vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-03-19 22:10:51 +00:00
Code Issues Packages Projects Releases Wiki Activity
15,111 Commits 799 Branches 80 Tags
75ed72e807421ff794a861d9101ac0a64a56bb0e
Commit Graph

2794 Commits

Author SHA1 Message Date
Peter Steinberger
75ed72e807 refactor(pi): extract history image prune helpers 2026-02-26 16:44:52 +01:00
Peter Steinberger
c81e9866ff fix(pi): stop history image reinjection token blowup 2026-02-26 16:38:20 +01:00
Peter Steinberger
9a4b2266cc fix(security): bind node system.run approvals to env 2026-02-26 16:38:07 +01:00
Peter Steinberger
03d7641b0e feat(agents): default codex transport to websocket-first 2026-02-26 16:22:53 +01:00
Peter Steinberger
5c0255477c fix: tolerate missing pi-coding-agent backend export 2026-02-26 16:11:37 +01:00
Peter Steinberger
47fc6a0806 fix: stabilize secrets land + docs note (#26155) (thanks @joshavant) 2026-02-26 14:47:22 +00:00
Peter Steinberger
820d614757 fix(secrets): harden plan target paths and ref-only auth profiles 2026-02-26 14:47:22 +00:00
joshavant
ba2eb583c0 fix(secrets): make apply idempotent and keep audit read-only 2026-02-26 14:47:22 +00:00
joshavant
8944b75e16 fix(secrets): align ref contracts and non-interactive ref persistence 2026-02-26 14:47:22 +00:00
joshavant
4e7a833a24 feat(security): add provider-based external secrets management 2026-02-26 14:47:22 +00:00
joshavant
0e69660c41 feat(secrets): finalize external secrets runtime and migration hardening 2026-02-26 14:47:22 +00:00
joshavant
4807e40cbd Agents: restore auth.json static scrub during pi auth discovery 2026-02-26 14:47:22 +00:00
joshavant
f6a854bd37 Secrets: add migrate rollback and skill ref support 2026-02-26 14:47:22 +00:00
joshavant
301fe18909 Agents: inject pi auth storage from runtime profiles 2026-02-26 14:47:22 +00:00
joshavant
6a251d8d74 Auth profiles: resolve keyRef/tokenRef outside gateway 2026-02-26 14:47:22 +00:00
joshavant
5ae367aadd Tests: stub discoverAuthStorage in model catalog mocks 2026-02-26 14:47:22 +00:00
joshavant
cec404225d Auth labels: handle token refs and share Pi credential conversion 2026-02-26 14:47:22 +00:00
joshavant
e1301c31e7 Auth profiles: never persist plaintext when refs are present 2026-02-26 14:47:22 +00:00
joshavant
4c5a2c3c6d Agents: inject pi auth storage from runtime profiles 2026-02-26 14:47:22 +00:00
joshavant
45ec5aaf2b Secrets: keep read-only runtime sync in-memory 2026-02-26 14:47:22 +00:00
joshavant
8e33ebe471 Secrets: make runtime activation auth loads read-only 2026-02-26 14:47:22 +00:00
joshavant
b50c4c2c44 Gateway: add eager secrets runtime snapshot activation 2026-02-26 14:47:22 +00:00
Peter Steinberger
8315c58675 refactor(auth-profiles): unify coercion and add rejected-entry diagnostics 2026-02-26 14:42:11 +01:00
Peter Steinberger
96aad965ab fix: land NO_REPLY announce suppression and auth scope assertions 
Landed follow-up for #27535 and aligned shared-auth gateway expectations after #27498.

Co-authored-by: kevinWangSheng <118158941+kevinWangSheng@users.noreply.github.com>
 2026-02-26 13:40:58 +00:00
Ubuntu
0ab5f4c43b fix: enable store=true for Azure OpenAI Responses API 
Azure OpenAI endpoints were not recognized by shouldForceResponsesStore(),
causing store=false to be sent with all Azure Responses API requests.
This broke multi-turn conversations because previous_response_id referenced
responses that Azure never stored.

Add "azure-openai-responses" to the provider whitelist and
*.openai.azure.com to the URL check in isDirectOpenAIBaseUrl().

Fixes #27497

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
(cherry picked from commit 185f3814e9)
 2026-02-26 13:40:58 +00:00
Peter Steinberger
4b259ab81b fix(models): normalize trailing @profile parsing across resolver paths 
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
Co-authored-by: Marcus Castro <mcaxtr@gmail.com>
Co-authored-by: Brandon Wise <brandonawise@gmail.com>
 2026-02-26 14:34:15 +01:00
lbo728
7e7ca43a79 fix(auth-profiles): accept mode/apiKey aliases to prevent silent credential loss 
Users following openclaw.json auth.profiles examples (which use 'mode' for
the credential type) would write their auth-profiles.json entries with:
  { provider: "anthropic", mode: "api_key", apiKey: "sk-ant-..." }

The actual auth-profiles.json schema uses:
  { provider: "anthropic", type: "api_key", key: "sk-ant-..." }

coerceAuthStore() and coerceLegacyStore() validated entries strictly on
typed.type, silently skipping any entry that used the mode/apiKey spelling.
The user would get 'No API key found for provider anthropic' with no hint
about the field name mismatch.

Add normalizeRawCredentialEntry() which, before validation:
- coerces mode → type when type is absent
- coerces apiKey → key when key is absent

Both functions now call the normalizer before the type guard so
mode/apiKey entries are loaded and resolved correctly.

Fixes #26916
 2026-02-26 13:32:05 +00:00
Peter Steinberger
e3385a6578 fix(security): harden root file guards and host writes 2026-02-26 13:32:58 +01:00
Peter Steinberger
4fd29a35bb fix: block broken-symlink sandbox path escapes 2026-02-26 13:30:45 +01:00
Ayaan Zaidi
452a8c9db9 fix: use canonical cron session detection for spawn note 2026-02-26 17:54:27 +05:30
Taras Lukavyi
69590de276 fix: suppress SUBAGENT_SPAWN_ACCEPTED_NOTE for cron isolated sessions 
The 'do not poll/sleep' note added to sessions_spawn tool results causes
cron isolated agents to immediately end their turn, since the note tells
them not to wait for subagent results. In cron isolated sessions, the
agent turn IS the entire run, so ending early means subagent results
are never collected.

Fix: detect cron sessions via includes(':cron:') in agentSessionKey
and suppress the note, allowing the agent to poll/wait naturally.

Note: PR #27330 used startsWith('cron:') which never matches because
the session key format is 'agent:main:cron:...' (starts with 'agent:').

Fixes #27308
Fixes #25069
 2026-02-26 17:54:27 +05:30
Peter Steinberger
46eba86b45 fix: harden workspace boundary path resolution 2026-02-26 13:19:59 +01:00
Peter Steinberger
da0ba1b73a fix(security): harden channel auth path checks and exec approval routing 2026-02-26 12:46:05 +01:00
Peter Steinberger
b74be2577f refactor(web): unify proxy-guarded fetch path for web tools 2026-02-26 12:44:18 +01:00
Peter Steinberger
242188b7b1 refactor: unify boundary-safe reads for bootstrap and includes 2026-02-26 12:42:14 +01:00
Peter Steinberger
46003e85bf fix: unify web tool proxy path (#27430) (thanks @kevinWangSheng) 2026-02-26 11:32:43 +00:00
Kevin Shenghui
d8e2030d47 fix(web-search): honor HTTP_PROXY environment variable for Brave Search API 
The web_search tool was not respecting HTTP_PROXY/HTTPS_PROXY environment
variables, causing 'fetch failed' errors when running behind a proxy.

This fix adds ProxyAgent support for the Brave Search API, similar to how
other tools in OpenClaw handle proxy configuration.

Fixes #27405
 2026-02-26 11:32:43 +00:00
Onur Solmaz
a7d56e3554 feat: ACP thread-bound agents (#23580) 
* docs: add ACP thread-bound agents plan doc

* docs: expand ACP implementation specification

* feat(acp): route ACP sessions through core dispatch and lifecycle cleanup

* feat(acp): add /acp commands and Discord spawn gate

* ACP: add acpx runtime plugin backend

* fix(subagents): defer transient lifecycle errors before announce

* Agents: harden ACP sessions_spawn and tighten spawn guidance

* Agents: require explicit ACP target for runtime spawns

* docs: expand ACP control-plane implementation plan

* ACP: harden metadata seeding and spawn guidance

* ACP: centralize runtime control-plane manager and fail-closed dispatch

* ACP: harden runtime manager and unify spawn helpers

* Commands: route ACP sessions through ACP runtime in agent command

* ACP: require persisted metadata for runtime spawns

* Sessions: preserve ACP metadata when updating entries

* Plugins: harden ACP backend registry across loaders

* ACPX: make availability probe compatible with adapters

* E2E: add manual Discord ACP plain-language smoke script

* ACPX: preserve streamed spacing across Discord delivery

* Docs: add ACP Discord streaming strategy

* ACP: harden Discord stream buffering for thread replies

* ACP: reuse shared block reply pipeline for projector

* ACP: unify streaming config and adopt coalesceIdleMs

* Docs: add temporary ACP production hardening plan

* Docs: trim temporary ACP hardening plan goals

* Docs: gate ACP thread controls by backend capabilities

* ACP: add capability-gated runtime controls and /acp operator commands

* Docs: remove temporary ACP hardening plan

* ACP: fix spawn target validation and close cache cleanup

* ACP: harden runtime dispatch and recovery paths

* ACP: split ACP command/runtime internals and centralize policy

* ACP: harden runtime lifecycle, validation, and observability

* ACP: surface runtime and backend session IDs in thread bindings

* docs: add temp plan for binding-service migration

* ACP: migrate thread binding flows to SessionBindingService

* ACP: address review feedback and preserve prompt wording

* ACPX plugin: pin runtime dependency and prefer bundled CLI

* Discord: complete binding-service migration cleanup and restore ACP plan

* Docs: add standalone ACP agents guide

* ACP: route harness intents to thread-bound ACP sessions

* ACP: fix spawn thread routing and queue-owner stall

* ACP: harden startup reconciliation and command bypass handling

* ACP: fix dispatch bypass type narrowing

* ACP: align runtime metadata to agentSessionId

* ACP: normalize session identifier handling and labels

* ACP: mark thread banner session ids provisional until first reply

* ACP: stabilize session identity mapping and startup reconciliation

* ACP: add resolved session-id notices and cwd in thread intros

* Discord: prefix thread meta notices consistently

* Discord: unify ACP/thread meta notices with gear prefix

* Discord: split thread persona naming from meta formatting

* Extensions: bump acpx plugin dependency to 0.1.9

* Agents: gate ACP prompt guidance behind acp.enabled

* Docs: remove temp experiment plan docs

* Docs: scope streaming plan to holy grail refactor

* Docs: refactor ACP agents guide for human-first flow

* Docs/Skill: add ACP feature-flag guidance and direct acpx telephone-game flow

* Docs/Skill: add OpenCode and Pi to ACP harness lists

* Docs/Skill: align ACP harness list with current acpx registry

* Dev/Test: move ACP plain-language smoke script and mark as keep

* Docs/Skill: reorder ACP harness lists with Pi first

* ACP: split control-plane manager into core/types/utils modules

* Docs: refresh ACP thread-bound agents plan

* ACP: extract dispatch lane and split manager domains

* ACP: centralize binding context and remove reverse deps

* Infra: unify system message formatting

* ACP: centralize error boundaries and session id rendering

* ACP: enforce init concurrency cap and strict meta clear

* Tests: fix ACP dispatch binding mock typing

* Tests: fix Discord thread-binding mock drift and ACP request id

* ACP: gate slash bypass and persist cleared overrides

* ACPX: await pre-abort cancel before runTurn return

* Extension: pin acpx runtime dependency to 0.1.11

* Docs: add pinned acpx install strategy for ACP extension

* Extensions/acpx: enforce strict local pinned startup

* Extensions/acpx: tighten acp-router install guidance

* ACPX: retry runtime test temp-dir cleanup

* Extensions/acpx: require proactive ACPX repair for thread spawns

* Extensions/acpx: require restart offer after acpx reinstall

* extensions/acpx: remove workspace protocol devDependency

* extensions/acpx: bump pinned acpx to 0.1.13

* extensions/acpx: sync lockfile after dependency bump

* ACPX: make runtime spawn Windows-safe

* fix: align doctor-config-flow repair tests with default-account migration (#23580) (thanks @osolmaz)
 2026-02-26 11:00:09 +01:00
Ayaan Zaidi
a0cf753b2e refactor(agents): dedupe node read invoke commands 2026-02-26 14:33:14 +05:30
Ayaan Zaidi
c0073b3d47 feat(agents): add nodes notifications_list action 2026-02-26 14:33:14 +05:30
Sid
c289b5ff9f fix(config): preserve agent-level apiKey/baseUrl during models.json merge (#27293) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 6b4b37b03d
Co-authored-by: Sid-Qin <201593046+Sid-Qin@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-02-26 03:46:36 -05:00
Ayaan Zaidi
8117a13dd6 fix(nodes): default camera snap to front high-quality image 2026-02-26 12:17:32 +05:30
Peter Steinberger
e35fe7888b refactor: centralize message-provider tool filtering 2026-02-26 04:22:49 +01:00
Peter Steinberger
e4d62c21be test: expand voice provider tts regression coverage 2026-02-26 04:15:11 +01:00
Peter Steinberger
8f8e2b13b4 fix: disable tts tool for voice provider 2026-02-26 04:12:39 +01:00
Peter Steinberger
8a97803474 fix(agents): normalize malformed tool results in adapter (#27007) 2026-02-26 04:11:44 +01:00
Peter Steinberger
de61e9c977 refactor(security): unify path alias guard policies 2026-02-26 03:59:17 +01:00
Peter Steinberger
04d91d0319 fix(security): block workspace hardlink alias escapes 2026-02-26 03:42:54 +01:00
Peter Steinberger
03e689fc89 fix(security): bind system.run approvals to argv identity 2026-02-26 03:41:31 +01:00
Ramez
acbb93be48 fix(agents): comprehensive quota fallback fixes - session overrides + surgical cooldown logic (#23816) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: e6f2b4742b
Co-authored-by: ramezgaberiel <844893+ramezgaberiel@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-02-25 20:35:40 -05:00