Peter Steinberger
2da2d506b5
test(zalo): align open dm lifecycle fixtures
2026-04-29 07:15:29 +01:00
Peter Steinberger
7d74c1f4b9
test: align channel fixtures with open dm policy
2026-04-29 07:08:06 +01:00
Ayaan Zaidi
47204a1db5
test(media): cover timeout request forwarding
2026-04-29 11:26:58 +05:30
Ayaan Zaidi
09a64bd77e
fix(media): propagate image timeout to providers
2026-04-29 11:26:58 +05:30
Vincent Koc
b62e9e624d
test(codex): satisfy bundled app-server lint
2026-04-28 22:55:36 -07:00
Peter Steinberger
bd1d1f0f2b
fix: align open DM allowlist policy ( #74112 )
...
* fix: harden telegram open dm allowlist merging
* fix: align open dm allowlist policy
2026-04-29 06:52:12 +01:00
Peter Steinberger
cfcb8f4eda
test(ci): fix current validation shards
2026-04-29 06:49:05 +01:00
Peter Steinberger
5580d8951c
test(ci): harden release failure paths
2026-04-29 06:41:58 +01:00
Vincent Koc
67e8d35f1c
test(codex): tolerate slower app-server startup
2026-04-28 22:40:26 -07:00
Peter Steinberger
548c280eff
fix(discord): keep exec approval fallbacks reachable
2026-04-29 06:29:44 +01:00
samzong
450607847b
[Feat] Gateway: add doctor.memory.remHarness probe ( #66673 )
...
Merged via squash.
Prepared head SHA: c19e6a335a13782141+samzong@users.noreply.github.com >
Co-authored-by: frankekn <4488090+frankekn@users.noreply.github.com >
Reviewed-by: @frankekn
2026-04-29 13:23:36 +08:00
Peter Steinberger
364c67bcb5
refactor(discord): share channel run queue
2026-04-29 06:21:09 +01:00
Peter Steinberger
3a6f7d8db9
ci(test): split command shards and harden release checks
2026-04-29 06:20:38 +01:00
Peter Steinberger
07631fb931
fix(discord): remove channel run timeouts
2026-04-29 06:07:12 +01:00
Rubén Cuevas
652f34103a
fix(whatsapp): sanitize tool XML and hide configured error text ( #71830 )
...
Merged via squash.
Prepared head SHA: 184d4a25e44742789+rubencu@users.noreply.github.com >
Co-authored-by: mcaxtr <7562095+mcaxtr@users.noreply.github.com >
Reviewed-by: @mcaxtr
2026-04-29 01:43:25 -03:00
Peter Steinberger
0fc3032325
test(live): classify provider media drift
2026-04-29 05:25:43 +01:00
Peter Steinberger
5eb9b3da34
ci(qa): slim release transport startup
2026-04-29 05:25:42 +01:00
openclaw-clownfish[bot]
be445dd1c1
fix(imessage): normalize leading echoed text corruption
...
Fixes #59973
2026-04-28 21:04:20 -07:00
jesse-merhi
2b8c20c8a3
fix: route rich menu images through media loader
2026-04-29 13:51:42 +10:00
jesse-merhi
4cf2284667
fix: preserve plugin route ownership
2026-04-29 13:51:42 +10:00
Sathvik Gilakamsetty
7ddd815e46
fix(whatsapp): report transport activity so stale-socket health detection works ( #72656 )
...
Merged via squash.
Prepared head SHA: 1b1920742c195685832+Sathvik-1007@users.noreply.github.com >
Co-authored-by: mcaxtr <7562095+mcaxtr@users.noreply.github.com >
Reviewed-by: @mcaxtr
2026-04-29 00:46:55 -03:00
Juan Flores
aa1bccfe80
fix(whatsapp): detect group @mentions when self is in allowFrom ( #49317 ) ( #73453 )
...
Merged via squash.
Prepared head SHA: 357c62849f112629487+juan-flores077@users.noreply.github.com >
Co-authored-by: mcaxtr <7562095+mcaxtr@users.noreply.github.com >
Reviewed-by: @mcaxtr
2026-04-29 00:39:37 -03:00
Peter Steinberger
04f6ffd8be
fix(ollama): resolve cloud models omitted from tags
2026-04-29 04:37:52 +01:00
Peter Steinberger
e27fe55aa8
refactor: simplify plugin cache boundaries
2026-04-29 04:33:15 +01:00
Peter Steinberger
64533ed7b1
ci(release): allow slower qa live canaries
2026-04-29 04:13:15 +01:00
Vincent Koc
68ef37011e
fix(ollama): drop unused cloud reachability flag
2026-04-28 20:03:27 -07:00
Ayaan Zaidi
2613692298
fix(ollama): avoid cloud model metadata fanout
2026-04-29 08:23:57 +05:30
Bek
d6c2280aab
fix(slack): normalize action thread targets ( #73931 )
2026-04-28 22:02:18 -04:00
Vincent Koc
df9d26eb43
fix(active-memory): narrow prompt hook timeout
2026-04-28 19:00:14 -07:00
Vincent Koc
7a88117f42
fix(qa): retry transient Telegram polling failures
2026-04-28 18:26:37 -07:00
hcl
46783d41e9
fix(whatsapp): gate pairing access-control on extractable inbound user content ( #73797 ) ( #73823 )
...
Merged via squash.
Prepared head SHA: 61506e14397755017+hclsys@users.noreply.github.com >
Co-authored-by: mcaxtr <7562095+mcaxtr@users.noreply.github.com >
Reviewed-by: @mcaxtr
2026-04-28 22:09:23 -03:00
Peter Steinberger
381c2e1d1a
fix(security): tighten telegram dm audit coverage
2026-04-29 02:04:20 +01:00
Peter Steinberger
a5824b9d01
fix(ci): stabilize full release validation
2026-04-29 02:00:30 +01:00
pashpashpash
4aa8da3756
Route sensitive group commands to the owner privately ( #73872 )
...
* fix(commands): route sensitive group approvals privately
* fix(commands): require owner private routes
* test(commands): cover owner-derived Telegram diagnostics routing
2026-04-29 09:27:18 +09:00
Peter Steinberger
0487cc59f0
fix(bonjour): suppress ciao internal cancellations
...
(cherry picked from commit 27599d319e
2026-04-29 00:59:56 +01:00
Peter Steinberger
d3683a61c5
fix(bonjour): recover from ciao cancellation
...
(cherry picked from commit c34ba97262
2026-04-29 00:49:41 +01:00
Vincent Koc
a6dfaaeb4e
test(plugins): add gateway gauntlet
2026-04-28 16:44:10 -07:00
Peter Steinberger
ef58307f84
fix(ci): keep video live helper within plugin boundary
2026-04-29 00:40:42 +01:00
Peter Steinberger
b04c9380ed
fix(ci): harden full release live checks
2026-04-29 00:36:49 +01:00
pashpashpash
43fa40a35d
fix(telegram): use owners for exec approvals ( #73852 )
2026-04-29 08:34:46 +09:00
Peter Steinberger
a0f0c964fd
test(ci): tolerate live STT brand drift
2026-04-29 00:11:31 +01:00
pashpashpash
6ce1058296
Wire diagnostics through the core chat command ( #72936 )
...
* feat: wire codex diagnostics feedback
* fix: harden codex diagnostics hints
* fix: neutralize codex diagnostics output
* fix: tighten codex diagnostics safeguards
* fix: bound codex diagnostics feedback output
* fix: tighten codex diagnostics throttling
* fix: confirm codex diagnostics uploads
* docs: clarify codex diagnostics add-on
* fix: route diagnostics through core command
* fix: tighten diagnostics authorization
* fix: pin diagnostics to bundled codex command
* fix: limit owner status in plugin commands
* fix: scope diagnostics confirmations
* fix: scope codex diagnostics cooldowns
* fix: harden codex diagnostics ownership scopes
* fix: harden diagnostics command trust and display
* fix: keep diagnostics command trust internal
* fix: clarify diagnostics exec boundary
* fix: consume codex diagnostics confirmations atomically
* test: include codex diagnostics binding metadata
* test: use string codex binding timestamps
* fix: keep reserved command trust host-only
* fix: harden diagnostics trust and resume hints
* wire diagnostics through exec approval
* fix: keep diagnostics tests aligned with bundled root trust
* fix telegram diagnostics owner auth
* route trajectory exports through exec approval
* fix trajectory exec command encoding
* fix telegram group owner auth
* fix export trajectory approval hardening
* fix pairing command owner bootstrap
* fix telegram owner exec approvals
* fix: make diagnostics approval flow pasteable
* fix: route native sensitive command followups
* fix: invoke diagnostics exports with current cli
* fix: refresh exec approval protocol models
* fix: list codex diagnostics from thread bindings
* fix: fold codex diagnostics into exec approval
* fix: preserve diagnostics approval line breaks
* docs: clarify diagnostics codex workflow
2026-04-29 07:40:37 +09:00
Peter Steinberger
7e41913a20
fix(gateway): reduce TUI history startup latency
2026-04-28 23:34:59 +01:00
Peter Steinberger
cc7a209982
fix: normalize QA model refs for parity gates
2026-04-28 23:01:58 +01:00
pashpashpash
78d51dcebe
Clear Codex app-server env keys case-insensitively on Windows ( #73102 )
...
* fix(codex): clear app-server env case variants
* fix(codex): avoid repeated env clear scans
2026-04-29 05:34:14 +09:00
Vincent Koc
4509420dd4
test(qa): add gateway CPU scenario pack
2026-04-28 13:26:43 -07:00
Peter Steinberger
5e8d3130c6
fix(qa): include mention helpers in lab runtime
2026-04-28 21:23:32 +01:00
Peter Steinberger
5642653168
fix(qa): add mention helpers to lab harness
2026-04-28 21:20:53 +01:00
Peter Steinberger
5b1202e11e
fix: tighten BlueBubbles route identity hardening ( #73235 ) (thanks @zqchris)
2026-04-28 21:06:49 +01:00
Chris Zhang
081e4be11e
fix(bluebubbles): address aisle re-review on routing-guard PR
...
Three findings from the second pass:
1. **MEDIUM — Cross-chat short message ID guard bypassed on empty chat
context (CWE-285).** When `requireKnownShortId=true` and `chatContext`
was missing or `{}`, `resolveBlueBubblesMessageId` would still resolve
the short id. Short ids are allocated from a single global counter
across every account and chat, so an action call without a chat
scope could silently apply to the wrong conversation. Throw "requires
a chat scope" instead. The previous behavior was an explicit
"fail-open" choice with a comment acknowledging the risk; the
underlying assumption (downstream call carries chatGuid) does not
hold for every action handler. Test rewritten to expect fail-closed.
2. **LOW — Unsanitized messageId reflected in cross-chat guard error
(CWE-117 / CWE-200).** The thrown error embedded the raw inputId
(and the raw chatGuid / chatIdentifier from the cached entry until
the previous pass). Replace the inputId with a shape descriptor
(`<short:N-digit>` or `<uuid:prefix…>`) so cross-chat errors no
longer leak any concrete identifier. Combined with the chat
identifier redaction in describeChatForError (already in place),
the error is fully redacted.
3. **LOW — PII exposure via verbose logs (CWE-532).** Untrusted webhook
identifiers (senderId / messageId / action) were already passed
through `sanitizeForLog`, but the helper only stripped control
characters — it did not redact secrets such as `?password=` query
strings or `Authorization: Bearer …` headers that occasionally
bleed into error chains. Extend `sanitizeForLog` to redact those
patterns. All call sites benefit immediately.
2026-04-28 21:06:49 +01:00
