vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-11 01:20:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
44,172 Commits 1,843 Branches 149 Tags
55e7f5f27ce2fddcdd21cffc331c170b59d22fd5
Commit Graph

419 Commits

Author SHA1 Message Date
Peter Steinberger
a7727b1fcd test: tighten secrets runtime assertions 2026-05-09 13:18:06 +01:00
Peter Steinberger
7e7d72f781 test: tighten secrets warning assertions 2026-05-09 13:16:49 +01:00
Shakker
f35dbcc328 test: tighten security empty array assertions 2026-05-09 05:09:12 +01:00
Shakker
80a2b4471e test: tighten media empty array assertions 2026-05-09 04:46:49 +01:00
Peter Steinberger
56fa80d334 test: simplify secret coverage path parsing 2026-05-08 23:52:54 +01:00
Peter Steinberger
edfc5294cb test: avoid line count filter allocations 2026-05-08 22:13:46 +01:00
Peter Steinberger
9bc8237f7b test: avoid filter allocation assertions 2026-05-08 21:26:50 +01:00
Peter Steinberger
150ded8f27 test: tighten core capture assertions 2026-05-08 20:44:46 +01:00
Peter Steinberger
a632a68c55 test: tighten core helper assertions 2026-05-08 20:41:57 +01:00
Shakker
b3aea2eab8 test: tighten provider env metadata assertion 2026-05-08 19:50:41 +01:00
Shakker
83fa0cda3b test: tighten external channel runtime assertion 2026-05-08 19:49:22 +01:00
Shakker
e8023c85a7 test: tighten secrets fast path assertion 2026-05-08 19:48:02 +01:00
Shakker
1359d09e05 test: tighten matrix shadowing assertion 2026-05-08 19:46:03 +01:00
Shakker
b7359a74a7 test: tighten telegram inactive runtime assertion 2026-05-08 19:44:52 +01:00
Shakker
1eb876ff8f test: tighten zalo token runtime assertions 2026-05-08 19:43:41 +01:00
Shakker
7a877750b4 test: tighten plugin config collector assertions 2026-05-08 19:42:13 +01:00
Shakker
950cdfdaf4 test: tighten runtime web tools assertions 2026-05-08 19:40:30 +01:00
Shakker
a9e322c4c1 test: tighten secret target registry assertion 2026-05-08 19:39:29 +01:00
Shakker
d213397b1d test: tighten channel secret contract assertions 2026-05-08 19:38:11 +01:00
Shakker
4239c15085 test: tighten secrets plan assertions 2026-05-08 19:37:00 +01:00
Peter Steinberger
1ecc1e899e test: require active secrets snapshot 2026-05-08 17:42:21 +01:00
Shakker
1b16944eb4 test: tighten gateway auth snapshot assertion 2026-05-08 17:11:33 +01:00
Shakker
14a9164e39 test: tighten secret fast path assertion 2026-05-08 16:34:23 +01:00
Shakker
590363cb93 test: tighten secret target assertions 2026-05-08 16:33:39 +01:00
the sun gif man
954d20ece2 fix: allow Nix store plugin hardlinks (#79344) 
Merged via squash.

Prepared head SHA: bf533f8654

Co-authored-by: Codex <noreply@openai.com>
Reviewed-by: @joshp123
 2026-05-08 16:59:53 +02:00
Peter Steinberger
270421f3da test: clarify secrets audit findings 2026-05-08 13:57:08 +01:00
Peter Steinberger
ba675d8964 test: clarify secrets warning assertion 2026-05-08 09:21:23 +01:00
Peter Steinberger
9ef37d1907 test: tighten assertions and harness coverage 2026-05-08 05:28:12 +01:00
Vincent Koc
c97998ce21 chore(channels): remove bluebubbles bundled surface 2026-05-07 12:52:48 -07:00
Peter Steinberger
8b701ce1c7 fix: repair ci regressions 2026-05-07 11:46:21 +01:00
Peter Steinberger
330ba1fa31 refactor: move canvas to plugin surfaces 2026-05-07 09:07:18 +01:00
Peter Steinberger
2e78fc57af fix: accept aws-sdk auth profiles 2026-05-07 08:09:55 +01:00
Shakker
835b884606 fix: guard provider env metadata reuse 2026-05-07 06:48:13 +01:00
Shakker
156068a3cf fix: keep secret target cache unscoped 2026-05-07 06:48:13 +01:00
Shakker
fb49bcaf21 perf: reuse metadata for auth lookups 2026-05-07 06:10:05 +01:00
Shakker
3dffef651b fix: reuse turn plugin metadata snapshot 2026-05-06 17:33:46 +01:00
Peter Steinberger
9bcb56b45b test(perf): narrow runtime web tools state test 2026-05-06 11:54:13 +01:00
Chunyue Wang
34b67c3f25 fix(web_search): skip redundant provider re-resolution for external Brave plugin 
Guards the secondary resolveProviders call with `!allProviders.some(p => p.id === rawProvider)` so it only fires when the first pass genuinely missed the configured provider. Eliminates the spurious `WEB_SEARCH_PROVIDER_INVALID_AUTODETECT` warning and incorrect `providerSource: "none"` for external Brave plugin installs. Fixes #77676.
 2026-05-06 17:45:20 +08:00
Peter Steinberger
ce8b0da9a2 test: slim secret runtime coverage 2026-05-06 09:33:28 +01:00
Peter Steinberger
538605ff44 [codex] Extract filesystem safety primitives (#77918) 
* refactor: extract filesystem safety primitives

* refactor: use fs-safe for file access helpers

* refactor: reuse fs-safe for media reads

* refactor: use fs-safe for image reads

* refactor: reuse fs-safe in qqbot media opener

* refactor: reuse fs-safe for local media checks

* refactor: consume cleaner fs-safe api

* refactor: align fs-safe json option names

* fix: preserve fs-safe migration contracts

* refactor: use fs-safe primitive subpaths

* refactor: use grouped fs-safe subpaths

* refactor: align fs-safe api usage

* refactor: adapt private state store api

* chore: refresh proof gate

* refactor: follow fs-safe json api split

* refactor: follow reduced fs-safe surface

* build: default fs-safe python helper off

* fix: preserve fs-safe plugin sdk aliases

* refactor: consolidate fs-safe usage

* refactor: unify fs-safe store usage

* refactor: trim fs-safe temp workspace usage

* refactor: hide low-level fs-safe primitives

* build: use published fs-safe package

* fix: preserve outbound recovery durability after rebase

* chore: refresh pr checks
 2026-05-06 02:15:17 +01:00
Vincent Koc
1ff07517b0 test(secrets): trust source plugin contracts in coverage 2026-05-05 15:30:25 -07:00
Peter Steinberger
35da7d2c99 refactor: remove legacy agent dir resolver 2026-05-05 20:07:49 +01:00
Brandon
e2e0908055 fix(secrets): preserve auth profile key refs during provider scrub (#77489) 
* fix(secrets): preserve auth profile key refs during provider scrub

* Add changelog for secrets apply fix

* Seed auth profile ref for scrub regression

* fix(secrets): guard auth profile ref scrub

---------

Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
 2026-05-04 19:50:39 -05:00
Mogglemoss
43b5df7295 fix(secretrefs): resolve external channel contracts in dist/ sidecars (#77421) 
* fix(secretrefs): resolve external channel contracts in dist/ sidecars

Externalized channel plugins published to npm (e.g. @openclaw/discord
since 2026.5.2) keep their compiled secret-contract-api artifact under
<rootDir>/dist/, per the package.json `openclaw.runtimeExtensions`
convention. The runtime contract loader added in #76449 only searched
the rootDir, so npm-installed plugins silently dropped their channel
SecretRef contracts: the runtime snapshot left `channels.<id>.token`
as an unresolved SecretRef, the plugin's `isConfigured` check then
returned false, and the gateway recorded `error: not configured`
without firing the usual channel startup logs.

Look in `<rootDir>/dist/` as well as `<rootDir>/`, preferring dist
when running from a built openclaw artifact and rootDir when running
from source. The new `loads dist/ secret-contract-api sidecars …`
test in channel-contract-api.external.test.ts mirrors the real
npm-package layout and fails without this change.

Refs #76371. Fixes #77416.

* docs: credit changelog contributor

---------

Co-authored-by: Magpie <magpie@local>
Co-authored-by: joshavant <830519+joshavant@users.noreply.github.com>
 2026-05-04 16:57:28 -05:00
Peter Steinberger
0031ef3120 refactor: keep legacy secretref migration in doctor 2026-05-03 13:10:00 +01:00
Peter Steinberger
45a5374ca8 perf: reduce raw gateway config startup work 2026-05-03 13:03:11 +01:00
Peter Steinberger
1584acb124 fix(secrets): stabilize credential matrix docs 2026-05-03 12:25:08 +01:00
Vincent Koc
f9a1f86e64 test(secrets): audit external channel SecretRefs (#76589) 2026-05-03 02:17:41 -07:00
Josh Avant
b1f8172867 fix(secretrefs): resolve external channel contracts (#76449) 2026-05-02 23:48:11 -05:00
Peter Steinberger
c58319ff50 fix: tolerate sparse plugin metadata snapshots 2026-05-02 08:19:40 +01:00