Commit Graph

15644 Commits

Author SHA1 Message Date
Peter Steinberger
03cab29505 feat(cloud-workers): worker bundle production, pinned SSH bootstrap, and admission handshake (#104532)
* feat(gateway-protocol): add worker admission handshake

* feat(cloud-workers): build and bootstrap worker bundles

* feat(cloud-workers): wire bootstrap lifecycle

* fix(cloud-workers): state host-key TOFU fallback without warning-comment suppression

* test(cloud-workers): assemble host-key fixture to satisfy review secret scanner

* test(cloud-workers): assemble redaction fixture to satisfy review secret scanner

* fix(cloud-workers): require pinned SSH host keys

* fix(state): add ssh_host_key to additive worker_environments migration
2026-07-11 08:14:30 -07:00
clawsweeper[bot]
1b6393c51e fix (Computer Use) Stabilize Codex Computer Use readiness (#103331)
* fix (Computer Use) Stabilize Codex Computer Use readiness

Co-authored-by: Ben Badejo <188106718+bdjben@users.noreply.github.com>

* fix (Computer Use) Stabilize Codex Computer Use readiness

* fix (Computer Use) Stabilize Codex Computer Use readiness

* fix (Computer Use) Stabilize Codex Computer Use readiness

* fix(clawsweeper): address review for automerge-openclaw-openclaw-103331 (1)

* fix (Computer Use) Stabilize Codex Computer Use readiness

---------

Co-authored-by: clawsweeper <274271284+clawsweeper[bot]@users.noreply.github.com>
Co-authored-by: Ben Badejo <188106718+bdjben@users.noreply.github.com>
2026-07-11 09:42:27 -05:00
Peter Steinberger
ba826be268 test(channels): delivery trace harness with feishu and mattermost goldens (#104478) 2026-07-11 06:49:27 -07:00
Peter Steinberger
fa77fe10d5 chore: migrate active GPT-5.5 references to GPT-5.6 (#104452)
* chore(models): migrate active GPT-5.5 references

* test(workboard): expect GPT-5.6 Sol default

* chore: keep release notes in PR body

* test(models): align picker fixtures with Sol default

* test: update PDF default model expectation

* test(qa): migrate thinking smoke to Luna

* test(gateway): align mock catalog with Sol default

* ci: retrigger exact-head PR checks

* test(gateway): document default catalog invariant
2026-07-11 06:30:57 -07:00
Peter Steinberger
e681646834 feat(cloud-workers): add crabbox worker provider plugin and profile-aware lease lifecycle (#104465)
* feat(cloud-workers): add Crabbox worker provider

* docs(cloud-workers): document Crabbox profiles

* chore(cloud-workers): drop changelog entry (release-only file)

* refactor(plugin-sdk): pass profiles to worker lease lifecycle

* docs(plugin-sdk): document worker lifecycle profiles

* chore(docs): regenerate plugin inventory, docs map, and sdk baseline after rebase

* fix(cloud-workers): state crabbox key-ref gap without warning-comment suppressions
2026-07-11 05:51:56 -07:00
Peter Steinberger
3f33f0bb5f refactor(qqbot): adopt core typing keepalive loop with budget accounting intact (#104438)
* refactor(channels): adopt core typing keepalive loop

* chore(plugin-sdk): pin surface budget for typing keepalive re-export
2026-07-11 05:48:33 -07:00
Peter Steinberger
05aecc1d6f feat: show Codex transcripts in the sidebar (#104437)
* feat: show Codex transcripts in sidebar

* fix: clear Codex sidebar on Gateway switch

* chore: leave release notes to release workflow

* chore: refresh native i18n inventory

* fix: satisfy macOS Codex node lint

* fix: refresh native localization inventory

* docs: refresh documentation map

* chore: refresh UI locale metadata
2026-07-11 05:39:29 -07:00
Peter Steinberger
1285fd6db4 fix(whatsapp): keep pre-connect recovery replayable (#104450) 2026-07-11 05:03:59 -07:00
xingzhou
745cfc028e fix(codex): bound shared app-server startup waits (#89442)
* fix(codex): isolated cron reports Codex startup stalls

* fix(codex): isolated cron reports Codex startup stalls

* fix(codex): bound shared app-server startup waits

Co-authored-by: 张贵萍0668001030 <zhang.guiping@xydigit.com>

* test(codex): satisfy startup lifecycle checks

* test(codex): align deferred auth test type

* test(codex): type auth mock as async void

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-11 04:58:55 -07:00
Peter Steinberger
90e465833b feat(gateway): durable cloud worker environments, provider SDK contract, and lifecycle RPCs (#104401)
* docs(plan): add cloud workers design plan

* feat(plugin-sdk): add cloud worker provider foundations

* feat(protocol): add worker environment lifecycle shapes

* feat(gateway): persist worker environment lifecycles

* test(gateway): pin environment inventory assertion for damaged worker store

* style(cloud-workers): satisfy lint and docs formatting

* fix(gateway): narrow worker environment type boundaries

* chore(plugin-sdk): account for WorkerProvider surface growth

* docs: regenerate docs map
2026-07-11 04:54:27 -07:00
xingzhou
af80736057 fix(qa-lab): keep bounded web snapshots UTF-16 safe (#104249)
* fix(qa-lab): keep bounded web snapshots UTF-16 safe

* fix(qa-lab): keep diagnostic truncation UTF-16 safe

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-11 04:49:00 -07:00
Peter Steinberger
2d319961d5 fix(browser): block interaction-triggered navigation SSRF (#104254)
* fix(browser): guard interaction navigation requests

* fix(browser): preserve pages on blocked navigation

* fix(browser): enforce interaction navigation policy

* test(browser): type navigation guard fixtures

* fix(browser): execute guarded wait predicates

* style(browser): satisfy interaction lint

* fix(browser): guard hover drag and scroll navigation

* fix(browser): type policy check outcomes

* test(browser): type navigation guard mocks

* fix(browser): preserve proxy policy for guarded interactions

* fix(browser): carry navigation policy through actions

* fix(browser): retain policy for existing-session guards

* fix(browser): guard existing-session waits

* test(browser): avoid shadowed guard pages

* fix(browser): expose scroll action to agents

* fix(browser): disable speculative managed preconnects

* docs(browser): bound managed preconnect hardening

* fix(browser): keep wait behavior outside interaction guards

* chore(browser): leave release notes to release automation

* fix(browser): guard all interaction navigations
2026-07-11 04:30:33 -07:00
Peter Steinberger
3902adf9f6 refactor(channels): adopt core retryAsync for hand-rolled retry loops (#104431) 2026-07-11 04:30:21 -07:00
llagy007
cba9ffb177 fix(memory): skip blank search provider bootstrap (#103728)
* fix(memory): skip blank search provider bootstrap

* refactor(memory): simplify blank search preflight

---------

Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
Co-authored-by: Peter Steinberger <peter@steipete.me>
2026-07-11 04:19:40 -07:00
Peter Steinberger
234e8f4fae test(discord): exercise multipart proxy fetch path (#104421) 2026-07-11 04:13:00 -07:00
llagy007
f8aa995856 fix(google-meet): validate chrome node policy params (#103752) 2026-07-11 04:00:28 -07:00
Peter Steinberger
8756cc4a3b fix(googlechat): keep off-mode replies out of threads (#104402)
* fix(googlechat): align reply and typing targets

Co-authored-by: Jai Govindani <jai.g@ewa-services.com>

Co-authored-by: Neerav Makwana <261249544+neeravmakwana@users.noreply.github.com>

Co-authored-by: banddude <127166397+banddude@users.noreply.github.com>

Co-authored-by: Novan Adrian <novan.adrian@qasir.id>

* chore(googlechat): leave changelog to release automation

* style(googlechat): apply canonical formatting

* chore(googlechat): leave changelog to release automation

* style(googlechat): keep monitor imports canonical

* style(googlechat): keep monitor imports canonical

---------

Co-authored-by: Novan Adrian <novan.adrian@qasir.id>
2026-07-11 03:57:16 -07:00
Peter Steinberger
cfd2dc2346 fix(telegram): mark durable webhook acceptance (#104407) 2026-07-11 03:51:39 -07:00
Peter Steinberger
de282b4d0d refactor(matrix): adopt core claimable dedupe with doctor-owned state migration (#104391)
* refactor(matrix): adopt core claimable dedupe for inbound events

* fix(matrix): migrate legacy inbound dedupe markers via doctor

* fix(matrix): single-pool dedupe namespace and capacity-aware legacy import

* fix(matrix): keep unreadable legacy dedupe JSON in place during doctor import
2026-07-11 03:38:54 -07:00
Peter Steinberger
0af8467137 feat(workspaces): add agent-composable Workspaces (#104139)
* feat(dashboard): modular dashboard — workspace store, Workspaces tab, sandboxed custom widgets

Squashes openclaw/openclaw#101094 + #101097 + #101098 onto current main and
applies the maintainer review fixes to the backend control plane.

Co-authored-by: 100yenadmin <239388517+100yenadmin@users.noreply.github.com>

* fix(dashboard): UI review fixes — grid, error boundary, embed sandbox, locale

* fix(dashboard): make the CLI and agent broadcasts actually reachable

Three defects only a live run surfaces, all invisible to the unit suites:

- The plugin claimed the CLI command name `dashboard`, which core already owns
  (it opens the Control UI). A plugin CLI group that overlaps a core command is
  dropped at registration behind a `logger.debug`, so the entire CLI face was
  unreachable while `cli.test.ts` kept passing against its own Commander
  program. Renamed to `openclaw workspaces`, matching the tab it drives.

- The manifest never declared `activation.onCommands`, so the CLI root resolved
  to no owning plugin even once the name was free.

- `dashboard.widget.approve` needs `operator.approvals`; the CLI asked for
  `operator.write` on every call. It now requests the approvals scope only for
  the approve call, matching `operator-approvals-client.ts`.

Also: agent tools resolved their broadcast from the plugin runtime's
gateway-request scope, an AsyncLocalStorage set only around gateway RPCs and
plugin HTTP routes. An agent turn started from a channel, cron, or heartbeat
therefore wrote the document without emitting `plugin.dashboard.changed`, so an
open Control UI never saw the edit — the feature's headline promise. The gateway
broadcast is server-lifetime, so the plugin now remembers it in a single slot and
agent tools fall back to it.

* docs(web): document dashboard workspaces, provenance, and the custom-widget sandbox

* fix(dashboard): agent-tool ergonomics + close two approval-boundary gaps

From a source-blind agent driving the dashboard_* tools with nothing but their
schemas, and from a Codex review of the hardening delta.

- dashboard_widget_update could never succeed. It passed its whole parameter
  record to the patch reader, whose allowlist rejects the very `tab`/`id` keys
  the tool's own schema marks required, so every call died on
  "unexpected param: tab". Its test only ran Value.Check against the schema and
  never executed the tool.
- dashboard_data_read surfaced an `rpc` binding as a thrown error, though its
  description promised `binding_client_resolved`. It now returns that as a
  result the model can act on.
- Valid widget kinds and the rpc allowlist were undiscoverable: a model saw only
  "builtin:<name> or custom:<name>" and "Allowlisted gateway read method", then
  brute-forced ~40 calls against errors that named no alternatives. Both schemas
  and both validator errors now enumerate them, and the kind description says
  what each builtin renders and which binding id it reads. widget_move documents
  that grid and toTab are exclusive; widget_scaffold says an operator must
  approve, because no agent tool can.
- workspace.replace could mint a pending registry entry for a name that was
  never scaffolded. An operator could then approve a widget whose code did not
  exist yet, and the agent could write it afterwards. Registry entries now come
  from dashboard_widget_scaffold and nowhere else, and approve refuses a name
  with no manifest on disk.
- dashboard.widget.approve answered with the whole workspace document, so a
  connection holding only operator.approvals could read it through the approvals
  door. It now returns the registry entry it changed.

* fix(dashboard): approval pins the code it approves

Codex review found the scaffold-before-approval gate still nameable rather than
binding: approve only proved that widget.json parsed, and the Control UI loaded a
hardcoded index.html rather than the manifest's entrypoint. An agent could
scaffold a widget, win approval on an innocuous or absent entrypoint, then write
the real payload afterwards — code appearing after the human said yes.

Approval now hashes every servable file in the widget directory and stores the
digests on the registry entry, refusing a manifest whose declared entrypoint is
missing. The asset route re-hashes each file it reads and 404s anything that does
not match, so a file edited or added after approval never reaches a browser. The
Control UI loads the manifest's entrypoint, which is the file that was hashed.

The content-type allowlist moves to manifest.ts so the set of files approval
hashes and the set the route can serve cannot drift apart.

Proof, against a running gateway: scaffold -> 404, approve -> 200, rewrite
index.html -> 404, add late.js -> 404.

* fix(dashboard): parse the approved manifest from the bytes that were hashed

Codex found a TOCTOU in the approval path: it loaded and validated widget.json,
then walked the directory again to compute the digests. An agent could swap
widget.json between the two reads, so the operator validated one entrypoint while
the digest froze — and the Control UI later mounted — a different one.

snapshotApprovedWidget now reads the widget directory once: it hashes every
servable file, parses the manifest out of the same widget.json bytes it hashed,
and requires the declared entrypoint to be among them.

Proof, against a running gateway: approve -> index.html 200; rewrite widget.json
to point at evil.html and drop evil.html in -> both 404.

* fix(dashboard): cap approval asset reads; bound the grid fallback search

Two findings from the fourth Codex pass.

Approval hashes agent-authored files that are untrusted until it runs, and read
each one into memory with no size check — dropping one huge .png into a scaffold
directory would stall or OOM the gateway during approve. Sizes are now checked
before the read, with a 2 MB per-file and 8 MB total cap.

nearestFreeSlot searched one band below the lowest occupied row, so a crowded
layout near the bottom could return y=500 as the closest free slot: a placement
the store rejects, which the UI applies optimistically and then snaps back. The
search now stops at the last row a widget of that height can legally occupy.

* fix(dashboard): refuse oversized widget assets before reading them

Approved widget files stay writable and the asset route is unauthenticated, so
swapping an approved small file for a very large one made every GET buffer the
whole file before the digest check rejected it. The route now refuses anything
past the same per-file cap approval enforces, on the stat it already performs.

* fix(dashboard): enforce widget approval boundaries

* docs(changelog): note modular dashboard workspaces

* fix(dashboard): enforce static custom-widget data boundary

* fix(dashboard): satisfy UI lint

* test(dashboard): avoid legacy proto access

* feat(dashboard): make plugin opt-in

* docs(dashboard): refresh workspaces map

* refactor(workspaces): standardize plugin naming

* fix(workspaces): make widget prompt sends idempotent

* docs(workspaces): fix internal path references

* test(workspaces): make prompt assertion lint-safe

* test(workspaces): type prompt request mock

* fix(workspaces): harden approval and binding boundaries

* test(workspaces): complete stale binding client mock

* fix(workspaces): harden widget file boundaries

* fix(workspaces): scope custom widget capabilities

* fix(workspaces): align approval provenance

* fix(workspaces): close branch contract gaps

* test(workspaces): complete builtin context fixtures

* fix(workspaces): aggregate overview usage

* chore(workspaces): defer release note

* chore(workspaces): refresh i18n metadata

---------

Co-authored-by: 100yenadmin <239388517+100yenadmin@users.noreply.github.com>
2026-07-11 03:30:23 -07:00
Peter Steinberger
a8e2da7d5e refactor(feishu): adopt core claimable dedupe for inbound events (#104384) 2026-07-11 03:27:14 -07:00
Peter Lee
ef95c5d74e fix(discord): reset progress drafts across queued turns (#102341)
* fix(discord): guard progress draft collapse to prevent re-collapse on cleaned stream

Commit 86ea382 added a progressDraftStartedBeforeFinal latch that snapshots
hasStarted at markFinalReplyStarted time. This correctly preserves collapse
eligibility when an abort cancels the compositor gate before
shouldCollapseProgressDraft runs.

However the latch was never cleared. After markPreviewFinalized turned the
draft into a summary, hasProgressDraftStarted remained true permanently. In
multi-tool turns with multiple final-payload deliveries, this caused
shouldCollapseProgressDraft to re-trigger collapse on an already-cleaned or
sealed draft stream, corrupting downstream delivery state and causing tool
results to render as image content blocks instead of text.

Fix: add a progressDraftCollapsed guard set by markPreviewFinalized that
prevents hasProgressDraftStarted from returning true after the draft has been
collapsed into a summary. Reset the guard on handleAssistantMessageBoundary
so followup/queued turns start fresh.

Per Discord channel session, all tool results rendered as image content
blocks. Model received (see attached image) placeholders instead of text.

Fixes #100782

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

* fix(discord): use valid table/chunk mode literals in collapse-guard tests

* test(discord): add abort-race gate-cancellation latch survival test

* fix(discord): consume progress draft collapse once

Co-authored-by: xialonglee <li.xialong@xydigit.com>

* fix(discord): retain progress receipt on retry

Co-authored-by: xialonglee <li.xialong@xydigit.com>

* fix(discord): rearm queued progress drafts

Co-authored-by: xialonglee <li.xialong@xydigit.com>

* test(discord): assert progress lifecycle outcomes

Co-authored-by: xialonglee <li.xialong@xydigit.com>

* fix(discord): reset queued progress turn state

Co-authored-by: xialonglee <li.xialong@xydigit.com>

* test(discord): model recreated progress drafts

Co-authored-by: xialonglee <li.xialong@xydigit.com>

* fix(discord): serialize progress draft rotation

Co-authored-by: xialonglee <li.xialong@xydigit.com>

* fix(discord): isolate queued draft generations

Co-authored-by: Peter Lee <xialonglee@users.noreply.github.com>

* test(discord): align synchronous draft rotation

Co-authored-by: Peter Lee <xialonglee@users.noreply.github.com>

* fix(discord): distinguish draft rotation ownership

Co-authored-by: Peter Lee <xialonglee@users.noreply.github.com>

* chore: keep release notes in pull request

---------

Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-11 02:59:29 -07:00
Peter Steinberger
d8bf51b462 fix(discord): single-source thread-binding default placement and guard artifact parity (#104342)
* fix(discord): single-source thread-binding default placement and guard artifact parity

* fix(tests): load thread-binding parity artifacts via sanctioned contract test helpers
2026-07-11 02:50:53 -07:00
Peter Steinberger
72cf43fa80 refactor(discord): unify custom-id value codecs into one shared module (#104334) 2026-07-11 02:12:37 -07:00
Peter Steinberger
0ef9a62eaf fix(codex): allow slower Mac session catalogs (#104332) 2026-07-11 02:05:55 -07:00
Vincent Koc
85a96409f1 feat(memory): surface llama.cpp diagnostics 2026-07-11 16:40:14 +08:00
chengzhichao-xydt
a11449211a fix(inworld): add timeout to voices list request (#102965)
* fix(inworld): add timeout to voices list request

* refactor(inworld): reuse guarded timeout test helpers

* test(inworld): rely on harness timeout

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-11 01:35:25 -07:00
Vincent Koc
64a76d18ee fix(memory): tolerate minimal plugin runtimes 2026-07-11 16:22:22 +08:00
Vincent Koc
1aca83abf5 fix(lmstudio): isolate embedding alias credentials 2026-07-11 16:22:22 +08:00
Vincent Koc
105419ae5f fix(lmstudio): resolve embedding alias credentials 2026-07-11 16:22:22 +08:00
Vincent Koc
065873e5ec fix(lmstudio): preserve local service endpoint forms 2026-07-11 16:22:22 +08:00
Vincent Koc
63dbb336ca fix(ollama): preserve embedding readiness base path 2026-07-11 16:22:22 +08:00
Vincent Koc
cce3fd55c4 test(lmstudio): type local service override fixture 2026-07-11 16:22:22 +08:00
Vincent Koc
d2ac533c6c fix(embeddings): skip local services for remote overrides 2026-07-11 16:22:22 +08:00
Vincent Koc
5988420f89 fix(ollama): drop stale embedding config alias 2026-07-11 16:22:22 +08:00
Vincent Koc
1b3438d7ec fix(plugin-runtime): keep local service config host-owned 2026-07-11 16:22:22 +08:00
Vincent Koc
8b8e66cfa4 test(embeddings): align runtime fixture casts 2026-07-11 16:22:22 +08:00
Vincent Koc
ccab708c16 fix(plugin-sdk): align local service release contract 2026-07-11 16:22:22 +08:00
Vincent Koc
e62c216d75 refactor(embeddings): inject local service acquisition 2026-07-11 16:22:22 +08:00
Vincent Koc
06fbade796 fix(lmstudio): lease embedding local services 2026-07-11 16:22:22 +08:00
Vincent Koc
fa5f24b021 fix(ollama): lease embedding local services 2026-07-11 16:22:22 +08:00
Peter Steinberger
20fe3f46db fix: paired Mac Codex sessions finish loading (#104299)
* fix(codex): allow cold Mac session catalogs

* chore: keep release notes in PR body
2026-07-11 01:14:36 -07:00
Pavan Kumar Gondhi
5f709cfd87 fix: isolate Synology webhook preauth throttling [AI] (#103619)
* fix: scope Synology preauth throttling by client ip

* fix: clarify Synology preauth limiter comments
2026-07-11 13:44:21 +05:30
Peter Steinberger
7128e8ea2b fix(telegram): allow 12-option polls (#104303)
* fix(telegram): allow 12-option polls

* chore: keep release notes in pr body
2026-07-11 01:11:30 -07:00
Peter Steinberger
7bf80dc2c6 chore(tooling): enforce formatting and refresh TypeScript checks (#104239)
* chore(tooling): enforce current formatter and refresh checks

* chore(tooling): keep release changelog formatter-owned

* chore(tooling): retain compatible Node type surface

* ci: enforce formatting for docs-only changes

* ci: isolate docs formatter check

* chore(tooling): apply updated lint and format rules

* chore(tooling): satisfy updated switch lint

* style(ui): apply Linux formatter layout

* test(doctor): match quiet local audio contribution

* test(doctor): assert quiet output only

* test(doctor): follow restored information contract
2026-07-11 01:09:51 -07:00
Alix-007
5219c9353d fix(tts): bound voice-list requests (#102865)
* fix(microsoft): add timeout to voices list request

* fix(tts): bound voice-list requests

Co-authored-by: llagy009 <0668001470@xydigit.com>

---------

Co-authored-by: llagy009 <0668001470@xydigit.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-11 00:55:06 -07:00
Yuval Dinodia
df883ab81a fix(discord): stop retrying non-idempotent sends on post-connect-ambiguous errors (#103867)
* fix(discord): stop retrying non-idempotent sends on post-connect-ambiguous errors

Discord's outbound retry runner treated every transient transport error as
retryable, including ECONNRESET, ETIMEDOUT, AbortError, and the undici
headers/body/socket timeouts. Those errors can fire after Discord has already
received and created the message but before the client reads the response, so
replaying the non-idempotent createChannelMessage POST delivers the same
message twice while reporting success.

Add a pre-connect-only classifier (isRetryableDiscordPreConnectError) covering
errors that provably never reached Discord (DNS/connect refused/connect
timeout) plus rate-limit rejections, mirroring the Telegram send-path
carve-out. The retry runner now accepts a per-call nonIdempotent option; the
message-create and thread-create call sites opt in so ambiguous post-connect
errors surface to the caller instead of double-sending. Idempotent REST calls
(reactions, edits, DM-channel lookup, uploads) keep the broader transient set.

* fix(discord): retry nonce-enforced message creates

* fix(discord): scope create retries by endpoint

* fix(discord): stabilize sticker and poll create nonce across retries

* fix(discord): tighten create retry safety

* fix(discord): preserve nonce-safe retries

* fix(discord): scope nonce fields to message creates

* test(discord): cover nonce-safe direct sends

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-11 00:54:23 -07:00
Peter Steinberger
dce871540b test(qa): consolidate web search scenario (#104280)
Co-authored-by: Jimmy Puckett <jimmy.puckett@spinen.com>
2026-07-11 00:54:15 -07:00
Alix-007
18362758d0 fix(openai): add timeout to realtime client-secret requests (#102860)
* fix(openai): add timeout to realtime client-secret requests

* test(openai): prove realtime timeout through real guard

* test(openai): route realtime timeout proof through guard

* fix(openai): bound realtime client-secret requests

Co-authored-by: llagy009 <0668001470@xydigit.com>

* fix(openai): align realtime secret timeout

---------

Co-authored-by: llagy009 <0668001470@xydigit.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-11 00:54:06 -07:00
Vincent Koc
597888680c feat(browser): expose managed graphics diagnostics (#104291)
* feat(browser): expose managed Chrome graphics diagnostics

* feat(browser): surface graphics facts in doctor

* docs(browser): explain managed graphics diagnostics

* fix(browser): remove unused graphics type import

* fix(browser): keep graphics facts sorting immutable

* fix(browser): bind graphics facts to owned process

* fix(browser): classify disabled graphics as software

* fix(browser): detect Windows software renderers

* fix(browser): classify disabled renderer sentinel
2026-07-11 15:41:16 +08:00