vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-07 07:30:44 +00:00
Code Issues Packages Projects Releases Wiki Activity
41,798 Commits 1,843 Branches 149 Tags
7175b1b5c63409b09f9d50baa5cf438a6dad8ed2
Commit Graph

204 Commits

Author SHA1 Message Date
Jesse Merhi
5b00cd1ae1 fix: narrow Gateway proxy bypass target (#77018) 
* fix: narrow Gateway proxy bypass target

* fix: narrow Gateway proxy bypass target

* fix(clawsweeper): address review for automerge-openclaw-openclaw-77018 (1)

* fix(clawsweeper): address review for automerge-openclaw-openclaw-77018 (2)

* fix(clawsweeper): address review for automerge-openclaw-openclaw-77018 (validation-3)

* fix(clawsweeper): address review for automerge-openclaw-openclaw-77018 (4-final)

* fix: narrow Gateway proxy bypass target

* fix(clawsweeper): address review for automerge-openclaw-openclaw-77018 (1)

* fix(clawsweeper): address review for automerge-openclaw-openclaw-77018 (2)

* fix(clawsweeper): reconcile automerge-openclaw-openclaw-77018 with main (1)

---------

Co-authored-by: clawsweeper <274271284+clawsweeper[bot]@users.noreply.github.com>
 2026-05-06 14:40:31 +10:00
Peter Steinberger
538605ff44 [codex] Extract filesystem safety primitives (#77918) 
* refactor: extract filesystem safety primitives

* refactor: use fs-safe for file access helpers

* refactor: reuse fs-safe for media reads

* refactor: use fs-safe for image reads

* refactor: reuse fs-safe in qqbot media opener

* refactor: reuse fs-safe for local media checks

* refactor: consume cleaner fs-safe api

* refactor: align fs-safe json option names

* fix: preserve fs-safe migration contracts

* refactor: use fs-safe primitive subpaths

* refactor: use grouped fs-safe subpaths

* refactor: align fs-safe api usage

* refactor: adapt private state store api

* chore: refresh proof gate

* refactor: follow fs-safe json api split

* refactor: follow reduced fs-safe surface

* build: default fs-safe python helper off

* fix: preserve fs-safe plugin sdk aliases

* refactor: consolidate fs-safe usage

* refactor: unify fs-safe store usage

* refactor: trim fs-safe temp workspace usage

* refactor: hide low-level fs-safe primitives

* build: use published fs-safe package

* fix: preserve outbound recovery durability after rebase

* chore: refresh pr checks
 2026-05-06 02:15:17 +01:00
Peter Steinberger
bd0e10a2f6 refactor: route inline eval through command analysis 2026-05-03 18:06:10 +01:00
Peter Steinberger
3f7e6eebc2 refactor: unify command analysis for exec approvals 2026-05-03 18:06:10 +01:00
Peter Steinberger
076fa5eae6 refactor: trim node host exports 2026-05-02 00:24:11 +01:00
Peter Steinberger
42d73fd955 refactor: remove dead private helpers 2026-05-01 06:55:26 +01:00
Peter Steinberger
6bbacd14a3 fix(gateway): wait for event loop before client start 2026-04-29 14:50:44 +01:00
Peter Steinberger
7994833fac fix(gateway): align handshake client timeouts 2026-04-29 05:53:50 +01:00
Peter Steinberger
53d213f9cc perf: lazy load hot test imports 2026-04-28 01:57:22 +01:00
Peter Steinberger
7f3f108521 refactor(config): migrate plugin config access 2026-04-27 12:35:58 +01:00
Vincent Koc
e6d2c9b080 fix(process): decode Windows command output with console codepage awareness (#72393) 
* fix(process): decode Windows command output with console codepage awareness

* fix(clownfish): address review for ghcrawl-199248-agentic-merge (1)
 2026-04-26 23:10:59 -07:00
Peter Steinberger
4ee537a04a fix(node-runtime): keep node-host recovering after gateway restarts 2026-04-26 07:49:45 +01:00
Peter Steinberger
7436e395d5 test(node-host): cache native binary fixture lookup 2026-04-25 20:17:23 +01:00
Val Alexander
fc5920fb51 fix(ui): polish assistant identity settings 
Polishes the basic config identity layout, aligns assistant avatar rendering with chat, and adds a Control UI assistant avatar override with IDENTITY.md fallback.
 2026-04-25 06:27:22 -05:00
Peter Steinberger
cbc88fb92d test: trim system run runtime duplicate 2026-04-23 18:55:19 +01:00
Peter Steinberger
c7408f1cf2 test: trim system run handler coverage 2026-04-23 18:53:53 +01:00
Peter Steinberger
a216b4ebc3 test: merge system run path binding cases 2026-04-20 23:34:59 +01:00
Peter Steinberger
b07c40a5a8 test: merge system run denial matrices 2026-04-20 23:26:37 +01:00
Peter Steinberger
eb6a0f3529 test: trim runtime approval matrix duplicates 2026-04-20 21:08:16 +01:00
Peter Steinberger
3df9a60b0b perf(test): trim hotspot coverage duplication 2026-04-20 21:01:06 +01:00
Peter Steinberger
44082acef5 perf(test): reuse node host runtime fixtures 2026-04-20 20:34:55 +01:00
Peter Steinberger
8a09b40cb2 perf(test): trim test teardown waits 2026-04-20 20:30:16 +01:00
Peter Steinberger
41cce9ea79 perf(test): reuse run-plan fixture root 2026-04-20 20:06:49 +01:00
Peter Steinberger
dab1be48fc perf(test): merge chat and system run cases 2026-04-20 19:32:05 +01:00
Peter Steinberger
85c1ff6ea4 perf(test): merge system run plan matrix tests 2026-04-20 19:09:51 +01:00
Peter Steinberger
785ecf7715 perf(test): mock system run logger 2026-04-20 19:01:37 +01:00
Peter Steinberger
4f37a5d590 test: remove duplicated env lookup helper 2026-04-20 14:43:03 +01:00
Peter Steinberger
df525b90f2 chore(lint): enable unnecessary type parameter rule 2026-04-18 18:31:13 +01:00
Peter Steinberger
08e1eb7a9f test: narrow system run dispatch matrix 2026-04-17 20:27:52 +01:00
Peter Steinberger
087f1584df test: streamline system run hotspot coverage 2026-04-17 20:18:01 +01:00
Peter Steinberger
014eaa8492 test: merge env rejection invoke cases 2026-04-17 20:03:35 +01:00
Peter Steinberger
e9d052d728 test: merge shell payload plan checks 2026-04-17 20:01:58 +01:00
Peter Steinberger
125b1e0e20 test: reuse node-host runtime bins 2026-04-17 19:47:43 +01:00
Peter Steinberger
729feb4b99 test: reuse exec approval home fixture 2026-04-17 19:37:47 +01:00
Peter Steinberger
c0a9b694f3 test: reuse node host home fixture 2026-04-17 19:35:19 +01:00
Peter Steinberger
7edce9c8fa test: reuse inline eval fixtures 2026-04-17 19:25:58 +01:00
Peter Steinberger
38923d13a6 test: trim boundary and fixture hotspots 2026-04-17 19:22:38 +01:00
Peter Steinberger
7b27d08e56 perf: lazy load system run config 2026-04-17 16:39:24 +01:00
Peter Steinberger
7e9ff0f86e test: reuse system-run temp fixtures 2026-04-17 02:49:37 +01:00
Peter Steinberger
12a59b0a18 test: trim hotspot wait overhead 2026-04-17 02:47:09 +01:00
Peter Steinberger
6ba8626c25 test: trim remaining hotspot tests 2026-04-17 02:07:26 +01:00
Peter Steinberger
8507935d3a test: reuse system run plan fixtures 2026-04-17 00:20:06 +01:00
Ayaan Zaidi
75c551e89e fix: harden node-host shell payload mutability checks 2026-04-16 20:34:17 +05:30
tmimmanuel
29919bb6e4 fix: land node-host approval binding for native binaries (#66731) (thanks @tmimmanuel) 
* fix(node-host): allow absolute-path native binaries through approval binder

* test(node-host): cover binary binder edge cases

* test(node-host): use stable native binary fixture

* fix(ci): restore fail-closed race handling

* refactor(node-host): distill approval binding regressions

* fix(node-host): fail closed on unknown shell payload headers

* fix: land node-host approval binding for native binaries (#66731) (thanks @tmimmanuel)

* fix: keep relative shell binary payloads fail-closed (#66731) (thanks @tmimmanuel)

* fix: keep shell binary bypass on stable paths only (#66731) (thanks @tmimmanuel)

* fix: fail closed on symlinked shell binary targets (#66731) (thanks @tmimmanuel)

---------

Co-authored-by: Ayaan Zaidi <hi@obviy.us>
 2026-04-16 20:30:09 +05:30
Pavan Kumar Gondhi
666f48d9b8 fix(security): remove busybox/toybox from interpreter-like safe bins [AI-assisted] (#65713) 
* fix: address issue

* fix: address review feedback

* fix: address PR review feedback

* fix: address review-pr skill feedback

* fix: address PR review feedback

* docs: add changelog entry for PR merge
 2026-04-13 12:03:15 +05:30
Pavan Kumar Gondhi
8f8492d172 fix(security): broaden shell-wrapper detection and block env-argv assignment injection [AI-assisted] (#65717) 
* fix: address issue

* fix: address PR review feedback

* fix: address PR review feedback

* docs: add changelog entry for PR merge
 2026-04-13 11:48:42 +05:30
Vincent Koc
0f7d9c9570 fix(runtime): split approval and gateway client seams 2026-04-11 18:36:48 +01:00
Vincent Koc
74e7b8d47b fix(cycles): bulk extract leaf type surfaces 2026-04-11 13:26:50 +01:00
Peter Steinberger
9e0d358695 refactor: simplify runtime conversions 2026-04-11 01:23:34 +01:00
Peter Steinberger
08cee3316d refactor: dedupe core trimmed readers 2026-04-08 01:36:39 +01:00