger
4c569ce246
docs(tokens): document image dimension token tradeoffs
2026-02-18 00:56:57 +01:00
Peter Steinberger
b05e89e5e6
fix(agents): make image sanitization dimension configurable
2026-02-18 00:54:20 +01:00
Muhammed Mukhthar CM
0e023e300e
Revert: fully roll back #17986 templates
2026-02-17 13:57:50 +00:00
Peter Steinberger
25126d75c3
Revert "Agents: improve Windows scaffold helpers for venture studio"
...
This reverts commit b6d934c2c7
2026-02-17 02:26:36 +01:00
sebslight
83b1ae895e
fix(transcript): always drop orphaned OpenAI reasoning blocks
2026-02-16 20:20:32 -05:00
Ibrahim Qureshi
4f5b9da503
Update docs/reference/templates/SOUVENIR.md
...
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
2026-02-17 00:01:30 +01:00
Ibrahim Qureshi
8a3f3a49a5
Update docs/reference/templates/GOALS.md
...
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
2026-02-17 00:01:30 +01:00
Ibrahim Qureshi
bf1b4386df
Update docs/reference/templates/GOALS.md
...
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
2026-02-17 00:01:30 +01:00
Ibrahim Qureshi
1a9a2e396f
feat: Add GOALS.md and SOUVENIR.md template files
...
- GOALS.md: Direction & Execution Strategy template
- SOUVENIR.md: Memory & Reflection Layer template
- Both files pass oxfmt formatting check
2026-02-17 00:01:30 +01:00
Mrseenz
b6d934c2c7
Agents: improve Windows scaffold helpers for venture studio
2026-02-16 23:50:34 +01:00
Gustavo Madeira Santana
8a67016646
Agents: raise bootstrap total cap and warn on /context truncation ( #18229 )
...
Merged via /review-pr -> /prepare-pr -> /merge-pr.
Prepared head SHA: f6620526df5599352+gumadeiras@users.noreply.github.com >
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com >
Reviewed-by: @gumadeiras
2026-02-16 12:04:53 -05:00
Peter Steinberger
f29567b436
perf(test): run coverage gate on unit suite
2026-02-15 04:20:15 +00:00
