vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-07 02:00:44 +00:00
Code Issues Packages Projects Releases Wiki Activity
39,765 Commits 1,843 Branches 149 Tags
52eee27f304c8ec89a9134eec3fb8c6e1d9152d4
Commit Graph

803 Commits

Author SHA1 Message Date
Peter Steinberger
de0d484236 fix(sessions): preserve durable conversation entries 2026-05-02 06:30:44 +01:00
Peter Steinberger
04b9f5fc98 fix(cli): avoid directory plugin reinstall prompts 2026-05-02 06:14:29 +01:00
Peter Steinberger
43121fb096 fix: guard provider-prefixed delivery targets 2026-05-02 05:30:41 +01:00
Peter Steinberger
ac58dc2e92 fix(doctor): warn on missing channel env tokens 2026-05-02 04:29:27 +01:00
Peter Steinberger
eee3aeae00 [codex] add Crestodian plugin management (#75869) 
Summary:
- The branch adds ClawHub plugin search and Crestodian plugin list/search/install/uninstall flows, with docs, changelog, tests, runtime injection, and regenerated config baseline hashes.
- Reproducibility: not applicable. as a bug reproduction request. The high-confidence verification path is cur ... surface search plus exact-head diff/source inspection against the PR's targeted tests and queued CI checks.

ClawSweeper fixups:
- Included follow-up commit: Repair Crestodian plugin management config schema drift

Validation:
- ClawSweeper review passed for head c29cda6005.
- Required merge gates passed before the squash merge.

Prepared head SHA: c29cda6005
Review: https://github.com/openclaw/openclaw/pull/75869#issuecomment-4362360704

Co-authored-by: Peter Steinberger <steipete@gmail.com>
Co-authored-by: clawsweeper <274271284+clawsweeper[bot]@users.noreply.github.com>
 2026-05-02 03:12:38 +00:00
Peter Steinberger
a22f065043 fix(slack): support exact message reads 2026-05-02 03:24:36 +01:00
Peter Steinberger
c64a7321e5 fix(providers): preserve defaults during auth setup 2026-05-02 03:16:31 +01:00
Vincent Koc
5c447f53d7 docs(plugins): document clawhub clawpack installs 2026-05-01 17:35:03 -07:00
Peter Steinberger
6af6688ce2 fix: warn on legacy WhatsApp cron health checks 2026-05-01 22:45:53 +01:00
Peter Steinberger
fe8966b4ea fix: stop channel runtime before WhatsApp removal 2026-05-01 22:37:30 +01:00
Peter Steinberger
ed8f50f240 refactor: simplify plugin dependency handling 
Simplify plugin installation and runtime loading around package-manager-owned dependencies, with Jiti reserved for local/TS fallback paths.

Also scans npm plugin install roots so hoisted transitive dependencies are covered by dependency denylist and node_modules symlink checks.
 2026-05-01 21:32:22 +01:00
Vincent Koc
f858b5de22 fix(security): keep plain audit off plugin runtimes 
Keep routine security audit on config/filesystem checks by default, reserving plugin runtime collectors for deep audit paths.\n\nThanks @vincentkoc
 2026-05-01 08:22:06 -07:00
Vincent Koc
bbc3384fda docs(doctor): clarify service repair prompts 
Clarify when doctor reports service repair state versus when gateway install performs launcher writes.\n\nThanks @vincentkoc
 2026-05-01 08:21:43 -07:00
Peter Steinberger
7ddf28c0d4 feat: support git plugin installs 2026-05-01 10:59:10 +01:00
Peter Steinberger
88da533714 fix: bypass update restart cooldown 2026-05-01 09:55:03 +01:00
Peter Steinberger
e131eaecb5 fix: force package update restart handoff 2026-05-01 09:25:33 +01:00
Peter Steinberger
250376f885 fix: simplify bundled runtime dependency repair (#75183) 
Summary:
- Merged fix: simplify bundled runtime dependency repair after ClawSweeper review.

ClawSweeper fixups:
- Included follow-up commit: fix: verify cached bundled runtime roots
- Included follow-up commit: refactor: simplify plugin runtime startup paths
- Included follow-up commit: refactor: trim plugin startup policy helpers
- Included follow-up commit: refactor: trust package manager runtime deps materialization
- Included follow-up commit: fix: narrow channel runtime deps skip policy
- Included follow-up commit: refactor: defer startup plugin runtime deps
- Ran the ClawSweeper repair loop before final review.

Validation:
- ClawSweeper review passed for head 04dc566534.
- Required merge gates passed before the squash merge.

Prepared head SHA: 04dc566534
Review: https://github.com/openclaw/openclaw/pull/75183#issuecomment-4358383786

Co-authored-by: Peter Steinberger <steipete@gmail.com>
Co-authored-by: Shakker <shakkerdroid@gmail.com>
Co-authored-by: clawsweeper-repair <clawsweeper-repair@users.noreply.github.com>
 2026-05-01 07:49:02 +00:00
Peter Steinberger
464e573602 fix(voice-call): delegate cli calls to gateway 2026-05-01 06:35:36 +01:00
Jesse Merhi
4ea0556f64 feat: add proxy validation command 
Adds `openclaw proxy validate` for operator-managed proxy preflight checks, including allowed/denied destination validation, CLI output, tests, docs, and changelog coverage.

Maintainer follow-ups before landing:
- validate custom allowed URLs before probing;
- use a temporary loopback canary for default denied checks and fail custom denied transport errors as unverifiable;
- redact proxy URL userinfo, query strings, and fragments from text/JSON validation output.

Validation:
- `pnpm test src/infra/net/proxy/proxy-validation.test.ts src/cli/proxy-cli.runtime.test.ts src/cli/proxy-cli.test.ts -- --reporter=verbose`
- `pnpm exec oxfmt --check --threads=1 CHANGELOG.md src/cli/proxy-cli.ts src/cli/proxy-cli.runtime.ts src/cli/proxy-cli.test.ts src/cli/proxy-cli.runtime.test.ts src/infra/net/proxy/proxy-validation.ts src/infra/net/proxy/proxy-validation.test.ts docs/cli/proxy.md docs/security/network-proxy.md`
- `pnpm exec oxlint src/cli/proxy-cli.runtime.ts src/cli/proxy-cli.runtime.test.ts`
- `git diff --check`
- Testbox `pnpm install && OPENCLAW_TESTBOX=1 pnpm check:changed` on `tbx_01kqgz68ff20n3dtrgq0j1mykt`
- GitHub CI success on `321b3aaf2b8be27dec6ce2ac5e4007ed064218b5`
 2026-05-01 00:19:55 -05:00
Peter Steinberger
54f44ec321 fix: restore Twilio Meet voice intro 2026-05-01 05:41:49 +01:00
Peter Steinberger
4987482e4c perf: keep models list responsive during catalog discovery (#75326) 
* perf: keep models list responsive during catalog discovery

* docs: record models list responsiveness fix

* fix: preserve models catalog load failures
 2026-05-01 02:31:53 +00:00
pashpashpash
027ea5f08b Isolate Codex app-server state per agent (#74556) 
* fix(codex): isolate app-server home per agent

* fix(codex): isolate native Codex assets per agent

* fix(channels): mark inbound system events untrusted

* fix(doctor): warn on personal Codex agent skills

* test(doctor): cover personal Codex agent skills warning

* fix(codex): forward auth profiles to harness runs

* fix(codex): preserve auto auth for harness runs

* fix(codex): auto-select harness auth profiles

* test(codex): type harness auth mock

* feat(codex): select migrated skills

* fix(codex): satisfy migration selection lint

* docs: add codex isolation changelog
 2026-05-01 04:49:02 +09:00
Vincent Koc
62be4eb21e docs: cover qqbot /bot-me + c2cOnly admin gating (62fb87641e) and cron add --agent warning (dc0c54c7f1) 2026-04-30 01:39:13 -07:00
Peter Steinberger
09310931cf fix(plugins): repair configured runtime deps 2026-04-30 04:13:39 +01:00
Peter Steinberger
4c712d3372 fix: add bundled plugin deps repair command 2026-04-29 23:23:14 +01:00
Vignesh Natarajan
d51af16fab Docs: document inferred commitments 2026-04-29 14:28:22 -07:00
Peter Steinberger
8b8bba9621 fix(config): tighten patch command semantics 2026-04-29 22:02:02 +01:00
Peter Steinberger
48a01798b0 feat: add config apply patch command 2026-04-29 22:02:02 +01:00
Peter Steinberger
3059702687 feat(memory-wiki): add agent-facing people wiki metadata 2026-04-29 20:17:37 +01:00
Peter Steinberger
b0ae867034 refactor(migration): share cached config runtime helper 2026-04-29 20:05:23 +01:00
Shakker
e69da9d578 fix: honor config timeline diagnostics 2026-04-29 19:53:55 +01:00
Shakker
d001c3436b fix: gate diagnostics timeline by flag 2026-04-29 19:53:55 +01:00
Shakker
097eed8cd8 feat: emit diagnostics timeline 2026-04-29 19:53:55 +01:00
Hemant Sudarshan
fbae2a6441 Fix gateway timeout embedded fallback session lock (#74543) 
* Agent: isolate gateway timeout fallback sessions

* fix(cli): isolate gateway timeout fallback sessions

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
 2026-04-29 19:38:11 +01:00
Shakker
bfb6b82ffd docs: document model list auth index 2026-04-29 18:23:39 +01:00
Peter Steinberger
e6cd90e3fd fix(agents): keep OAuth auth read-through 2026-04-29 11:54:28 +01:00
Peter Steinberger
e25b542100 fix(cli): fall back to file logs when local logs rpc closes 2026-04-29 08:10:15 +01:00
Peter Steinberger
2b0b614417 docs(plugins): clarify clawhub npm migration 2026-04-29 06:09:34 +01:00
Patrick Erichsen
a235a487d0 docs: add clawhub rescan recovery guidance (#73414) 
* docs: add clawhub rescan recovery guidance

* docs: clarify clawhub rescan wording
 2026-04-28 16:34:00 -07:00
pashpashpash
6ce1058296 Wire diagnostics through the core chat command (#72936) 
* feat: wire codex diagnostics feedback

* fix: harden codex diagnostics hints

* fix: neutralize codex diagnostics output

* fix: tighten codex diagnostics safeguards

* fix: bound codex diagnostics feedback output

* fix: tighten codex diagnostics throttling

* fix: confirm codex diagnostics uploads

* docs: clarify codex diagnostics add-on

* fix: route diagnostics through core command

* fix: tighten diagnostics authorization

* fix: pin diagnostics to bundled codex command

* fix: limit owner status in plugin commands

* fix: scope diagnostics confirmations

* fix: scope codex diagnostics cooldowns

* fix: harden codex diagnostics ownership scopes

* fix: harden diagnostics command trust and display

* fix: keep diagnostics command trust internal

* fix: clarify diagnostics exec boundary

* fix: consume codex diagnostics confirmations atomically

* test: include codex diagnostics binding metadata

* test: use string codex binding timestamps

* fix: keep reserved command trust host-only

* fix: harden diagnostics trust and resume hints

* wire diagnostics through exec approval

* fix: keep diagnostics tests aligned with bundled root trust

* fix telegram diagnostics owner auth

* route trajectory exports through exec approval

* fix trajectory exec command encoding

* fix telegram group owner auth

* fix export trajectory approval hardening

* fix pairing command owner bootstrap

* fix telegram owner exec approvals

* fix: make diagnostics approval flow pasteable

* fix: route native sensitive command followups

* fix: invoke diagnostics exports with current cli

* fix: refresh exec approval protocol models

* fix: list codex diagnostics from thread bindings

* fix: fold codex diagnostics into exec approval

* fix: preserve diagnostics approval line breaks

* docs: clarify diagnostics codex workflow
 2026-04-29 07:40:37 +09:00
Peter Steinberger
193c7432e3 fix(gateway): reuse paired auth for probes 2026-04-28 21:52:50 +01:00
Peter Steinberger
3b593bc561 fix(cli): authorize gateway model probe overrides 2026-04-28 20:55:44 +01:00
Peter Steinberger
53d34e7cde fix(cli): support image files in model probes 2026-04-28 18:52:15 +01:00
Shakker
a48ffda7f7 chore: trace plugin lifecycle phases 2026-04-28 18:03:01 +01:00
Vincent Koc
75ba8398f9 fix(gateway): expose event loop health in readiness 2026-04-28 03:56:58 -07:00
Vincent Koc
e2f3044b8f fix(memory-wiki): route bridge CLI through gateway 
Route Memory Wiki bridge-mode status, doctor, and bridge import CLI paths through Gateway RPC when bridge artifact reads are active, while preserving local/offline fallbacks.

Harden Gateway CLI rendering and imported-source writes: validate RPC response shapes, bound response strings before rendering/JSON serialization, sanitize/escape terminal-controlled output, avoid redundant JSON forwarding, and replace imported source pages through a temp-file rename path with symlink and hardlink regressions.

Fixes #65722
Fixes #65976
Fixes #66082
Fixes #67979
Fixes #68371
Fixes #68828
Fixes #69019
Fixes #70181
Fixes #70242
Fixes #70842

Thanks @moorsecopers99, @vincentkoc, and @prasad-yashdeep.
 2026-04-28 03:22:12 -07:00
Peter Steinberger
6f8792f3f1 fix(cli): wire image describe prompt options 2026-04-28 10:53:53 +01:00
Vincent Koc
76cd97289b fix(cron): support Telegram thread IDs in cron add/edit 
- Add `--thread-id` support to cron add/edit Telegram delivery.
- Reject non-positive thread IDs and guard cron edit lookup pagination against non-progress/max-page loops.
- Preserve existing delivery mode on thread-only cron edit patches.

Carries forward #51581, #60373, and #60890.

Co-authored-by: ChunHao Chen <crazycjh@gmail.com>
 2026-04-28 01:50:44 -07:00
Peter Steinberger
fb3ea9efb1 fix: keep gateway model probes raw 2026-04-28 09:11:47 +01:00
Peter Steinberger
a8b64b7d52 fix(doctor): require confirmation for transcript archive 2026-04-28 08:56:18 +01:00