vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-04-12 17:51:22 +00:00
Code Issues Packages Projects Releases Wiki Activity
30,069 Commits 1,241 Branches 104 Tags
84d4e5deac5b8f37147ea55b37ae973d37a1c19d
Commit Graph

81 Commits

Author SHA1 Message Date
Vincent Koc
33b4b76a53 docs(web): clarify control ui language picker 2026-04-06 02:44:24 +01:00
Vignesh Natarajan
61e61ccc18 Dreaming: simplify sweep flow and add diary surface 2026-04-05 17:18:54 -07:00
Peter Steinberger
ffc1f7b337 feat(i18n): add Ukrainian docs and control UI locale 2026-04-05 18:31:02 +01:00
Peter Steinberger
bc910942e2 docs: refresh history sanitization tag mirrors 2026-04-04 22:21:26 +01:00
Peter Steinberger
3d65b14019 docs: refresh NO_REPLY history mirrors 2026-04-04 21:55:11 +01:00
Peter Steinberger
291afbbb95 docs: refresh transcript sanitization mirrors 2026-04-04 21:52:15 +01:00
Peter Steinberger
4f9804ec24 docs: refresh config schema and gateway tool mirrors 2026-04-04 21:43:09 +01:00
Peter Steinberger
e2b841d7d0 docs: refresh shared-secret default mirrors 2026-04-04 21:11:16 +01:00
Peter Steinberger
0738ed8d19 docs: refresh control-ui shared-secret mirrors 2026-04-04 21:05:12 +01:00
Peter Steinberger
0ef29325ed docs: refresh config schema mirror refs 2026-04-04 20:38:15 +01:00
Peter Steinberger
8eb1ea5b2e docs: refresh config schema mirrors 2026-04-04 20:14:33 +01:00
Peter Steinberger
f94645dfe5 docs: refresh session recall sanitization refs 2026-04-04 19:26:37 +01:00
Peter Steinberger
fd222d3f07 docs: refresh chat history scaffolding refs 2026-04-04 19:23:55 +01:00
Peter Steinberger
39d9ded2e5 docs: refresh chat history display mirrors 2026-04-04 19:17:58 +01:00
Peter Steinberger
2ab8acb2c9 docs: refresh chat thinking and compaction refs 2026-04-04 18:25:13 +01:00
Peter Steinberger
89535f9313 docs: refresh pairing locality refs 2026-04-04 16:13:04 +01:00
Peter Steinberger
5fa60e6535 docs: refresh channel overview mirrors 2026-04-04 15:07:32 +01:00
Peter Steinberger
114496871d docs: refresh tailscale auth rate limit refs 2026-04-04 14:30:13 +01:00
Peter Steinberger
2ecb8ca352 docs: refresh control ui auth ux refs 2026-04-04 14:14:54 +01:00
Peter Steinberger
0afd30d325 docs: refresh shared-secret auth mirrors 2026-04-04 14:02:29 +01:00
Peter Steinberger
11d17b3c38 docs: refresh control ui device identity refs 2026-04-04 13:52:23 +01:00
Vincent Koc
9f0845137a docs: add Related sections to plugin and web interface pages 
- building-plugins.md, manifest.md: link to architecture, SDK, channel/provider plugins
- control-ui.md, tui.md: link to sibling web interfaces and CLI
 2026-03-31 14:34:56 +09:00
Josh Avant
81b777c768 fix(config): harden SecretRef round-trip handling in Control UI and RPC writes (#58044) 
* Config: harden SecretRef round-trip handling

* Gateway: test SecretRef preflight on config writes

* Agents: align skill loader with upstream Skill type

* Docs: align SecretRef write semantics with Control UI and RPC behavior

* Config: add UI and gateway regression evidence for SecretRef hardening

* Config: add token SecretRef restore regression and skill sourceInfo compat

* UI: scope structured-value lockout to SecretRef fields

* Agents: remove out-of-scope skill loader compat edits

* UI: reduce app-render churn to rawAvailable-only changes

* Gateway: scope SecretRef preflight to submitted config

* Docs: clarify config write SecretRef preflight scope

* changelog

Signed-off-by: joshavant <830519+joshavant@users.noreply.github.com>

---------

Signed-off-by: joshavant <830519+joshavant@users.noreply.github.com>
 2026-03-30 23:55:03 -05:00
Josh Avant
8e132aed6e Hardening: refresh stale device pairing requests and pending metadata (#50695) 
* Docs: clarify device pairing supersede behavior

* Device pairing: supersede pending requests on auth changes
 2026-03-19 18:26:06 -05:00
Val Alexander
56066dccb0 docs(ui): harden legacy query token guidance (#49053) 2026-03-17 22:18:42 -05:00
Peter Steinberger
4d8106eece docs(security): clarify wildcard Control UI origins 2026-03-17 09:36:51 -07:00
stim64045-spec
6101c023bb fix(ui): restore control-ui query token compatibility (#43979) 
* fix(ui): restore control-ui query token imports

* chore(changelog): add entry for openclaw#43979 thanks @stim64045-spec

---------

Co-authored-by: 大禹 <dayu@dayudeMac-mini.local>
Co-authored-by: Val Alexander <bunsthedev@gmail.com>
Co-authored-by: Val Alexander <68980965+BunsDev@users.noreply.github.com>
 2026-03-17 04:03:35 -05:00
Tak Hoffman
4863b651c6 docs: rename onboarding user-facing wizard copy 
Co-authored-by: Tak <contact-redacted@example.com>
 2026-03-16 19:50:31 -05:00
Peter Steinberger
5287ae3c06 docs: update setup wizard wording 2026-03-15 21:40:31 -07:00
Peter Steinberger
d5bffcdeab feat: add fast mode toggle for OpenAI models 2026-03-12 23:31:31 +00:00
Josh Avant
a76e810193 fix(gateway): harden token fallback/reconnect behavior and docs (#42507) 
* fix(gateway): harden token fallback and auth reconnect handling

* docs(gateway): clarify auth retry and token-drift recovery

* fix(gateway): tighten auth reconnect gating across clients

* fix: harden gateway token retry (#42507) (thanks @joshavant)
 2026-03-10 17:05:57 -05:00
Radek Sienkiewicz
f2f561fab1 fix(ui): preserve control-ui auth across refresh (#40892) 
Merged via squash.

Prepared head SHA: f9b2375892
Co-authored-by: velvet-shark <126378+velvet-shark@users.noreply.github.com>
Co-authored-by: velvet-shark <126378+velvet-shark@users.noreply.github.com>
Reviewed-by: @velvet-shark
 2026-03-09 12:50:47 +01:00
Peter Steinberger
10d0e3f3ca fix(dashboard): keep gateway tokens out of URL storage 2026-03-07 18:33:30 +00:00
Vincent Koc
2b45eb0e52 Docs: document Control UI locale support 2026-03-05 16:57:59 -05:00
Peter Steinberger
aea28e26fb fix(auto-reply): expand standalone stop phrases 2026-02-24 04:02:43 +00:00
Peter Steinberger
223d7dc23d feat(gateway)!: require explicit non-loopback control-ui origins 2026-02-24 01:57:11 +00:00
Tak Hoffman
77c3b142a9 Web UI: add full cron edit parity, all-jobs run history, and compact filters (openclaw#24155) thanks @Takhoffman 
Verified:
- pnpm install --frozen-lockfile
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: Takhoffman <781889+Takhoffman@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-22 23:05:42 -06:00
Peter Steinberger
356d61aacf fix(gateway): scope tailscale tokenless auth to websocket 2026-02-21 13:03:13 +01:00
Peter Steinberger
99048dbec2 fix(gateway): align insecure-auth toggle messaging 2026-02-21 12:57:22 +01:00
Peter Steinberger
ede496fa1a docs: clarify trusted-host assumption for tokenless tailscale 2026-02-21 12:52:49 +01:00
Sebastian
81fd771cb9 fix(gateway): preserve chat.history context under hard caps 2026-02-16 21:50:01 -05:00
Advait Paliwal
bc67af6ad8 cron: separate webhook POST delivery from announce (#17901) 
* cron: split webhook delivery from announce mode

* cron: validate webhook delivery target

* cron: remove legacy webhook fallback config

* fix: finalize cron webhook delivery prep (#17901) (thanks @advaitpaliwal)

---------

Co-authored-by: Tyler Yust <TYTYYUST@YAHOO.COM>
 2026-02-16 02:36:00 -08:00
Advait Paliwal
14fb2c05b1 Gateway/Control UI: preserve partial output on abort (#15026) 
* Gateway/Control UI: preserve partial output on abort

* fix: finalize abort partial handling and tests (#15026) (thanks @advaitpaliwal)

---------

Co-authored-by: Tyler Yust <TYTYYUST@YAHOO.COM>
 2026-02-15 16:55:28 -08:00
Advait Paliwal
115cfb4430 gateway: add cron finished-run webhook (#14535) 
* gateway: add cron finished webhook delivery

* config: allow cron webhook in runtime schema

* cron: require notify flag for webhook posts

* ui/docs: add cron notify toggle and webhook docs

* fix: harden cron webhook auth and fill notify coverage (#14535) (thanks @advaitpaliwal)

---------

Co-authored-by: Tyler Yust <TYTYYUST@YAHOO.COM>
 2026-02-15 16:14:17 -08:00
Seb Slight
578a6e27aa Docs: enable markdownlint autofixables except list numbering (#10476) 
* docs(markdownlint): enable autofixable rules except list numbering

* docs(zalo): fix malformed bot platform link
 2026-02-06 10:08:59 -05:00
Sebastian
0a1f4f666a revert(docs): undo markdownlint autofix churn 2026-02-06 10:00:08 -05:00
Sebastian
c7aec0660e docs(markdownlint): enable autofixable rules and normalize links 2026-02-06 09:55:12 -05:00
Gustavo Madeira Santana
a13ff55bd9 Security: Prevent gateway credential exfiltration via URL override (#9179) 
* Gateway: require explicit auth for url overrides

* Gateway: scope credential blocking to non-local URLs only

Address review feedback: the previous fix blocked credential fallback for
ALL URL overrides, which was overly strict and could break workflows that
use --url to switch between loopback/tailnet without passing credentials.

Now credential fallback is only blocked for non-local URLs (public IPs,
external hostnames). Local addresses (127.0.0.1, localhost, private IPs
like 192.168.x.x, 10.x.x.x, tailnet 100.x.x.x) still get credential
fallback as before.

This maintains the security fix (preventing credential exfiltration to
attacker-controlled URLs) while preserving backward compatibility for
legitimate local URL overrides.

* Security: require explicit credentials for gateway url overrides (#8113) (thanks @victormier)

* Gateway: reuse explicit auth helper for url overrides (#8113) (thanks @victormier)

* Tests: format gateway chat test (#8113) (thanks @victormier)

* Tests: require explicit auth for gateway url overrides (#8113) (thanks @victormier)

---------

Co-authored-by: Victor Mier <victormier@gmail.com>
 2026-02-04 18:59:44 -05:00
Tyler Yust
3f82daefd8 feat(cron): enhance delivery modes and job configuration 
- Updated isolated cron jobs to support new delivery modes: `announce` and `none`, improving output management.
- Refactored job configuration to remove legacy fields and streamline delivery settings.
- Enhanced the `CronJobEditor` UI to reflect changes in delivery options, including a new segmented control for delivery mode selection.
- Updated documentation to clarify the new delivery configurations and their implications for job execution.
- Improved tests to validate the new delivery behavior and ensure backward compatibility with legacy settings.

This update provides users with greater flexibility in managing how isolated jobs deliver their outputs, enhancing overall usability and clarity in job configurations.
 2026-02-04 01:03:59 -08:00
Tyler Yust
0bb0dfc9bc feat(cron): default isolated jobs to announce delivery and enhance scheduling options 
- Updated isolated cron jobs to default to `announce` delivery mode, improving user experience.
- Enhanced scheduling options to accept ISO 8601 timestamps for `schedule.at`, while still supporting epoch milliseconds.
- Refined documentation to clarify delivery modes and scheduling formats.
- Adjusted related CLI commands and UI components to reflect these changes, ensuring consistency across the platform.
- Improved handling of legacy delivery fields for backward compatibility.

This update streamlines the configuration of isolated jobs, making it easier for users to manage job outputs and schedules.
 2026-02-04 01:03:59 -08:00