vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-07 18:10:43 +00:00
Code Issues Packages Projects Releases Wiki Activity
34,148 Commits 1,843 Branches 149 Tags
75df14cbbc9905d9b4d88c19b7f2a535ca4c4fc7
Commit Graph

157 Commits

Author SHA1 Message Date
Vincent Koc
b7506521e6 docs: restructure gateway security page and extract audit checks reference 2026-04-23 01:01:12 -07:00
Vincent Koc
daaedf37b7 docs: prune recent additions for readability 2026-04-23 00:23:18 -07:00
Peter Steinberger
dd17dea761 docs: align pairing metadata upgrade approval 2026-04-23 07:56:16 +01:00
Vincent Koc
c8aec6b951 docs: Control UI identity + gateway pairing hardening + release verification 2026-04-22 23:52:37 -07:00
Vincent Koc
30a5c441f3 docs(channels): cover WhatsApp replyToMode, Discord inheritParent, Slack HTTP/ACP/downloadFile, Telegram webhook+picker auth, Mattermost reasoning suppression, workspace .env block for channel endpoints 2026-04-22 23:39:38 -07:00
Peter Steinberger
46fba1d814 docs(config): clarify symlinked config support 2026-04-22 23:45:03 +01:00
Vincent Koc
475e6ff1d1 docs(gateway): replace user-facing 'extension' references with 'plugin' per terminology rules 2026-04-21 14:39:10 -07:00
Vincent Koc
9702f0bf21 docs: tool-progress preview streaming, Control UI avatar auth, exec heredoc and external-content token sanitization 2026-04-21 13:39:55 -07:00
Vincent Koc
b4a59be9b6 docs: document stdio env filter, enforceOwnerForCommands, OPENCLAW_* .env blocking 2026-04-21 13:21:34 -07:00
Peter Steinberger
2514746b32 fix: sanitize LLM special tokens in external content 2026-04-21 20:29:02 +01:00
Peter Steinberger
a292cbf46f docs: clarify optional Docker sandboxing 2026-04-20 19:27:45 +01:00
Tak Hoffman
c37e49f275 Add /trace toggle and fix Active Memory diagnostics 2026-04-12 13:20:22 -05:00
Peter Steinberger
972ed139a7 fix: make docs anchor audit use Mintlify CLI 2026-04-10 21:39:52 +01:00
Agustin Rivera
905f19230a Align external marker span mapping (#63885) 
* fix(markers): align external marker spans

* fix(browser): ssrfPolicy defaults fail-closed for unconfigured installs (GHSA-53vx-pmqw-863c)

* fix(browser): enforce strict default SSRF policy

* chore(changelog): add browser SSRF default + marker alignment entry

---------

Co-authored-by: Devin Robison <drobison@nvidia.com>
 2026-04-10 12:35:20 -06:00
Peter Steinberger
4f9804ec24 docs: refresh config schema and gateway tool mirrors 2026-04-04 21:43:09 +01:00
Peter Steinberger
1ae356c40c docs: refresh sandbox bind security refs 2026-04-04 20:57:37 +01:00
Peter Steinberger
976bc47458 docs: refresh gateway rpc safe-flow mirrors 2026-04-04 20:32:28 +01:00
Peter Steinberger
b1279b0db3 docs: refresh untrusted file wrapper refs 2026-04-04 19:39:09 +01:00
Peter Steinberger
0c3ec064f1 docs: refresh OpenResponses file input refs 2026-04-04 19:13:44 +01:00
Peter Steinberger
4db910698a docs: refresh sandbox and security elevated refs 2026-04-04 18:39:12 +01:00
Peter Steinberger
89535f9313 docs: refresh pairing locality refs 2026-04-04 16:13:04 +01:00
Peter Steinberger
9ac9edff43 docs: refresh gateway operator scope refs 2026-04-04 15:25:57 +01:00
Peter Steinberger
114496871d docs: refresh tailscale auth rate limit refs 2026-04-04 14:30:13 +01:00
Peter Steinberger
07c7c4b9ec docs: refresh tailscale http auth refs 2026-04-04 14:13:36 +01:00
Peter Steinberger
022618e887 docs: refresh browser auth refs 2026-04-04 14:04:24 +01:00
Peter Steinberger
0afd30d325 docs: refresh shared-secret auth mirrors 2026-04-04 14:02:29 +01:00
Peter Steinberger
b0025b1921 docs: refresh hook ingress security refs 2026-04-04 13:59:09 +01:00
Peter Steinberger
c63a32661a docs: refresh gateway auth overview mirrors 2026-04-04 13:54:15 +01:00
Peter Steinberger
11d17b3c38 docs: refresh control ui device identity refs 2026-04-04 13:52:23 +01:00
Peter Steinberger
4991cd66ef docs: refresh reverse proxy hardening refs 2026-04-04 13:47:59 +01:00
Peter Steinberger
62babffc40 docs: refresh security audit reference docs 2026-04-04 13:42:47 +01:00
Peter Steinberger
375bd73ce1 docs: refresh security fix refs 2026-04-04 13:35:42 +01:00
Peter Steinberger
3100984a33 docs: refresh browser origin auth refs 2026-04-04 12:34:11 +01:00
Peter Steinberger
aaa173a4a7 docs: clarify node exec approval binding 2026-04-04 12:18:32 +01:00
Peter Steinberger
7671f4f1e3 docs: clarify gateway and plugin http auth scopes 2026-04-04 09:01:05 +01:00
huntharo
c4f40c3f7d Plugins: allow unsafe-force override on update 2026-04-04 01:49:35 +09:00
Peter Steinberger
a6649201b7 docs: clarify default subagent allowlists 2026-04-03 19:45:05 +09:00
Vincent Koc
2f013b68f8 docs: add missing changelog entries and update context visibility security docs 2026-04-03 12:39:45 +09:00
Peter Steinberger
35e1605147 feat: add configurable context visibility 2026-04-03 04:34:57 +09:00
Peter Steinberger
4269f40811 docs(security): clarify exec yolo default 2026-04-02 14:52:51 +01:00
Peter Steinberger
8b2d24b62b docs(security): clarify node pairing trust boundary 2026-04-01 18:27:23 +09:00
Peter Steinberger
0d7f1e2c84 feat(security): fail closed on dangerous skill installs 2026-03-31 23:27:20 +09:00
Peter Steinberger
44b9936136 feat(plugins): add dangerous unsafe install override 2026-03-31 23:16:11 +09:00
Peter Steinberger
cbfeecfab4 fix(gateway): restore shared-secret HTTP tool invoke auth 2026-03-31 22:55:15 +09:00
Vincent Koc
5474796735 docs(security): clarify acpx yolo mode 2026-03-31 20:54:30 +09:00
Peter Steinberger
0633406ff6 fix(gateway): restore compat HTTP operator auth 2026-03-31 16:49:30 +09:00
Vincent Koc
03a03c2dc4 fix(ci): restore skill fixtures and security doc anchors 2026-03-30 11:41:08 +09:00
Vincent Koc
66f8fb9e9b docs: fix P2 in security -- normalize Security audit checklist heading to sentence case 2026-03-30 10:19:51 +09:00
Vincent Koc
50d815579c docs: consolidate security page structure and add navigation 
- Merge 3 duplicate trust-model sections into one (Scope first + Deployment/host trust)
- Promote "What the audit checks" from h3 to h2 (standalone topic, not child of Shared inbox)
- Add "On this page" navigation links at the top for the 1200+ line page
 2026-03-30 10:19:51 +09:00
Vincent Koc
169bbc82f2 docs: fix security page P1s -- dmScope, heading style, roadmap language 
- Add missing per-peer dmScope value to isolation options
- Fix heading style: 3./4. -> 3)/4) for consistency with other numbered sections
- Add channel qualifier to 'Separate Numbers' heading (WhatsApp/Signal/Telegram)
- Remove roadmap speculation ('We may add readOnlyMode later')
 2026-03-30 09:46:57 +09:00