vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-03-12 07:20:45 +00:00
Code Issues Packages Projects Releases Wiki Activity
17,153 Commits 680 Branches 76 Tags
43ab4f33ad63422b92d9e6e6553f8400e2686a43
Commit Graph

17153 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nimrod Gutman
43ab4f33ad feat(ios): prepare app store connect release assets 2026-03-07 17:21:07 +02:00
Rodrigo Uroz
4c0b873a4d Config/Compaction: expose safeguard preserve and quality settings (#25557) 
Merged via squash.

Prepared head SHA: ea9904039a
Co-authored-by: rodrigouroz <384037+rodrigouroz@users.noreply.github.com>
Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com>
Reviewed-by: @jalehman
 2026-03-07 07:13:13 -08:00
Ayaan Zaidi
bdd0f74188 docs: add changelog for markdown image hardening (#38895) 2026-03-07 19:46:41 +05:30
Ayaan Zaidi
d25b493c7f fix: address markdown image review feedback 2026-03-07 19:46:41 +05:30
Ayaan Zaidi
4bf902de58 fix: flatten remote markdown images 2026-03-07 19:46:41 +05:30
Peter Steinberger
53a7e3b6e5 docs(security): clarify trusted operator control surfaces 2026-03-07 13:52:22 +00:00
Ayaan Zaidi
9e1de97a69 fix(telegram): route native topic commands to the active session (#38871) 
* fix(telegram): resolve session entry for /stop in forum topics

Fixes #38675

- Export normalizeStoreSessionKey from store.ts for reuse
- Use it in resolveSessionEntryForKey so topic session keys (lowercase
  in store) are found when handling /stop
- Add test for forum topic session key lookup

* fix(telegram): share native topic routing with inbound messages

* fix: land telegram topic routing follow-up (#38871)

---------

Co-authored-by: xialonglee <li.xialong@xydigit.com>
 2026-03-07 19:01:16 +05:30
Ayaan Zaidi
bfc36cc86d test: cover telegram ACP slash session namespace (#38680) 2026-03-07 18:15:30 +05:30
john
e8f419c4e0 fix(telegram): namespace slash SessionKey by agent 
Fixes openclaw/openclaw#38648
 2026-03-07 18:15:30 +05:30
Ayaan Zaidi
05c240fad6 fix: restart Windows gateway via Scheduled Task (#38825) (#38825) 2026-03-07 18:00:38 +05:30
Ayaan Zaidi
26c9796736 fix: check managed systemd unit before is-enabled (#38819) 2026-03-07 17:11:07 +05:30
Peter Steinberger
addd290f88 fix(ci): stabilize tests and detect-secrets after dep updates 2026-03-07 11:14:04 +00:00
Ayaan Zaidi
ac63f30cd2 test(nodes): type wrapped prepare coverage mock 2026-03-07 16:39:43 +05:30
Ayaan Zaidi
9d99370027 test(nodes): cover wrapped system.run prepare 2026-03-07 16:39:43 +05:30
Felipe
3efafab21b fix(nodes): remove redundant rawCommand from system.run.prepare 
The nodes tool was passing rawCommand: formatExecCommand(command) to
system.run.prepare, which produced the full formatted argv string
(e.g. 'powershell -Command "echo hello"'). However,
validateSystemRunCommandConsistency() recognizes shell wrappers like
powershell/bash and extracts the inner command as the 'inferred' value
(e.g. 'echo hello'). This caused a rawCommand vs inferred mismatch,
breaking all nodes run commands with shell wrappers.

The fix removes the explicit rawCommand parameter, letting the
validation correctly infer the command text from the argv array.

Fixes #33080
 2026-03-07 16:39:43 +05:30
Peter Steinberger
8db5d67768 chore: update dependencies except carbon 2026-03-07 10:55:18 +00:00
Peter Steinberger
b85005194e test(memory): make mcporter EINVAL retry test deterministic 2026-03-07 10:49:03 +00:00
Peter Steinberger
1aa77e4603 refactor(extensions): reuse shared helper primitives 2026-03-07 10:41:05 +00:00
Peter Steinberger
3c71e2bd48 refactor(core): extract shared dedup helpers 2026-03-07 10:41:05 +00:00
Ayaan Zaidi
14c61bb33f fix(ci): re-enable detect-secrets on main 2026-03-07 16:09:12 +05:30
Peter Steinberger
f358c6f2fb docs: reorder 2026.3.7 changelog highlights 2026-03-07 10:10:42 +00:00
Peter Steinberger
997a9f5b9e chore: bump version to 2026.3.7 2026-03-07 10:09:02 +00:00
Ayaan Zaidi
84f5d7dc1d fix(android): align run command with app id 2026-03-07 14:58:51 +05:30
Ayaan Zaidi
2018d8aa99 docs: add changelog entry for Android package rename (#38712) 2026-03-07 14:51:03 +05:30
Ayaan Zaidi
5568b393a8 fix(android): rename app package to ai.openclaw.app 2026-03-07 14:51:03 +05:30
Tak Hoffman
8873e13f1e fix(gateway): stop stale-socket restarts before first event (#38643) 
* fix(gateway): guard stale-socket restarts by event liveness

* fix(gateway): centralize connect-time liveness tracking

* fix(web): apply connected status patch atomically

* fix(gateway): require active socket for stale checks

* fix(gateway): ignore inherited stale event timestamps
 2026-03-07 00:58:08 -06:00
ql-wade
a5c07fa115 fix(gateway): skip stale-socket restarts for Telegram polling (openclaw#38405) 
Verified:
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: ql-wade <262266039+ql-wade@users.noreply.github.com>
 2026-03-07 00:20:34 -06:00
拐爷&&老拐瘦
2e31aead39 fix(gateway): invalidate bootstrap cache on session rollover (openclaw#38535) 
Verified:
- pnpm install --frozen-lockfile
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: yfge <1186273+yfge@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-03-06 23:46:02 -06:00
Ayaan Zaidi
e802840b62 docs: update changelog for reply media delivery (#38572) 2026-03-07 10:52:16 +05:30
Ayaan Zaidi
c943747d6b fix: contain final reply media normalization failures 2026-03-07 10:52:16 +05:30
Ayaan Zaidi
059aedeb08 fix: contain block reply media failures 2026-03-07 10:52:16 +05:30
Ayaan Zaidi
77ef672468 fix: normalize reply media paths 2026-03-07 10:52:16 +05:30
Vincent Koc
15a5e39da2 Fix owner-only auth and overlapping skill env regressions (#38548) 2026-03-06 23:33:42 -05:00
Xinhua Gu
024af2b738 fix(feishu): disable block streaming to prevent silent reply drops (openclaw#38422) 
Verified:
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: xinhuagu <562450+xinhuagu@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-03-06 22:33:30 -06:00
ql-wade
e309a15d73 fix: suppress ACP NO_REPLY fragments in console output (#38436) 2026-03-07 09:34:45 +05:30
Vincent Koc
6017b738b1 Web: add HEIC media regression and doc fix (#38294) 
* Web: add HEIC media normalization regression

* Docs: list HEIC input_image MIME types

* Update src/web/media.test.ts

Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>

---------

Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
 2026-03-06 22:49:38 -05:00
Xinhua Gu
1a022a31de fix(gateway): classify wrapped "fetch failed" messages as transient network errors (openclaw#38530) 
Verified:
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: xinhuagu <562450+xinhuagu@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-03-06 21:47:32 -06:00
Jakob
fa69f836c4 fix: increase maxTokens for tool probe to support reasoning models 
Closes #7521
 2026-03-06 22:27:28 -05:00
Tak Hoffman
a01978ba96 fix(googlechat): inherit shared defaults for multi-account webhook auth (#38492) 
* fix(googlechat): inherit shared defaults from accounts.default

* fix(googlechat): do not inherit default enabled state

* fix(googlechat): avoid inheriting default credentials

* fix(googlechat): keep dangerous auth flags account-local
 2026-03-06 21:11:55 -06:00
Vincent Koc
ba9eaf2ee2 fix(media): retain inbound media with recursive cleanup TTL (#38292) 
* Config: add media retention TTL setting

* Media: recurse persisted media cleanup

* Gateway: add persisted media cleanup timer

* Media: harden retention cleanup sweep

* Media: make recursive retention cleanup opt-in

* Media: retry writes after empty-dir cleanup race
 2026-03-06 22:06:09 -05:00
Vincent Koc
563a125c66 fix(gateway): stop shared-main chat.send from inheriting stale external routes (#38418) 
* fix(gateway): prevent webchat messages from cross-routing to external channels

chat.send always originates from the webchat/control-UI surface.  Previously,
channel-scoped session keys (e.g. agent:main:slack:direct:U…) caused
OriginatingChannel to inherit the session's stored external route, so the
reply dispatcher would route responses to Slack/Telegram instead of back to
the gateway connection.  Remove the route-inheritance logic from chat.send and
always set OriginatingChannel to INTERNAL_MESSAGE_CHANNEL ("webchat").

Closes #34647

Made-with: Cursor

* Gateway: preserve configured-main connect gating

* Gateway: cover connect-without-client routing

* Gateway: add chat.send session key length limit

* Gateway: cap chat.send session key schema

* Gateway: bound chat.send session key parsing

* Gateway: cover oversized chat.send session keys

* Update CHANGELOG.md

---------

Co-authored-by: SidQin-cyber <sidqin0410@gmail.com>
 2026-03-06 21:59:08 -05:00
Vincent Koc
bf623a580b Agents: add skill API rate-limit guardrail (#38452) 
* Agents: add rate-limit guardrail for skill API writes

* Changelog: note skill API rate-limit awareness
 2026-03-06 20:20:00 -05:00
Vincent Koc
75981b05c3 Dependencies: remove unused extension packages (#38317) 
* Dependencies: drop unused extension packages

* Dependencies: drop unused tlon http-api package

* Dependencies: keep bundled acpx package
 2026-03-06 19:55:41 -05:00
Vincent Koc
2d52c88dad fix(podman): stop assuming /tmp is disk-backed (#38296) 
* Podman: avoid hardcoding /tmp for image staging

* Docs: clarify container storage paths

* Podman: secure staged image import

* Podman: clarify streamed image handoff
 2026-03-06 19:55:26 -05:00
Vincent Koc
74959fc1fd Dependencies: remove unused core and UI packages (#38316) 
* Dependencies: drop unused root runtime packages

* Dependencies: trim unused UI package deps

* Dependencies: keep UI build deps and stable git lock resolution

* Lockfile: fix UI vitest browser snapshot key
 2026-03-06 19:53:22 -05:00
Vincent Koc
063b9aabe2 fix: xxxxx 2026-03-06 19:46:38 -05:00
Vincent Koc
42e3d8d693 Secrets: add inline allowlist review set (#38314) 
* Secrets: add inline allowlist review set

* Secrets: narrow detect-secrets file exclusions

* Secrets: exclude Docker fingerprint false positive

* Secrets: allowlist test and docs false positives

* Secrets: refresh baseline after allowlist updates

* Secrets: fix gateway chat fixture pragma

* Secrets: format pre-commit config

* Android: keep talk mode fixture JSON valid

* Feishu: rely on client timeout injection

* Secrets: allowlist provider auth test fixtures

* Secrets: allowlist onboard search fixtures

* Secrets: allowlist onboard mode fixture

* Secrets: allowlist gateway auth mode fixture

* Secrets: allowlist APNS wake test key

* Secrets: allowlist gateway reload fixtures

* Secrets: allowlist moonshot video fixture

* Secrets: allowlist auto audio fixture

* Secrets: allowlist tiny audio fixture

* Secrets: allowlist embeddings fixtures

* Secrets: allowlist resolve fixtures

* Secrets: allowlist target registry pattern fixtures

* Secrets: allowlist gateway chat env fixture

* Secrets: refresh baseline after fixture allowlists

* Secrets: reapply gateway chat env allowlist

* Secrets: reapply gateway chat env allowlist

* Secrets: stabilize gateway chat env allowlist

* Secrets: allowlist runtime snapshot save fixture

* Secrets: allowlist oauth profile fixtures

* Secrets: allowlist compaction identifier fixture

* Secrets: allowlist model auth fixture

* Secrets: allowlist model status fixtures

* Secrets: allowlist custom onboarding fixture

* Secrets: allowlist mattermost token summary fixtures

* Secrets: allowlist gateway auth suite fixtures

* Secrets: allowlist channel summary fixture

* Secrets: allowlist provider usage auth fixtures

* Secrets: allowlist media proxy fixture

* Secrets: allowlist secrets audit fixtures

* Secrets: refresh baseline after final fixture allowlists

* Feishu: prefer explicit client timeout

* Feishu: test direct timeout precedence
 2026-03-06 19:35:26 -05:00
Vincent Koc
3070fafec1 fix(venice): switch default model to kimi-k2-5 (#38423) 
* Docs: refresh Venice default model guidance

* Venice: switch default model to Kimi K2.5

* Changelog: credit Venice default refresh
 2026-03-06 19:31:07 -05:00
OfflynAI
adb9234d03 fix(imessage): prevent echo loop from leaking internal metadata and amplifying NO_REPLY into queue overflow (#33295) 
* fix(imessage): prevent echo loop from leaking internal metadata and amplifying NO_REPLY into queue overflow

- Add outbound sanitization at channel boundary (sanitize-outbound.ts):
  strips thinking/reasoning tags, relevant-memories tags, model-specific
  separators (+#+#), and assistant role markers before iMessage delivery

- Add inbound reflection guard (reflection-guard.ts): detects and drops
  messages containing assistant-internal markers that indicate a reflected
  outbound message, preventing recursive echo amplification

- Harden echo cache: increase text TTL from 5s to 30s to catch delayed
  reflections that previously expired before the echo could be detected

- Add loop rate limiter (loop-rate-limiter.ts): per-conversation rapid-fire
  detection that suppresses conversations exceeding threshold within a
  time window, acting as a safety net against amplification

Closes #33281

* fix(imessage): address review — stricter reflection regex, loop-aware rate limiter

- Reflection guard: require closing > bracket on thinking/final/memory
  tag patterns to prevent false-positives on user phrases like
  '<final answer>' or '<thought experiment>' (#33295 review)

- Rate limiter: only record echo/reflection/from-me drops instead of
  all dispatches, so the limiter acts as a loop-specific escalation
  mechanism rather than a general throttle on normal conversation
  velocity (#33295 review)

* Changelog: add iMessage echo-loop hardening entry

* iMessage: restore short echo-text TTL

* iMessage: ignore reflection markers in code

---------

Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
 2026-03-06 19:19:57 -05:00
Vincent Koc
5320ee7731 fix(venice): harden discovery limits and tool support (#38306) 
* Config: add supportsTools compat flag

* Agents: add model tool support helper

* Venice: sync discovery and fallback metadata

* Agents: skip tools for unsupported models

* Changelog: note Venice provider hardening

* Update CHANGELOG.md

* Venice: cap degraded discovery metadata

* Apply suggestion from @greptile-apps[bot]

Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>

* Venice: tolerate partial discovery capabilities

* Venice: tolerate missing discovery specs

---------

Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
 2026-03-06 19:07:11 -05:00