Commit Graph

828 Commits

Author SHA1 Message Date
Vincent Koc
4d8b201371 refactor(plugins): remove dead channel helpers (#105276) 2026-07-12 18:21:11 +08:00
Peter Steinberger
de4d4079ad fix(browser): make ref uploads request-owned (#105151)
* fix(browser): make ref uploads request-owned

* style(browser): satisfy upload owner const lint
2026-07-12 10:19:19 +01:00
Peter Steinberger
4983594867 test(browser): align snapshot contract fixtures (#105210) 2026-07-12 10:12:47 +01:00
Peter Steinberger
1793c67ae1 test(browser): repair pw-ai page fixture (#105172) 2026-07-12 09:47:10 +01:00
Peter Steinberger
218dcd815a feat(tooling): enforce noUncheckedIndexedAccess in the extensions lane (NUIA phase 4) (#105132)
* fix(extensions): make indexed access explicit across channel plugins

Transport-payload-safe burn-down: malformed Telegram/Discord/QQ/LINE
and sibling channel input keeps existing skip paths; no synthesized
fields, no new throws in delivery loops. Zalo escape sentinels preserve
literal matches instead of undefined replacements.

* fix(extensions): make indexed access explicit across provider and memory plugins

Stream and model iteration, tool-block guards, capture guards, and
sparse accumulators; singleton model reads carry named invariants.

* fix(extensions): make indexed access explicit across tooling plugins, flip the extensions lane

Remaining plugins (oc-path, qa-lab, browser, logbook, and siblings) plus
the tsconfig.extensions.json flag flip. Cleanup: logbook sampleFrames
NaN index at max=1, QA retry clamp at non-positive attempts, dead Canvas
probe and OpenShell no-op slice removed, twitch test setup leak excluded
from the prod lane.

* refactor(plugin-sdk): expose expectDefined via a focused SDK subpath

Extensions imported @openclaw/normalization-core directly, crossing the
external-plugin packaging boundary (it only worked because the runtime
builder bundles undeclared workspace helpers). expect-runtime joins the
canonical entrypoints JSON, generated exports, API baseline, docs, and
subpath contract test; all 78 extension imports now use the SDK seam.
Two scanner-shaped locals renamed for review-bundle hygiene.

* chore(plugin-sdk): raise surface budgets for the expect-runtime subpath

One new entrypoint with one callable export, added intentionally as the
packaging-honest seam for extension invariant helpers.
2026-07-12 09:17:31 +01:00
Peter Steinberger
89f740651d fix(browser): normalize geolocation permission origins (#105092)
Co-authored-by: llagy007 <0668001470@xydigit.com>
2026-07-12 08:54:04 +01:00
Alix-007
d0764f3566 fix(browser): preserve own profile entries (#101694)
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-11 20:10:59 -07:00
pick-cat
b874258ace fix(browser): invalidate stale roleRefs on main-frame navigation (#104308)
* fix(browser): bind refs to document lifecycle

Co-authored-by: Pick-cat <huang.ting3@xydigit.com>

* fix(browser): guard absent ref cache entries

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-11 19:32:00 -07:00
llagy007
7027d2c227 fix(browser): reject non-page json new targets (#104129)
* fix(browser): reject non-page json new targets

* fix(browser): adopt only validated raw CDP targets

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-11 16:58:43 -07:00
llagy007
c059d7d062 fix(browser): refresh target after guarded existing-session actions (#104094)
* fix(browser): refresh target after guarded existing-session actions

* test(browser): isolate guarded target cases

* test(browser): mock safe replacement URL resolution

* fix(browser): refresh target after guarded evaluate

* style(browser): format guarded action matrix

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-11 16:11:48 -07:00
llagy007
4057d4b623 fix(browser): keep direct CDP version diagnostics (#104678) 2026-07-11 16:09:42 -07:00
Ho Lim
8a4463eef1 feat(browser): support evaluate timeouts for existing sessions (#103181)
* fix(browser): honor evaluate timeout for existing sessions

Signed-off-by: Ho Lim <subhoya@gmail.com>

* docs(browser): align existing-session evaluate timeouts

---------

Signed-off-by: Ho Lim <subhoya@gmail.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-11 15:23:52 -07:00
Peter Steinberger
5a6d684019 fix(browser): apply profile proxy policy to tab list redaction (#104715)
* fix(browser): apply profile proxy policy to tab list redaction

* test(browser): cover proxy tab redaction route proof

* test(browser): streamline proxy tab redaction coverage

* fix(browser): scope proxy inference to managed profiles

---------

Co-authored-by: llagy007 <0668001470@xydigit.com>
2026-07-11 14:47:02 -07:00
llagy007
4bf4cacb37 fix(browser): guard act hooks on current tab URL (#104095)
* fix(browser): guard act hooks on current tab URL

* test(browser): align navigation policy hook mock

* test(browser): exercise real hook navigation guard

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-11 14:27:34 -07:00
llagy007
85a8f4ba8d fix(browser): run mutation guard before JSON parsing (#104677)
* fix(browser): run mutation guard before JSON parsing

* test(browser): cover auth in mutation guard ordering

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-11 14:05:38 -07:00
Peter Steinberger
549b1baef3 fix(browser): finalize role snapshot budgets (#104689) 2026-07-11 13:35:21 -07:00
Peter Steinberger
84a52b3534 fix(browser): budget sequential action watchdogs (#104659)
* fix(browser): budget sequential action watchdogs

* chore: leave browser release note to release flow
2026-07-11 12:56:00 -07:00
dwc1997
87261fd0b1 fix(browser): keep Chrome stderr hint tail UTF-16 safe (#104603)
* fix(browser): keep Chrome stderr hint tail UTF-16 safe

* test(browser): simplify Chrome stderr failure coverage

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-11 12:10:22 -07:00
Peter Steinberger
1a8d9d5f15 fix(browser): allow host-local profile administration (#104616) 2026-07-11 11:28:58 -07:00
Peter Steinberger
ea2b558e5e fix(browser): prevent stale profile resurrection (#104601)
* fix(browser): serialize profile lifecycle

* refactor(browser): tighten lifecycle cleanup

* chore(browser): keep release note in PR

* test(browser): keep temp fixtures inside plugin

* test(browser): use preferred temp root
2026-07-11 11:06:07 -07:00
qingminlong
834c146958 fix(browser): reject hex click coordinates in act route (#104440)
* fix(browser): reject hex click coordinates in act route

* refactor(browser): use route parser for click coordinates

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-11 09:56:09 -07:00
Peter Steinberger
4271b82fd1 test: align plugin prerelease expectations (#104542)
* test: align plugin prerelease expectations

* style: format browser doctor test
2026-07-11 09:00:56 -07:00
Peter Steinberger
2d319961d5 fix(browser): block interaction-triggered navigation SSRF (#104254)
* fix(browser): guard interaction navigation requests

* fix(browser): preserve pages on blocked navigation

* fix(browser): enforce interaction navigation policy

* test(browser): type navigation guard fixtures

* fix(browser): execute guarded wait predicates

* style(browser): satisfy interaction lint

* fix(browser): guard hover drag and scroll navigation

* fix(browser): type policy check outcomes

* test(browser): type navigation guard mocks

* fix(browser): preserve proxy policy for guarded interactions

* fix(browser): carry navigation policy through actions

* fix(browser): retain policy for existing-session guards

* fix(browser): guard existing-session waits

* test(browser): avoid shadowed guard pages

* fix(browser): expose scroll action to agents

* fix(browser): disable speculative managed preconnects

* docs(browser): bound managed preconnect hardening

* fix(browser): keep wait behavior outside interaction guards

* chore(browser): leave release notes to release automation

* fix(browser): guard all interaction navigations
2026-07-11 04:30:33 -07:00
Peter Steinberger
7bf80dc2c6 chore(tooling): enforce formatting and refresh TypeScript checks (#104239)
* chore(tooling): enforce current formatter and refresh checks

* chore(tooling): keep release changelog formatter-owned

* chore(tooling): retain compatible Node type surface

* ci: enforce formatting for docs-only changes

* ci: isolate docs formatter check

* chore(tooling): apply updated lint and format rules

* chore(tooling): satisfy updated switch lint

* style(ui): apply Linux formatter layout

* test(doctor): match quiet local audio contribution

* test(doctor): assert quiet output only

* test(doctor): follow restored information contract
2026-07-11 01:09:51 -07:00
Vincent Koc
597888680c feat(browser): expose managed graphics diagnostics (#104291)
* feat(browser): expose managed Chrome graphics diagnostics

* feat(browser): surface graphics facts in doctor

* docs(browser): explain managed graphics diagnostics

* fix(browser): remove unused graphics type import

* fix(browser): keep graphics facts sorting immutable

* fix(browser): bind graphics facts to owned process

* fix(browser): classify disabled graphics as software

* fix(browser): detect Windows software renderers

* fix(browser): classify disabled renderer sentinel
2026-07-11 15:41:16 +08:00
Peter Steinberger
9f53f8a256 feat(macos): import local browser login (#104177)
* feat(macos): import local browser login

* chore: leave release notes to release workflow

* chore(macos): refresh native i18n inventory

* chore(macos): refresh native i18n inventory

* chore(macos): refresh native i18n inventory

* chore: sync release summary executable bit

* chore(macos): refresh native i18n inventory

* style(macos): wrap browser import result

* chore(macos): refresh native i18n inventory

* chore(macos): refresh native i18n inventory
2026-07-10 22:14:36 -07:00
Peter Steinberger
dba64d574f chore(release): set version to 2026.7.2 2026-07-11 04:00:49 +01:00
Peter Steinberger
2a12c9916a feat(browser): import Chrome-family system-profile cookies into managed profiles (#104057)
* feat(browser): import Chrome-family system-profile cookies into managed profiles

Import cookies from a real Chrome/Brave/Edge/Chromium system profile (macOS)
into a fresh OpenClaw-managed browser profile so the agent can browse as the
signed-in user. Reads the source Cookies DB via a coherent VACUUM INTO snapshot,
decrypts v10 AES-128-CBC values with the Safe Storage Keychain key (one Touch ID
consent), maps rows to Playwright cookies (FILETIME expiry, SameSite, M124+
domain-hash prefix strip, CHIPS skipped), and best-effort injects them via
addCookies into a mock-keychain profile so they persist without further prompts.
Decrypted values are never logged or returned.

Exposed as agent tool action=importprofile, CLI system-profiles/import-profile,
and POST /profiles/import; action=profiles surfaces importable systemProfiles.
Listing and import are pinned host-local at every surface (gateway, browser
tool, node proxy) since they read the local Keychain and Chrome profiles.
Malformed domain filters fail closed via a shared validator. Gated by
browser.allowSystemProfileImport (default on). Imports cookies only.

* fix(browser): satisfy CI lint (OpenClaw temp dir, Unicode control-char class)

Use resolvePreferredOpenClawTmpDir() instead of os.tmpdir() for the cookie DB
snapshot (messaging/channel runtime tmpdir guard), and match control characters
via the Unicode \p{Cc} class instead of a literal control-char range so the
CLI table sanitizer passes the no-control-regex lint.
2026-07-10 19:15:52 -07:00
llagy007
a1571f2118 fix(browser): normalize local dispatch request paths (#103727)
* fix(browser): normalize local dispatch request paths

* refactor(browser): inline request path normalization

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-10 18:10:26 -07:00
qingminlong
4f1f7c6fb0 fix(nodes): resolve Unicode browser node names when configured by display name (#103548)
* fix-nodes-unicode-browser-node-names

* fix(nodes): preserve compact browser node selectors

* fix(nodes): normalize unicode node names canonically

* fix(nodes): scope compact browser selectors

* fix(nodes): preserve meaningful unicode marks

* chore: leave changelog updates to release automation

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-10 23:32:28 +01:00
Peter Steinberger
e1934d968e fix(nodes): stop advertising a disabled browser proxy (#103894)
* fix(nodes): hide disabled browser proxy capability

* chore: defer node fix changelog to release

* chore: ratchet plugin SDK surface budget
2026-07-10 20:06:53 +01:00
Peter Steinberger
845311cf97 fix(browser): prevent stale handles from switching duplicate-URL tabs (#103816)
* fix(browser): reject ambiguous tab replacements

* fix(browser): guide stale tab recovery
2026-07-10 17:40:14 +01:00
Peter Steinberger
911f8ec68f fix(browser): avoid duplicate upload events (#103777) 2026-07-10 16:50:36 +01:00
Peter Steinberger
dc476a7e7c fix(browser): stale Chrome MCP handles survive reconnect (#103576)
* fix(browser): expire Chrome MCP handles after reconnect

* chore(browser): satisfy Chrome MCP static checks
2026-07-10 10:10:20 +01:00
Peter Steinberger
a2d5f32cef fix(browser): make node action downloads usable (#103328)
* fix(browser): transfer plural node downloads

* test(browser): avoid proxy test path shadowing
2026-07-10 05:11:22 +01:00
Peter Steinberger
8d892e8dab fix(browser): handle Chrome spawn errors (#103243) 2026-07-10 03:32:36 +01:00
Peter Steinberger
aef945f847 fix(browser): require exact Playwright target identity (#103177) 2026-07-10 02:12:53 +01:00
Peter Steinberger
8b300e57f0 fix(browser): keep remote CDP credentials out of responses (#103139)
* fix(browser): contain remote CDP credentials

* fix(browser): probe authenticated discovery before attach

* chore: keep release note in PR metadata
2026-07-10 01:12:51 +01:00
llagy007
823c153577 fix(browser): reject ambiguous tab references (#103119)
* fix(browser): reject ambiguous tab references

Co-authored-by: llagy007 <0668001470@xydigit.com>

* fix(browser): close tracked tabs by raw target id

* fix(browser): harden raw tab cleanup routing

* test(browser): type raw close request mock

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-10 00:51:18 +01:00
llagy007
910886814d fix(browser): filter non-page CDP targets (#103115)
* fix(browser): filter non-page CDP targets

* fix(browser): require page CDP targets

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-10 00:18:04 +01:00
Peter Steinberger
3c048ef052 fix(browser): preserve no-display launch diagnostics (#102946)
* fix(browser): preserve no-display launch diagnostics

* chore: keep changelog release-owned
2026-07-09 16:26:18 +01:00
Peter Steinberger
d5fb4903f1 fix(browser): reject credentialed page URLs safely (#102952)
Co-authored-by: bitkyc08 <bitkyc08@gmail.com>
2026-07-09 16:23:17 +01:00
Gary
981d67a703 fix(browser): remove hardcoded profile="user" suggestion from tool description (#102582)
* fix(browser): remove hardcoded profile="user" suggestion from browser tool description

The browser tool description hardcoded a suggestion to use profile="user"
for logged-in sessions, even when the operator has configured a different
default profile (e.g. browser.defaultProfile: "openclaw").

Replace with profile-agnostic guidance that references the configured
browser.defaultProfile setting instead of prescribing a specific value.

Fixes #102566

* test: update browser tool description assertion for profile-agnostic wording

* refactor(browser): unify tool profile guidance

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 12:32:56 +01:00
Masato Hoshino
c9ec548e6f fix(browser): preserve strict CDP discovery policy on target-list lookup (#102328)
* fix(browser): preserve strict CDP discovery policy on target-list lookup

findPageByTargetIdViaTargetList fetched the CDP /json/list endpoint without
passing an ssrfPolicy argument, so the caller's discovery policy was dropped at
the fetch layer while the sibling tryTerminateExecutionViaCdp scoped it. Build
the scoped control policy with scopeCdpPolicyToConfiguredEndpoint and pass it to
fetchJson, matching the sibling lookup path.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>

* test(browser): tighten target-list CDP policy test comment

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>

* test(browser): consolidate target-list SSRF coverage

---------

Co-authored-by: Claude Fable 5 <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 12:04:39 +01:00
qingminlong
56096eb859 fix(browser): report malformed relay CDP frames (#102070)
* fix(browser): report malformed relay CDP frames

* refactor(browser): streamline relay frame validation

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 12:00:38 +01:00
qingminlong
c86fe21cad fix(browser): keep UTF-8 stderr tails valid (#102543) 2026-07-09 10:51:52 +01:00
mikasa
a522e4309c fix(browser): bound Chrome launch stderr diagnostics (#101506)
* fix(browser): bound Chrome launch stderr diagnostics

* fix(browser): preserve chrome launch recovery diagnostics

* refactor(browser): share bounded UTF-8 stderr tails

* fix(browser): own bounded stderr storage

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 08:30:27 +01:00
Vincent Koc
c0d99ed26e fix(browser): preserve request lifetime on Node 24 2026-07-08 16:53:15 -07:00
Vincent Koc
7d0f9de907 fix(browser): preserve strict CDP discovery policy 2026-07-08 14:22:21 -07:00
mushuiyu886
5bdea31c94 fix(browser): keep Playwright truncation UTF-16 safe (#101761)
* fix(browser): keep Playwright truncation UTF-16 safe

* fix(browser): cover Chrome MCP snapshot truncation
2026-07-07 19:55:52 -07:00