vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-06-02 16:01:05 +00:00
Code Issues Packages Projects Releases Wiki Activity
53,858 Commits 1,843 Branches 149 Tags
4df1fcf7b392fa4113ccb3760ab8e9749396674a
Commit Graph

3047 Commits

Author SHA1 Message Date
Peter Steinberger
b1117d9862 refactor: extract gateway client package (#87797) 
* refactor: extract gateway client package

* chore: drop generated gateway package artifacts

* refactor: move gateway protocol package

* refactor: remove old gateway protocol tree

* test: keep auth compat split in run mode

* test: expose gateway wrapper options for internals

* fix: watch moved gateway package sources

* test: normalize slash command import guard

* chore: teach knip gateway package entries

* ci: route gateway client package checks

* fix: reuse ipaddr for gateway client hosts

* fix: sync gateway protocol usage schema
 2026-05-29 02:23:42 +01:00
Merlin
00067563a6 fix(doctor): handle gateway SecretRefs in auth checks 
Handle exec-backed Gateway SecretRefs in doctor, lint, and health probing without executing providers by default.

- Add `openclaw doctor --allow-exec` for explicit SecretRef execution during lint/doctor checks.
- Skip only the active exec-backed gateway probe path and avoid local service diagnostics for remote-only skipped health.
- Keep env-winning and dormant fallback credentials probeable, stabilize related tests, and remove a stale live-shard fixture left by the moving base.

Verification:
- `node scripts/run-vitest.mjs src/commands/doctor-gateway-auth-token.test.ts src/commands/doctor.warns-state-directory-is-missing.e2e.test.ts src/gateway/credentials.test.ts src/gateway/probe-auth.test.ts src/commands/doctor-gateway-daemon-flow.test.ts test/scripts/test-live-shard.test.ts --reporter=verbose`
- `mise x node@24.13.0 -- pnpm prompt:snapshots:check`
- `pnpm tsgo:prod`
- `pnpm build`
- `.agents/skills/autoreview/scripts/autoreview --mode branch --base origin/main`
- Crabbox AWS live config proof: `run_f44a4d9dae4e`
- GitHub CI: green on final head `88d24abdbf9529a59d75d1d5e04eac74bbbbc267` after rerunning a stale in-progress Security High workflow.

Co-authored-by: Merlin <258679497+funmerlin@users.noreply.github.com>
 2026-05-29 02:07:50 +01:00
Gio Della-Libera
82cb02a4fd fix(cli): preserve Discord voice outbound helper (#85529) 
Merged via squash.

Prepared head SHA: e5f5e3d23f
Co-authored-by: giodl73-repo <giodl73-repo@users.noreply.github.com>
Co-authored-by: giodl73-repo <235387111+giodl73-repo@users.noreply.github.com>
Reviewed-by: @giodl73-repo
 2026-05-28 16:29:08 -07:00
Peter Steinberger
ea682182d0 fix: isolate npm plugin installs per package (#87647) 
* fix: isolate npm plugin installs per package

* test: assert isolated npm plugin projects in upgrade survivor

* test: assert plugin lifecycle npm project roots

* test: resolve npm project deps in live assertions

* fix: resolve codex bins from isolated npm projects

* docs: document isolated npm plugin projects

* ci: configure testbox workflow for crabbox

* fix: stabilize npm project fingerprint

* fix: keep fetch runtime import side-effect free

* test: keep dynamic live model unit hermetic

* ci: handle empty node toolcache roots

* test: make nounset toolcache probe deterministic
 2026-05-28 21:16:07 +01:00
Peter Steinberger
e8f29087ae fix: validate configure gateway ports strictly 2026-05-28 14:43:19 -04:00
Peter Steinberger
b2fdbc53e8 fix: parse qa parent pid strictly 2026-05-28 14:41:02 -04:00
Peter Steinberger
2122dccb91 fix: parse gateway usage days strictly 2026-05-28 13:31:45 -04:00
Peter Steinberger
ed9299a216 fix: reject invalid cron epoch timestamps 2026-05-28 13:20:09 -04:00
Peter Steinberger
03e6181f9f fix: reject exponent provider integer options 2026-05-28 12:08:09 -04:00
Peter Steinberger
c9c53e3153 fix: harden config array index parsing 2026-05-28 11:58:40 -04:00
Peter Steinberger
b6ef874220 fix: reject partial numeric parsing 2026-05-28 10:51:32 -04:00
Peter Steinberger
aab5410bd5 test: speed up slow test suite (#87611) 
* test: speed up slow test suite

* test: preserve fake timer cleanup hooks

* test: avoid timeout readiness race

* test: satisfy reply test types

* test: restore runner and image coverage

* test: restore final media runner path

* test: make cli auth status fixture deterministic

* test: repair runtime alias fixtures
 2026-05-28 13:20:19 +01:00
Peter Steinberger
45e6af5e57 fix: reject partial numeric runtime values 2026-05-27 20:10:01 -04:00
Patrick Erichsen
b4e5038692 fix(cli): respect subcommand version options (#87398) 
* fix(cli): respect subcommand version options

* test: stabilize model directive auth status
 2026-05-27 16:26:11 -05:00
Patrick Erichsen
ee57f341f0 Add ClawHub skill verification and trust surfaces (#86699) 
* feat(skills): fetch ClawHub skill verification

* feat(skills): resolve ClawHub verification targets

* feat(skills): add ClawHub verify command

* docs(skills): document ClawHub verification

* test(skills): type verify CLI fixture

* fix(skills): fetch verified skill card URL

* fix(skills): bound verified card downloads

* fix(skills): fail closed on malformed verification

* fix(skills): corroborate ClawHub install origins

* feat(skills): surface ClawHub trust in control UI

* chore(protocol): refresh generated gateway models

* chore(ui): refresh i18n raw copy baseline

* docs: clarify skills verify wording

* fix: fail closed on skill trust mismatches

* fix: reject incomplete clawhub provenance

* fix: satisfy trust verdict lint

* fix: restore ci checks after main merge
 2026-05-27 14:23:24 -05:00
Peter Steinberger
0f5ea87244 fix(cli): reject partial numeric options 2026-05-27 14:36:06 -04:00
Peter Steinberger
bb46b79d3c refactor: internalize OpenClaw agent runtime (#85341) 
* refactor: extract agent core package

Introduce packages/agent-core as the OpenClaw-owned home for reusable agent loop, harness, session, prompt, and runtime dependency contracts.

* refactor: extract shared llm runtime

Move provider model registries, stream wrappers, OAuth helpers, and LLM utilities into src/llm with plugin-sdk barrels instead of depending on the old embedded runtime layout.

* refactor: remove pi runtime internals

Rename remaining Pi-shaped agent surfaces to OpenClaw agent runtime names, delete obsolete Pi docs and package graph checks, and add the third-party notice for incorporated code.

* refactor: tighten agent session runtime

Make agent-core/runtime dependencies explicit, consolidate compaction and session transcript helpers, and move model/session helpers behind OpenClaw-owned contracts.

* refactor: remove static model and pi auth paths

Drop static model catalogs and Pi auth bridges, move model/provider facts to manifest-owned runtime contracts, and harden internal embedded-agent utilities.

* refactor: remove legacy provider compat paths

* docs: remove agent parity notes

* fix: skip provider wildcard metadata parsing

* refactor: share session extension sdk loading

* refactor: inline acpx proxy error formatter

* refactor: fold edit recovery into edit tool

* fix: accept extension batch separator

* test: align startup provider plugin expectations

* fix: restore provider-scoped release discovery

* test: align static asset packaging expectations

* fix: run static provider catalogs during scoped discovery

* fix: add provider entry catalogs for scoped live discovery

* fix: load lightweight provider catalog entries

* fix: refresh provider-scoped plugin metadata

* fix: keep provider catalog entries on release live path

* fix: keep static manifest models in release live checks

* fix: harden release model discovery

* fix: reduce OpenAI live cache probe reasoning

* fix: disable OpenAI cache probe reasoning

* ci: extend OpenAI gateway live timeout

* fix: extend live gateway model budget

* fix: stabilize release validation regressions

* fix: honor provider aliases in model rows

* fix: stabilize release validation lanes

* fix: stabilize release memory qa

* ci: stabilize release validation lanes

* ci: prefer ipv4 for live docker node calls

* fix: restore shared tool-call stream wrapper

* ci: remove legacy pi test shard alias

* fix: clean up embedded agent test drift

* fix: stabilize runtime alias status

* fix: clean up embedded agent ci drift

* fix: restore release ci invariants

* fix: clean up post-rebase runtime drift

* fix: restore release ci checks

* fix: restore release ci after rebase

* fix: remove stale pi runtime path

* test: align compaction runtime expectations

* test: update plugin prerelease expectations

* fix: handle claude live tool approvals

* fix: stabilize release validation gates

* fix: finish agent runtime import

* test: finish post-rebase agent runtime mocks

* fix: keep codex compaction native

* fix: stabilize codex app-server hook tests

* test: isolate codex diagnostic active run

* test: remove codex diagnostic completion race

# Conflicts:
#	extensions/codex/src/app-server/run-attempt.test.ts

* ci: fix full release manifest performance run id

* refactor: narrow llm plugin sdk boundary

* chore: drop generated google boundary stamps

* fix: repair rebase fallout

* fix: clean up rebased runtime references

* fix: decode codex jwt payloads as base64url

* fix: preserve shipped pi runtime alias

* fix: add scoped sdk virtual modules

* fix: decode llm codex oauth jwt as base64url

* fix: avoid stale vertex adc negative cache

* fix: harden tool arg decoding and codeql path

* fix: keep vertex adc negative checks live

* refactor: consolidate codex jwt and edit helpers

* fix: await codex oauth node runtime imports

* fix: preserve sdk tool and notice contracts

* fix: preserve shipped compat config boundaries

* fix: align codex oauth callback host

* fix: terminate agent-core loop streams on failure

* fix: keep codex oauth callback alive during fallback

* ci: include session tools in critical codeql scans

* fix: keep Cloudflare Anthropic provider auth header

* docs: redirect legacy pi runtime pages

* fix: honor bundled web provider compat discovery

* fix: protect session output spill files

* fix: keep legacy agent dir env blocked

* fix: contain auto-discovered skill symlinks

* fix: harden agent core sdk proxy surfaces

* fix: restore approval reaction sdk compat

* fix: keep live docker runs bounded

* fix: keep codex oauth redirect host aligned

* fix: resolve post-rebase agent runtime drift

* fix: redact anthropic oauth parse failures

* fix: preserve responses strict tool shaping

* fix: repair agent runtime rebase cleanup

* docs: redirect retired parity pages

* fix: bound auto-discovered resources to roots

* fix: repair post-rebase agent test drift

* fix: preserve bundled provider allowlist migration

* fix: preserve manifest-owned provider aliases

* fix: declare photon image dependency

* fix: keep provider headers out of proxy body

* fix: preserve shipped env aliases

* fix: refresh control ui i18n generated state

* fix: quote read fallback paths

* fix: preview edits through configured backend

* test: satisfy core test typecheck

* fix: preserve ZAI usage auth fallback

* test: repair codex diagnostic test

* fix: repair agent runtime rebase drift

* test: finish embedded runner import rename

* fix: repair agent runtime rebase integrations

* test: align compaction oauth fallback expectations

* fix: allow sdk-auth session models

* fix: update doctor tool schema import

* fix: preserve bedrock plugin region

* fix: stream harmony-like prose immediately

* ci: include session runtime in codeql shards

* fix: repair latest rebase integrations

* fix: honor explicit codex websocket transport

* fix: keep openai-compatible credentials provider-scoped

* fix: refresh sdk api baseline after rebase

* fix: route cli runtime aliases through openclaw harness

* test: rename stale harness mock expectation

* test: rename embedded agent overflow calls

* test: clean embedded auth test wording

* test: use openclaw stream types in deepinfra cache test

* fix: refresh sdk api baseline on latest main

* fix: honor bundled discovery compat allowlists

* fix: refresh sdk api baseline after latest rebase

* fix: remove stale rebase imports

* test: rename stale model catalog mock

* test: mock renamed doctor runtime modules

* fix: map canonical kimi env auth

* fix: use internal model registry in bench script

* fix: migrate deepinfra provider catalog entry

* fix: enforce builtin tool suppression

* fix: route compaction auth and proxy payloads safely

* refactor: prune unused llm registry leftovers

* test: update codex hooks session import

* test: fix model picker ci coverage

* test: align model picker auth mock types
 2026-05-27 19:24:04 +01:00
Andi Liao
085228c961 fix(auth): document paste-token stdin setup (#63050) 
Document that automation should pipe `models auth paste-token` credentials over stdin instead of passing token material in argv, keeping the existing secret-handling path explicit in the CLI docs.

Also include accepted auth-profile credential types in invalid-profile warning logs so malformed local auth stores are easier to repair.

Fixes #63042.

Thanks @liaoandi.
 2026-05-27 18:44:44 +01:00
Peter Steinberger
5f7e21e26a fix(cli): reject malformed timeout values 2026-05-27 13:06:17 -04:00
Peter Steinberger
de5971eedc fix(onboard): preserve rerun config migrations 
Fix non-interactive and wizard onboarding reruns so existing agent lists and bindings are preserved unless the user explicitly resets config.

Isolate legacy `plugins.installs` migration into its own write so the config size-drop allowance cannot mask unrelated config loss, while preserving new or repaired install records for the final plugin-index commit. Also keep shrinkwrap generation pinned to pnpm-locked transitive patch versions only when the dependency edge still allows that version, and isolate the tooling Vitest shard that mutates process state.

Fixes #84692.
Replaces #84748.

Co-authored-by: yetval <yetvald@gmail.com>
 2026-05-27 18:05:07 +01:00
Peter Steinberger
e61f175203 fix(cli): reject malformed gateway timeouts 2026-05-27 08:57:03 -04:00
Bob
4d89e00c50 feat(embeddings): add OpenAI-compatible core provider (#85269) 
Merged via squash.

Prepared head SHA: dc9a5d5397
Co-authored-by: dutifulbob <261991368+dutifulbob@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
 2026-05-27 14:37:17 +02:00
Mason Huang
75221e0550 fix(agents): separate heartbeat runtime template (#85416) 
Summary:
- The PR moves the runtime `HEARTBEAT.md` bootstrap template into `src/agents/templates`, keeps docs templates ... or other workspace files, adds a legacy heartbeat-template doctor repair, and updates package guards/tests.
- PR surface: Source +281, Tests +283, Docs +11, Config +1, Other 0. Total +576 across 15 files.
- Reproducibility: yes. from source inspection: current main loads `HEARTBEAT.md` from the docs template, and  ... pty heartbeat file non-empty to the runtime. I did not run a live heartbeat repro in this read-only review.

Automerge notes:
- PR branch already contained follow-up commit before automerge: fix(doctor): recognize heartbeat docs boilerplate
- PR branch already contained follow-up commit before automerge: fix(agents): update heartbeat workspace test
- PR branch already contained follow-up commit before automerge: fix(doctor): tighten heartbeat template repair

Validation:
- ClawSweeper review passed for head e34e85864c.
- Required merge gates passed before the squash merge.

Prepared head SHA: e34e85864c
Review: https://github.com/openclaw/openclaw/pull/85416#issuecomment-4519851630

Co-authored-by: Mason Huang <masonxhuang@tencent.com>
Co-authored-by: clawsweeper[bot] <274271284+clawsweeper[bot]@users.noreply.github.com>
Approved-by: hxy91819
Co-authored-by: hxy91819 <8814856+hxy91819@users.noreply.github.com>
 2026-05-27 12:30:22 +00:00
Peter Steinberger
5fdaf6b49b fix(cli): validate message numeric options 2026-05-27 08:05:03 -04:00
Peter Steinberger
513a223c15 fix(cli): validate directory limits before resolution 2026-05-27 07:35:02 -04:00
Peter Steinberger
0889106cb2 fix(cli): reject loose webhook and directory numeric options 2026-05-27 07:35:02 -04:00
Vincent Koc
c18370574e feat(pixverse): add video generation provider 2026-05-27 12:41:10 +02:00
Peter Steinberger
6b391efa4e fix(cli): reject loose model and gateway numeric options 2026-05-27 04:27:02 -04:00
Yoshikazu Terashi
3104f36329 fix(cron): surface classified run failure causes 
Surface classified cron failure causes without changing raw cron JSON error text.

- add additive CLI `cause` output for finished run entries with `errorReason`
- persist/backfill full `FailoverReason` values on cron run-log entries
- thread provider context through cron finalization so provider-specific failure causes stay accurate
- extend protocol/Swift models and regression coverage for CLI JSON, run-log parsing/search, alerts, and protocol conformance

Verification:
- `pnpm lint --threads=8`
- `pnpm protocol:check`
- `pnpm exec oxfmt --check src/cli/cron-cli/shared.ts src/cli/cron-cli/shared.cause-display.test.ts src/cron/run-log.ts src/cron/run-log.error-reason.test.ts src/cron/cron-protocol-conformance.test.ts src/cron/service.failure-alert.test.ts src/cron/service/timer.ts src/cron/service/ops.ts src/gateway/protocol/schema/cron.ts scripts/protocol-gen-swift.ts`
- `git diff --check`
- AWS Crabbox `cbx_8a6a65ab83b0` / `run_42b73a4a9750`: 4 files, 20 tests passed
- autoreview clean, no accepted/actionable findings
- GitHub CI/CodeQL/OpenGrep/Workflow Sanity green/skipped/neutral on `aa29b087b2587d0aed3d409de5e7a2c706c32cdf`

Co-authored-by: Yoshikazu Terashi <yterashi@peperon-works.jp>
 2026-05-27 09:03:17 +01:00
Peter Steinberger
c95d348bb5 fix(cli): reject loose numeric options 2026-05-27 03:52:40 -04:00
Peter Steinberger
d2d5010aec fix: reject partial numeric CLI options 2026-05-27 03:34:44 -04:00
Peter Steinberger
482018e536 fix: mark plugin command groups in root help 2026-05-27 08:22:01 +01:00
Peter Steinberger
2bbef6caac fix: route nested root help targets 2026-05-27 08:22:01 +01:00
Peter Steinberger
5f6293a902 fix: route root help targets to command help 2026-05-27 08:22:01 +01:00
Peter Steinberger
b31c9e9810 fix: preserve root options in generated help 2026-05-27 08:22:01 +01:00
Peter Steinberger
ec377dd079 fix: support plugin generated help targets 2026-05-27 08:22:01 +01:00
Peter Steinberger
1de98487cc fix: route generated help targets to subcommands 2026-05-27 08:22:01 +01:00
Peter Steinberger
9015d0c582 fix: normalize generated help self-help 2026-05-27 08:22:01 +01:00
Peter Steinberger
f407e4e498 fix: validate gateway call timeouts 2026-05-27 08:22:01 +01:00
Peter Steinberger
84b11237f2 fix: let skills JSON output flush naturally 2026-05-27 08:22:01 +01:00
Super Zheng
6790b0f792 perf(secrets): propagate snapshots and eliminate esm side-effects in auth env vars (#86439) 
* perf(secrets): propagate snapshots and eliminate esm side-effects in auth env vars

* perf(secrets): reuse provider auth lookup maps

* test(auth): update provider env var mocks

* test(auth): cover rebased provider env mocks

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
 2026-05-27 08:19:07 +01:00
Peter Steinberger
145b57c734 perf(gateway): defer skipped-channel sidecars 2026-05-27 04:20:26 +01:00
Val Alexander
b4f69286fd fix(gateway): stop chat timeout fallback cascade 
Fix gateway/chat timeout abort propagation so timed-out runs do not cascade through fallbacks. Preserve provider timeout errors when the gateway abort signal did not fire, and keep timeout stop reasons in async gateway agent results. Includes regression coverage for chat, follow-up, memory flush, fallback classification, and gateway agent timeout results. Fixes #83962.
 2026-05-27 03:54:44 +01:00
Peter Steinberger
0126aba57f test: speed up capability cli tests 2026-05-27 03:48:59 +01:00
Peter Steinberger
657f9d1422 test: speed up command secret gateway tests 2026-05-27 03:43:52 +01:00
Peter Steinberger
90653775a9 test: speed up update cli tests 2026-05-27 03:16:21 +01:00
fuller-stack-dev
669bfdd9b0 test: fix bundled install mock typing 2026-05-26 23:51:53 +01:00
fuller-stack-dev
771675e826 fix: keep bundled OpenClaw plugins image-owned 2026-05-26 23:51:53 +01:00
Thesaranshn8n
6729dea36f fix(codex): share native hook relay registry (#73950) 
Co-authored-by: Sar Jeeves <sar-jeeves@example.com>
Co-authored-by: Kaspre <kaspre@gmail.com>
Co-authored-by: Dallin Romney <dallinromney@gmail.com>
 2026-05-26 15:02:03 -07:00
Andy Ye
f3e61580bd Fix status JSON plugin scan (#87001) 
* fix status json plugin scan

* fix status json metadata imports

* fix channel metadata repair fallback

* fix runtime channel id normalization fallback

* fix status json env channel detection

Co-authored-by: Peter Steinberger <steipete@gmail.com>

* fix signed thinking legacy tool repair

* fix: preserve first signed replay turn

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
 2026-05-26 22:24:25 +01:00