vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-11 04:00:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
43,003 Commits 1,843 Branches 149 Tags
3a2cd7ded57b52a0e97864d7c16fd016dcad66ea
Commit Graph

74 Commits

Author SHA1 Message Date
Peter Steinberger
150ded8f27 test: tighten core capture assertions 2026-05-08 20:44:46 +01:00
Shakker
0c4ccdc3c7 test: tighten system run command assertions 2026-05-08 20:23:41 +01:00
Pavan Kumar Gondhi
fc065b2693 Harden macOS shell wrapper allowlist parsing [AI] (#78518) 
* fix: harden shell wrapper allowlist parsing

* fix: harden shell wrapper approval binding

* docs: add changelog entry for PR merge

---------

Co-authored-by: Ishaan <ishaan@Ishaans-Mac-mini.local>
 2026-05-08 10:18:41 +05:30
Peter Steinberger
9ef37d1907 test: tighten assertions and harness coverage 2026-05-08 05:28:12 +01:00
Peter Steinberger
538605ff44 [codex] Extract filesystem safety primitives (#77918) 
* refactor: extract filesystem safety primitives

* refactor: use fs-safe for file access helpers

* refactor: reuse fs-safe for media reads

* refactor: use fs-safe for image reads

* refactor: reuse fs-safe in qqbot media opener

* refactor: reuse fs-safe for local media checks

* refactor: consume cleaner fs-safe api

* refactor: align fs-safe json option names

* fix: preserve fs-safe migration contracts

* refactor: use fs-safe primitive subpaths

* refactor: use grouped fs-safe subpaths

* refactor: align fs-safe api usage

* refactor: adapt private state store api

* chore: refresh proof gate

* refactor: follow fs-safe json api split

* refactor: follow reduced fs-safe surface

* build: default fs-safe python helper off

* fix: preserve fs-safe plugin sdk aliases

* refactor: consolidate fs-safe usage

* refactor: unify fs-safe store usage

* refactor: trim fs-safe temp workspace usage

* refactor: hide low-level fs-safe primitives

* build: use published fs-safe package

* fix: preserve outbound recovery durability after rebase

* chore: refresh pr checks
 2026-05-06 02:15:17 +01:00
Peter Steinberger
bd0e10a2f6 refactor: route inline eval through command analysis 2026-05-03 18:06:10 +01:00
Peter Steinberger
7f3f108521 refactor(config): migrate plugin config access 2026-04-27 12:35:58 +01:00
Val Alexander
fc5920fb51 fix(ui): polish assistant identity settings 
Polishes the basic config identity layout, aligns assistant avatar rendering with chat, and adds a Control UI assistant avatar override with IDENTITY.md fallback.
 2026-04-25 06:27:22 -05:00
Peter Steinberger
cbc88fb92d test: trim system run runtime duplicate 2026-04-23 18:55:19 +01:00
Peter Steinberger
c7408f1cf2 test: trim system run handler coverage 2026-04-23 18:53:53 +01:00
Peter Steinberger
a216b4ebc3 test: merge system run path binding cases 2026-04-20 23:34:59 +01:00
Peter Steinberger
b07c40a5a8 test: merge system run denial matrices 2026-04-20 23:26:37 +01:00
Peter Steinberger
3df9a60b0b perf(test): trim hotspot coverage duplication 2026-04-20 21:01:06 +01:00
Peter Steinberger
44082acef5 perf(test): reuse node host runtime fixtures 2026-04-20 20:34:55 +01:00
Peter Steinberger
8a09b40cb2 perf(test): trim test teardown waits 2026-04-20 20:30:16 +01:00
Peter Steinberger
dab1be48fc perf(test): merge chat and system run cases 2026-04-20 19:32:05 +01:00
Peter Steinberger
785ecf7715 perf(test): mock system run logger 2026-04-20 19:01:37 +01:00
Peter Steinberger
08e1eb7a9f test: narrow system run dispatch matrix 2026-04-17 20:27:52 +01:00
Peter Steinberger
087f1584df test: streamline system run hotspot coverage 2026-04-17 20:18:01 +01:00
Peter Steinberger
014eaa8492 test: merge env rejection invoke cases 2026-04-17 20:03:35 +01:00
Peter Steinberger
125b1e0e20 test: reuse node-host runtime bins 2026-04-17 19:47:43 +01:00
Peter Steinberger
729feb4b99 test: reuse exec approval home fixture 2026-04-17 19:37:47 +01:00
Peter Steinberger
c0a9b694f3 test: reuse node host home fixture 2026-04-17 19:35:19 +01:00
Peter Steinberger
7edce9c8fa test: reuse inline eval fixtures 2026-04-17 19:25:58 +01:00
Peter Steinberger
7b27d08e56 perf: lazy load system run config 2026-04-17 16:39:24 +01:00
Peter Steinberger
7e9ff0f86e test: reuse system-run temp fixtures 2026-04-17 02:49:37 +01:00
Peter Steinberger
12a59b0a18 test: trim hotspot wait overhead 2026-04-17 02:47:09 +01:00
Peter Steinberger
6ba8626c25 test: trim remaining hotspot tests 2026-04-17 02:07:26 +01:00
Pavan Kumar Gondhi
8f8492d172 fix(security): broaden shell-wrapper detection and block env-argv assignment injection [AI-assisted] (#65717) 
* fix: address issue

* fix: address PR review feedback

* fix: address PR review feedback

* docs: add changelog entry for PR merge
 2026-04-13 11:48:42 +05:30
Nimrod Gutman
de6bac331c fix(exec): detect cmd wrapper carriers (#62439) 
* fix(exec): detect cmd wrapper carriers

* fix(exec): block env cmd wrapper carriers

* fix: keep cmd wrapper carriers approval-gated (#62439) (thanks @ngutman)
 2026-04-07 14:27:06 +03:00
Nimrod Gutman
d008e2d015 fix(exec): align node shell allowlist wrappers (#62401) 
* fix(exec): align node shell allowlist wrappers

* fix: align node shell allowlist wrappers (#62401) (thanks @ngutman)
 2026-04-07 13:05:57 +03:00
Peter Steinberger
38bd525888 test: align strict inline-eval awk denial expectation 2026-04-02 19:09:39 +01:00
Peter Steinberger
3e452f2671 fix: preserve strict inline-eval approval boundaries (#59780) (thanks @luoyanglang) 2026-04-02 18:30:29 +01:00
Peter Steinberger
a406045f2f test: accept Windows exec approval denial path 2026-04-03 02:04:26 +09:00
Vincent Koc
2d53ffdec1 fix(exec): resolve remote approval regressions (#58792) 
* fix(exec): restore remote approval policy defaults

* fix(exec): handle headless cron approval conflicts

* fix(exec): make allow-always durable

* fix(exec): persist exact-command shell trust

* fix(doctor): match host exec fallback

* fix(exec): preserve blocked and inline approval state

* Doctor: surface allow-always ask bypass

* Doctor: match effective exec policy

* Exec: match node durable command text

* Exec: tighten durable approval security

* Exec: restore owner approver fallback

* Config: refresh Slack approval metadata

---------

Co-authored-by: scoootscooob <zhentongfan@gmail.com>
 2026-04-01 02:07:20 -07:00
Peter Steinberger
5e30da3cad fix(exec): restore strict inline-eval allow-always reuse 2026-03-31 23:45:22 +09:00
Jacob Tomlinson
7bd2761b92 Exec approvals: detect command carriers in strict inline eval (#57842) 
* Exec approvals: detect command carriers in strict inline eval

* Exec approvals: cover carrier option edge cases

* Exec approvals: cover make and find carriers

* Exec approvals: catch attached eval flags

* Exec approvals: keep sed -E out of inline eval

* Exec approvals: treat sed in-place flags as optional
 2026-03-31 10:58:17 +01:00
Peter Steinberger
1ceaad18a6 test: harden vitest no-isolate coverage 2026-03-22 10:48:21 -07:00
Peter Steinberger
a94ec3b79b fix(security): harden exec approval boundaries 2026-03-22 09:35:25 -07:00
Josh Avant
7abfff756d Exec: harden host env override handling across gateway and node (#51207) 
* Exec: harden host env override enforcement and fail closed

* Node host: enforce env override diagnostics before shell filtering

* Env overrides: align Windows key handling and mac node rejection
 2026-03-20 15:44:15 -05:00
Josh Avant
f4fef64fc1 Gateway: treat scope-limited probe RPC as degraded reachability (#45622) 
* Gateway: treat scope-limited probe RPC as degraded

* Docs: clarify gateway probe degraded scope output

* test: fix CI type regressions in gateway and outbound suites

* Tests: fix Node24 diffs theme loading and Windows assertions

* Tests: fix extension typing after main rebase

* Tests: fix Windows CI regressions after rebase

* Tests: normalize executable path assertions on Windows

* Tests: remove duplicate gateway daemon result alias

* Tests: stabilize Windows approval path assertions

* Tests: fix Discord rate-limit startup fixture typing

* Tests: use Windows-friendly relative exec fixtures

---------

Co-authored-by: Mainframe <mainframe@MainfraacStudio.localdomain>
 2026-03-13 23:13:33 -05:00
Robin Waslander
b7a37c2023 fix(node-host): extend script-runner set and add fail-closed guard for mutable-file approval 
tsx, jiti, ts-node, ts-node-esm, vite-node, and esno were not recognized
as interpreter-style script runners in invoke-system-run-plan.ts. These
runners produced mutableFileOperand: null, causing invoke-system-run.ts
to skip revalidation entirely. A mutated script payload would execute
without the approval binding check that node ./run.js already enforced.

Two-part fix:
- Add tsx, jiti, and related TypeScript/ESM loaders to the known script
  runner set so they produce a valid mutableFileOperand from the planner
- Add a fail-closed runtime guard in invoke-system-run.ts that denies
  execution when a script run should have a mutable-file binding but the
  approval plan is missing it, preventing unknown future runners from
  silently bypassing revalidation

Fixes GHSA-qc36-x95h-7j53
 2026-03-12 01:34:35 +01:00
Peter Steinberger
68c674d37c refactor(security): simplify system.run approval model 2026-03-11 01:43:06 +00:00
Peter Steinberger
cc0f30f5fb test: fix windows runtime and restart loop harnesses 2026-03-09 07:22:23 +00:00
Peter Steinberger
cf3a479bd1 fix(node-host): bind bun and deno approval scripts 2026-03-09 05:59:32 +00:00
Josh Avant
25252ab5ab gateway: harden shared auth resolution across systemd, discord, and node host 2026-03-07 18:28:32 -06:00
Peter Steinberger
8a469a12b2 test(exec): dedupe wrapper boundary regressions 2026-03-08 00:12:08 +00:00
Peter Steinberger
2fc95a7cfc fix(exec): close dispatch-wrapper boundary drift 2026-03-07 23:40:38 +00:00
Peter Steinberger
1d1757b16f fix(exec): recognize PowerShell encoded commands 2026-03-07 23:15:46 +00:00
Peter Steinberger
c76d29208b fix(node-host): bind approved script operands 2026-03-07 23:04:00 +00:00