vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-06-22 20:28:08 +00:00
Code Issues Packages Projects Releases Wiki Activity
58,977 Commits 1,843 Branches 149 Tags
767e8280ac7c32cc2207fa42557c19299982fdec
Commit Graph

20 Commits

Author SHA1 Message Date
Vincent Koc
767e8280ac fix(cli): harden official plugin recovery (#93325) 
* fix(cli): harden official plugin recovery

* fix(config): preserve include write context

* fix(config): reject external include mutations

* fix(config): bind snapshots to config paths

* fix(config): preserve write ownership

* fix(cli): preflight plugin config mutations

* chore(plugin-sdk): refresh api baseline

* test(config): prove install env policy mutations

* fix(cli): preflight plugin updates

* fix(cli): preflight non-npm id migrations

* chore(plugin-sdk): refresh api baseline

* fix(cli): satisfy plugin recovery checks
 2026-06-15 23:07:29 +08:00
Sally O'Malley
e6ffcf7362 docs: clarify before_install hook scope (#92766) 
Signed-off-by: sallyom <somalley@redhat.com>
 2026-06-13 16:54:04 -04:00
Peter Steinberger
4995907541 docs: document cli support tests 2026-06-04 19:35:08 -04:00
Brian
7b5f75eb98 Pin official npm plugin install records (#88585) 
* fix(plugins): pin official npm install records

* fix(infra): tolerate equivalent plugin install migrations

* fix(plugins): preserve manual exact plugin pins

* fix(infra): remove stale migration imports

* chore: unblock ci guards

* fix: preserve official sync integrity checks

* fix: avoid prerelease integrity carryover

* fix: preserve manual official npm specs

* fix: preserve beta fallback integrity checks

* fix: preserve trusted prerelease fallback integrity

* fix: preserve prerelease-only integrity checks

* fix: pin unchanged official npm records

* fix: allow official compatible fallback updates

* fix: preserve fallback integrity after prerelease resolution

* fix: skip incompatible fallback integrity pins

* fix: preserve pin-only install provenance

* fix: check integrity when repairing missing official pins

---------

Co-authored-by: Lilac <lilac@Lilacs-iMac.local>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
 2026-06-03 17:58:09 -07:00
Josh Avant
154f439c81 Add operator install policy and remove dangerous-code install scanners (#89516) 
* feat: add operator install policy

* test: cover plain-file plugin install code

* fix: preserve locationless install policy findings

* refactor: remove install-time plugin scanner

* test: remove stale plugin install helper

* fix: preserve before-install builtin scan type

* fix: preserve plugin dependency denylist

---------

Co-authored-by: Mainframe <mainframe@MainfraacStudio.localdomain>
 2026-06-03 14:17:29 -07:00
Jesse Merhi
6c92324c5f Revert "Check ClawHub trust before plugin installs (#81307)" (#81363) 
This reverts commit 87eb450047.
 2026-05-13 19:34:18 +10:00
Jesse Merhi
87eb450047 Check ClawHub trust before plugin installs (#81307) 
Merged via squash.

Prepared head SHA: 273fd7c20e
Co-authored-by: jesse-merhi <79823012+jesse-merhi@users.noreply.github.com>
Co-authored-by: jesse-merhi <79823012+jesse-merhi@users.noreply.github.com>
Reviewed-by: @jesse-merhi
 2026-05-13 16:31:52 +10:00
Peter Steinberger
6715ac526e test: dedupe plugin cli mock reads 2026-05-13 06:13:46 +01:00
Peter Steinberger
65df09647c test: guard plugins update mock calls 2026-05-12 07:23:49 +01:00
Peter Steinberger
26e3036c2a test: tighten plugin update assertions 2026-05-11 04:17:26 +01:00
Shakker
856a0b135e test: clarify plugin update restart assertions 2026-05-08 10:22:15 +01:00
the sun gif man
d4b4660026 config: stop automatic writes and guard Nix mutators (#78047) 
Keep startup-derived plugin enablement, gateway auth tokens, control UI origins, and owner-display secrets runtime-only instead of persisting them into openclaw.json.

Refuse config writers, mutating update/plugin lifecycle commands, and doctor repair/token generation in Nix mode with agent-first nix-openclaw guidance.

Verification:
- pnpm check
- pnpm build
- pnpm test -- src/config/io.write-config.test.ts src/config/mutate.test.ts src/config/io.owner-display-secret.test.ts src/gateway/server-startup-config.recovery.test.ts src/gateway/startup-auth.test.ts src/gateway/startup-control-ui-origins.test.ts src/cli/plugins-cli.install.test.ts src/cli/plugins-cli.policy.test.ts src/cli/plugins-cli.uninstall.test.ts src/cli/plugins-cli.update.test.ts src/cli/update-cli.test.ts src/auto-reply/reply/commands-plugins.install.test.ts src/auto-reply/reply/commands-plugins.test.ts src/commands/onboarding-plugin-install.test.ts src/commands/doctor.runs-legacy-state-migrations-yes-mode-without.e2e.test.ts src/commands/doctor/shared/codex-route-warnings.test.ts src/commands/doctor/repair-sequencing.test.ts src/agents/auth-profile-runtime-contract.test.ts src/auto-reply/reply/agent-runner-execution.test.ts
- GitHub CI green on 05a2c71b90

Co-authored-by: Codex <noreply@openai.com>
 2026-05-06 14:43:32 +02:00
Peter Steinberger
93f2d42259 fix: fail plugin update on update errors 2026-04-26 11:01:10 +01:00
Shakker
dcf7f8f44c fix: model plugin index records in cli tests 2026-04-26 01:03:13 +01:00
Shakker
c19f8a5223 refactor: consolidate plugin install index store 2026-04-26 01:03:12 +01:00
Vincent Koc
888448facc feat(plugins): move install records to managed ledger 2026-04-25 11:37:10 -07:00
Vincent Koc
61b3c04424 test(plugins): cover registry refresh mutations 2026-04-25 10:35:36 -07:00
Peter Steinberger
5ca92b0498 test: move plugin update selection to pure tests 2026-04-11 08:08:41 +01:00
huntharo
c4f40c3f7d Plugins: allow unsafe-force override on update 2026-04-04 01:49:35 +09:00
Peter Steinberger
1b1167012f test(cli): split plugin cli test coverage by surface 2026-03-22 12:02:53 -07:00