Vincent Koc
19c7731292
fix(plugins): classify npm-pack security events as archives
2026-06-17 16:11:32 +08:00
Vincent Koc
81df1b239b
fix(plugins): satisfy install security lint
2026-06-17 16:11:32 +08:00
Vincent Koc
80c47ecb99
test(plugins): narrow npm install mock options
2026-06-17 16:11:32 +08:00
Vincent Koc
122f29e5ea
fix(plugins): preserve install security provenance
2026-06-17 16:11:32 +08:00
Vincent Koc
b6714bf109
fix(diagnostics): preserve plugin security identities
2026-06-17 16:11:32 +08:00
Vincent Koc
7279f43bbb
fix(plugins): avoid duplicate npm install security events
2026-06-17 16:11:32 +08:00
Vincent Koc
b86b891326
feat(plugins): emit security events for installs
2026-06-17 16:11:32 +08:00
Sally O'Malley
e6ffcf7362
docs: clarify before_install hook scope ( #92766 )
...
Signed-off-by: sallyom <somalley@redhat.com >
2026-06-13 16:54:04 -04:00
Peter Steinberger
8975f75c8b
docs: document plugin public surface helpers
2026-06-04 04:22:45 -04:00
Josh Avant
154f439c81
Add operator install policy and remove dangerous-code install scanners ( #89516 )
...
* feat: add operator install policy
* test: cover plain-file plugin install code
* fix: preserve locationless install policy findings
* refactor: remove install-time plugin scanner
* test: remove stale plugin install helper
* fix: preserve before-install builtin scan type
* fix: preserve plugin dependency denylist
---------
Co-authored-by: Mainframe <mainframe@MainfraacStudio.localdomain >
2026-06-03 14:17:29 -07:00
Peter Steinberger
5b79e81569
fix: harden CLI and plugin edge cases ( #88896 )
...
* fix: harden CLI and plugin edge cases
* fix: preserve explicit TTS provider credentials
* fix: preserve direct TTS credentials
* fix: type TTS credential hydration config
* fix: preserve scoped TTS channel credentials
* fix: pin hydrated TTS runtime config
* fix: satisfy TTS hydration lint
* fix: preserve inherited TTS provider keys
* fix: read resolved TTS provider keys
2026-06-01 00:30:12 -04:00
Peter Steinberger
23dac6c263
test: keep vitest cases under one second
2026-05-31 06:51:34 +01:00
Rohit
376b03f8ea
fix(plugins): reject incompatible package plugin API installs ( #87477 )
...
* fix(plugins): enforce package plugin API compatibility
* fix(plugins): preserve plugin API prerelease floors
* fix(plugins): gate persisted plugin api compatibility
* fix(plugins): skip incompatible package discovery
* fix(plugins): check api compatibility before package shape
* fix(plugins): gate bundle package api compatibility
* docs(plugins): clarify plugin API release sync
* test(agents): keep dynamic live model unit test runtime-free
* fix(plugins): normalize correction plugin api floors
* test(agents): align dynamic normalizer expectation
* fix(plugins): reject malformed plugin api metadata
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com >
2026-05-28 20:25:30 +01:00
Peter Steinberger
aab5410bd5
test: speed up slow test suite ( #87611 )
...
* test: speed up slow test suite
* test: preserve fake timer cleanup hooks
* test: avoid timeout readiness race
* test: satisfy reply test types
* test: restore runner and image coverage
* test: restore final media runner path
* test: make cli auth status fixture deterministic
* test: repair runtime alias fixtures
2026-05-28 13:20:19 +01:00
Peter Steinberger
75fc0bce0f
test: speed up plugin install suites
2026-05-27 00:46:44 +01:00
Vincent Koc
793e300cc5
fix(plugins): support linked source checkouts on Windows
2026-05-25 03:36:06 +02:00
Peter Steinberger
868315aef0
test: fix install readdir mock typing
2026-05-17 14:12:55 +01:00
Peter Steinberger
e43a2efcdb
test: harden wsl2 fixtures
2026-05-17 13:45:21 +01:00
Vincent Koc
c277138959
test(plugins): share archive fixture packing
2026-05-17 01:35:39 +08:00
Vincent Koc
e650f8930d
fix(test): avoid scanning plugin archive entries
2026-05-16 14:35:24 +08:00
Vincent Koc
d2e0a8231f
fix(plugins): reject malformed package entries
2026-05-16 03:44:33 +08:00
Peter Steinberger
cf571c1b58
fix(plugins): scope install scanner to runtime graph
2026-05-13 21:22:37 +01:00
Peter Steinberger
439e396262
fix(plugins): allow benign LanceDB runtime shims
2026-05-13 20:24:46 +01:00
Pavan Kumar Gondhi
39bcd1e088
fix(plugins): scan installed dependency runtime code [AI] ( #81066 )
...
* fix: scan installed plugin dependency code
* addressing review-skill
* addressing review-skill
* addressing codex review
* addressing codex review
* addressing codex review
* addressing codex review
* addressing codex review
* addressing codex review
* addressing codex review
* addressing codex review
* addressing ci
* addressing ci
* docs: add changelog entry for PR merge
2026-05-13 10:26:24 +05:30
Peter Steinberger
cf1987bbe9
test: dedupe plugin install mock reads
2026-05-12 22:48:58 +01:00
Shakker
9456cc850a
test: signal plugin warning text
2026-05-12 21:48:49 +01:00
Pavan Kumar Gondhi
a5dce367ce
fix: scan plugin runtime entries during install [AI] ( #80998 )
...
* fix: scan plugin runtime entries during install
* addressing review-skill
* addressing claude review
* docs: add changelog entry for PR merge
2026-05-12 20:28:40 +05:30
Alex Naidis
a290cd633f
fix(doctor): repair managed plugin peer links
...
Repair managed npm plugin OpenClaw peer links across doctor, install, and update flows.
- relink `peerDependencies.openclaw` packages under managed npm roots during doctor repair
- make read-only doctor preview broken peer links with a `doctor --fix` hint
- reject target plugin installs when their own peer link cannot be repaired, without blocking unrelated installs for stale sibling packages
- preserve update warning behavior for unrepairable package-local `node_modules`
Verification:
- `pnpm test src/plugins/plugin-peer-link.test.ts src/plugins/install.test.ts src/plugins/install.npm-spec.test.ts src/plugins/update.test.ts src/commands/doctor-plugin-registry.test.ts src/commands/doctor/repair-sequencing.test.ts -- --reporter=verbose`
- `pnpm exec oxfmt --check --threads=1 ...`
- `git diff --check`
- Crabbox/Testbox `tbx_01krde1jx199rnpm2rv1rdcj76`: focused tests + `pnpm check:changed`, exit 0
- Real CLI proof in PR body: read-only `openclaw doctor` warning plus `openclaw doctor --fix` symlink repair
Thanks @TheCrazyLex.
2026-05-12 07:49:08 +01:00
Peter Steinberger
433634066c
test: guard plugin install mock calls
2026-05-12 06:57:58 +01:00
Peter Steinberger
fdb65c035e
test: clear plugin install broad matchers
2026-05-10 15:01:23 +01:00
Shakker
0fef42ddcc
test: tighten plugin extension array assertions
2026-05-09 05:58:17 +01:00
Peter Steinberger
a44021ce17
test: tighten plugin contract assertions
2026-05-08 14:33:24 +01:00
Shakker
a40ef6691e
test: assert plugin install scanner warnings
2026-05-08 10:41:53 +01:00
Peter Steinberger
9ef37d1907
test: tighten assertions and harness coverage
2026-05-08 05:28:12 +01:00
hcl
d193d15f17
fix(plugins): explain source-only package diagnostics ( #77835 ) ( #77842 )
2026-05-05 17:43:13 -07:00
Vincent Koc
54300e5270
fix(plugins): quiet official npm install scan warnings
2026-05-04 02:40:55 -07:00
Vincent Koc
a9282f3571
fix(plugins): reject blank runtime entries
2026-05-04 01:41:20 -07:00
Peter Steinberger
59c523c6b5
fix: reject source-only plugin package installs
2026-05-03 16:48:46 +01:00
Peter Steinberger
23ac9ccfd5
test: add codex npm plugin Docker live proof
2026-05-02 20:08:48 +01:00
Peter Steinberger
5ac0ff1812
fix: install ClawHub package dependencies
2026-05-02 06:57:04 +01:00
Peter Steinberger
355680f1f2
fix: trust official ClawHub archive installs
2026-05-02 06:07:22 +01:00
Peter Steinberger
87f43ca88c
fix: trust official source-linked ClawHub plugins
2026-05-02 05:16:10 +01:00
Peter Steinberger
23fd8a90f9
refactor: simplify plugin module loading
2026-05-02 01:41:09 +01:00
Peter Steinberger
d2ae2a3fb0
fix(plugins): require declared runtime setup entries
2026-05-01 22:36:18 +01:00
Peter Steinberger
257a3c068d
refactor: simplify plugin dependency loading
2026-05-01 21:56:40 +01:00
Peter Steinberger
ed8f50f240
refactor: simplify plugin dependency handling
...
Simplify plugin installation and runtime loading around package-manager-owned dependencies, with Jiti reserved for local/TS fallback paths.
Also scans npm plugin install roots so hoisted transitive dependencies are covered by dependency denylist and node_modules symlink checks.
2026-05-01 21:32:22 +01:00
Vincent Koc
412434a450
test(plugins): extend external install contract coverage
2026-04-29 02:48:58 -07:00
Peter Steinberger
d69eeeb2a8
fix: skip test-only plugin install scan findings
2026-04-27 15:00:55 +01:00
Peter Steinberger
c3b3da41fe
fix: allow trusted openclaw peer symlinks
2026-04-27 14:40:02 +01:00
Peter Steinberger
f337c9019c
refactor: share plugin package entry resolution
2026-04-26 11:11:58 +01:00