vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-03-29 02:41:07 +00:00
Code Issues Packages Projects Releases Wiki Activity
22,053 Commits 936 Branches 90 Tags
717ee2fa592ab9f0d4324fc6d2ae5ff609fff674
Commit Graph

116 Commits

Author SHA1 Message Date
Vincent Koc
e28b516fb5 fix(slack): trim DM reply overhead and restore Codex auto transport (#53957) 
* perf(slack): instrument runtime and trim DM overhead

* perf(slack): lazy-init draft previews

* perf(slack): add turn summary diagnostics

* perf(core): trim repeated runtime setup noise

* perf(core): preselect default web search providers

* perf(agent): restore OpenAI auto transport defaults

* refactor(slack): drop temporary perf wiring

* fix(slack): address follow-up review notes

* fix(security): tighten slack and runtime defaults

* style(web-search): fix import ordering

* style(agent): remove useless spread fallback

* docs(changelog): note slack runtime hardening
 2026-03-24 15:03:40 -07:00
Peter Steinberger
ddf65a995a test: speed up memory and secrets suites 2026-03-24 20:39:13 +00:00
Peter Steinberger
4029ce738c test: speed up targeted unit suites 2026-03-24 19:36:08 +00:00
Peter Steinberger
a4327ad544 refactor: dedupe tests and harden suite isolation 2026-03-24 19:16:19 +00:00
Peter Steinberger
d44a399ae0 fix: alphabetize web search provider listings 2026-03-23 01:46:47 -07:00
Peter Steinberger
9105b3723d test: harden no-isolate test module resets 2026-03-23 01:02:16 -07:00
Peter Steinberger
af9de86286 perf: trim vitest hot imports and refresh manifests 2026-03-23 05:25:05 +00:00
Peter Steinberger
6b9915a106 refactor!: drop legacy CLAWDBOT env compatibility 2026-03-22 22:13:39 -07:00
Vincent Koc
c6ca11e5a5 feat(web-search): add DuckDuckGo bundled plugin (#52629) 
* feat(web-search): add DuckDuckGo bundled plugin

* chore(changelog): restore main changelog

* fix(web-search): harden DuckDuckGo challenge detection
 2026-03-22 22:05:33 -07:00
Peter Steinberger
29f3b7f6eb fix: harden image auth env lookups (#52552) (thanks @vincentkoc) 2026-03-22 18:42:18 -07:00
Peter Steinberger
24b9baebab fix: preserve runtime path env in secrets snapshots 2026-03-22 15:25:58 -07:00
Peter Steinberger
2773f33084 test: stabilize vitest no-isolate suites 2026-03-22 14:28:43 -07:00
Josh Lehman
2364e45fe4 test: align extension runtime mocks with plugin-sdk (#51289) 
* test: align extension runtime mocks with plugin-sdk

Update stale extension tests to mock the plugin-sdk runtime barrels that production code now imports, and harden the Signal tool-result harness around system-event assertions so the channels lane matches current extension boundaries.

Regeneration-Prompt: |
  Verify the failing channels-lane tests against current origin/main in an isolated worktree before changing anything. If the failures reproduce on main, keep the fix test-only unless production behavior is clearly wrong. Recent extension refactors moved Telegram, WhatsApp, and Signal code onto plugin-sdk runtime barrels, so update stale tests that still mock old core module paths to intercept the seams production code now uses. For Signal reaction notifications, avoid brittle assertions that depend on shared queued system-event state when a direct harness spy on enqueue behavior is sufficient. Preserve scope: only touch the failing tests and their local harness, then rerun the reproduced targeted tests plus the full channels lane and repo check gate.

* test: fix extension test drift on main

* fix: lazy-load bundled web search plugin registry

* test: make matrix sweeper failure injection portable

* fix: split heavy matrix runtime-api seams

* fix: simplify bundled web search id lookup

* test: tolerate windows env key casing
 2026-03-20 15:59:53 -07:00
Vincent Koc
e56dde815e fix(web-search): split runtime provider resolution 2026-03-20 00:06:12 -07:00
Shakker
5036ed2699 fix(secrets): cover tavily in runtime coverage tests 2026-03-20 06:13:27 +00:00
Lakshya Agarwal
b36e456b09 feat: add Tavily as a bundled web search plugin with search and extract tools (#49200) 
Merged via squash.

Prepared head SHA: ece9226e88
Co-authored-by: lakshyaag-tavily <266572148+lakshyaag-tavily@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-03-20 01:06:26 -04:00
Shakker
03c86b3dee fix(secrets): mock bundled web search providers in runtime tests 2026-03-20 03:48:13 +00:00
Shakker
218f8d74b6 fix(secrets): use bundled web search fast path during reload 2026-03-20 03:28:08 +00:00
Vincent Koc
d03c110a0a fix(ci): split secrets runtime integration coverage 2026-03-19 14:49:01 -07:00
Vincent Koc
83a267e2f3 fix(ci): reset deep test runtime state 2026-03-19 14:23:32 -07:00
Peter Steinberger
83c5bc946d fix: restore full gate stability 2026-03-19 03:36:03 +00:00
Peter Steinberger
f6928617b7 test: stabilize gate regressions 2026-03-18 15:36:32 +00:00
Peter Steinberger
c0c3c4824d fix: checkpoint gate fixes before rebase 2026-03-18 15:36:18 +00:00
Vincent Koc
fbd88e2c8f Main recovery: restore formatter and contract checks (#49570) 
* Extensions: fix oxfmt drift on main

* Plugins: restore runtime barrel exports on main

* Config: restore web search compatibility types

* Telegram: align test harness with reply runtime

* Plugin SDK: fix channel config accessor generics

* CLI: remove redundant search provider casts

* Tests: restore main typecheck coverage

* Lobster: fix test import formatting

* Extensions: route bundled seams through plugin-sdk

* Tests: use extension env helper for xai

* Image generation: fix main oxfmt drift

* Config: restore latest main compatibility checks

* Plugin SDK: align guardrail tests with lint

* Telegram: type native command skill mock
 2026-03-18 00:30:01 -07:00
Tak Hoffman
112d1d3a7c refactor web search config ownership into extensions 2026-03-17 23:39:51 -05:00
Josh Avant
0ffcc308f2 Secrets: gate exec dry-run and preflight resolution behind --allow-exec (#49417) 
* Secrets: gate exec dry-run resolution behind --allow-exec

* Secrets: fix dry-run completeness and skipped exec audit semantics

* Secrets: require --allow-exec for exec-containing apply writes

* Docs: align secrets exec consent behavior

* Changelog: note secrets exec consent gating
 2026-03-17 23:24:34 -05:00
Tak Hoffman
3de973ffff refactor web search provider execution out of core 2026-03-17 23:07:19 -05:00
Josh Avant
e99963100d CLI: expand config set with SecretRef/provider builders and dry-run (#49296) 
* CLI: expand config set ref/provider builder and dry-run

* Docs: revert README Discord token example
 2026-03-17 18:15:49 -05:00
Gustavo Madeira Santana
467dae53cf Secrets: honor caller env during runtime validation 2026-03-16 12:31:44 +00:00
Peter Steinberger
ae60094fb5 refactor(plugins): move onboarding auth metadata to manifests 2026-03-15 23:47:16 -07:00
Peter Steinberger
5c120cb36c refactor: make setup the primary wizard surface 2026-03-15 22:01:04 -07:00
Peter Steinberger
7a6be3d531 refactor(plugins): move auth and model policy to providers 2026-03-15 21:52:29 -07:00
Peter Steinberger
0a2f95916b test: expand ssh sandbox coverage and docs 2026-03-15 21:38:22 -07:00
Peter Steinberger
b8bb8510a2 feat: move ssh sandboxing into core 2026-03-15 21:35:30 -07:00
Peter Steinberger
8ab01c5c93 refactor(core): land plugin auth and startup cleanup 2026-03-15 20:12:37 -07:00
Peter Steinberger
e8156c8281 feat(web-search): add plugin-backed search providers 2026-03-16 01:07:44 +00:00
Peter Steinberger
e762a57d62 refactor: share secrets audit model fixtures 2026-03-13 20:37:53 +00:00
Peter Steinberger
5cc751386d refactor: share web secret unresolved helpers 2026-03-13 20:19:39 +00:00
Vincent Koc
7844bc89a1 Security: require Feishu webhook encrypt key (#44087) 
* Feishu: require webhook encrypt key in schema

* Feishu: cover encrypt key webhook validation

* Feishu: enforce encrypt key at startup

* Feishu: add webhook forgery regression test

* Feishu: collect encrypt key during onboarding

* Docs: require Feishu webhook encrypt key

* Changelog: note Feishu webhook hardening

* Docs: clarify Feishu encrypt key screenshot

* Feishu: treat webhook encrypt key as secret input

* Feishu: resolve encrypt key only in webhook mode
 2026-03-12 11:01:00 -04:00
Luke
7761e7626f Providers: add Opencode Go support (#42313) 
* feat(providers): add opencode-go provider support and onboarding

* Onboard: unify OpenCode auth handling openclaw#42313 thanks @ImLukeF

* Docs: merge OpenCode Zen and Go docs openclaw#42313 thanks @ImLukeF

* Update CHANGELOG.md

---------

Co-authored-by: Ubuntu <ubuntu@vps-90352893.vps.ovh.ca>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
 2026-03-11 01:31:06 -04:00
Josh Avant
0125ce1f44 Gateway: fail closed unresolved local auth SecretRefs (#42672) 
* Gateway: fail closed unresolved local auth SecretRefs

* Docs: align node-host gateway auth precedence

* CI: resolve rebase breakages in checks lanes

* Tests: isolate LOCAL_REMOTE_FALLBACK_TOKEN env state

* Gateway: remove stale remote.enabled auth-surface semantics

* Changelog: note gateway SecretRef fail-closed fix
 2026-03-10 21:41:56 -05:00
Peter Steinberger
5716e52417 refactor: unify gateway credential planning 2026-03-11 01:37:25 +00:00
Josh Avant
36d2ae2a22 SecretRef: harden custom/provider secret persistence and reuse (#42554) 
* Models: gate custom provider keys by usable secret semantics

* Config: project runtime writes onto source snapshot

* Models: prevent stale apiKey preservation for marker-managed providers

* Runner: strip SecretRef marker headers from resolved models

* Secrets: scan active agent models.json path in audit

* Config: guard runtime-source projection for unrelated configs

* Extensions: fix onboarding type errors in CI

* Tests: align setup helper account-enabled expectation

* Secrets audit: harden models.json file reads

* fix: harden SecretRef custom/provider secret persistence (#42554) (thanks @joshavant)
 2026-03-10 23:55:10 +00:00
Rodrigo Uroz
ff2e7a2945 fix(acp): strip provider auth env for child ACP processes (openclaw#42250) 
Verified:
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: rodrigouroz <384037+rodrigouroz@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-03-10 16:50:10 -05:00
pomelo-nwu
95eaa08781 refactor: rename bailian to modelstudio and fix review issues 
- Rename provider ID, constants, functions, CLI flags, and types from
  "bailian" to "modelstudio" to match the official English name
  "Alibaba Cloud Model Studio".
- Fix P2 bug: global endpoint variant now always overwrites baseUrl
  instead of silently preserving a stale CN URL.
- Fix P1 bug: add modelstudio entry to PROVIDER_ENV_VARS so
  secret-input-mode=ref no longer throws.
- Move Model Studio imports to top of onboard-auth.config-core.ts.
- Remove unused BAILIAN_BASE_URL export.

Made-with: Cursor
 2026-03-10 19:58:43 +00:00
Josh Avant
d30dc28b8c Secrets: reject exec SecretRef traversal ids across schema/runtime/gateway (#42370) 
* Secrets: harden exec SecretRef validation and reload LKG coverage

* Tests: harden exec fast-exit stdin regression case

* Tests: align lifecycle daemon test formatting with oxfmt 0.36
 2026-03-10 13:45:37 -05:00
Josh Avant
f0eb67923c fix(secrets): resolve web tool SecretRefs atomically at runtime 2026-03-09 22:57:03 -05:00
DevMac
4bb8104810 test(secrets): skip ACL-dependent runtime snapshot tests on windows 2026-03-09 05:38:54 +00:00
Peter Steinberger
41eef15cdc test: fix windows secrets runtime ci 2026-03-09 05:24:09 +00:00
Vincent Koc
eabda6e3a4 fix(tests): correct security check failure 2026-03-08 18:13:35 -07:00