vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-03-30 03:11:10 +00:00
Code Issues Packages Projects Releases Wiki Activity
22,372 Commits 951 Branches 90 Tags
89e6b91b899e549f0735e3500a17c2fd3ce225cd
Commit Graph

144 Commits

Author SHA1 Message Date
Harold Hunt
da60aff17a Tests: isolate security audit home skill resolution (#54473) 
Merged via squash.

Prepared head SHA: 82181e15fb
Co-authored-by: huntharo <5617868+huntharo@users.noreply.github.com>
Co-authored-by: huntharo <5617868+huntharo@users.noreply.github.com>
Reviewed-by: @huntharo
 2026-03-25 09:43:19 -04:00
Peter Steinberger
c42cb1ca66 refactor: audit synology dangerous name matching 2026-03-22 23:32:22 -07:00
Peter Steinberger
405d808409 fix: restore repo-wide gate after exec safe-bin refactor 2026-03-22 17:28:04 +00:00
Peter Steinberger
0ac939059e refactor(exec): split safe-bin semantics 2026-03-22 10:14:46 -07:00
Peter Steinberger
a94ec3b79b fix(security): harden exec approval boundaries 2026-03-22 09:35:25 -07:00
Peter Steinberger
8b7f40580d perf: split telegram audit runtime seams 2026-03-22 00:53:12 +00:00
Peter Steinberger
994b42a5a5 test: parallelize safe audit case tables 2026-03-20 21:16:01 +00:00
Peter Steinberger
9f8cf7f71a test: stabilize full gate 2026-03-17 16:21:59 +00:00
Peter Steinberger
6646ca61cc test: merge audit channel command hygiene cases 2026-03-17 16:21:59 +00:00
Peter Steinberger
63997aec23 test: merge audit trust exposure cases 2026-03-17 16:21:59 +00:00
Peter Steinberger
141d73ddf4 test: merge audit dangerous flag cases 2026-03-17 16:21:59 +00:00
Peter Steinberger
58c26ad706 test: merge audit code safety cases 2026-03-17 16:21:59 +00:00
Peter Steinberger
ef53926542 test: merge audit install metadata cases 2026-03-17 16:21:59 +00:00
Peter Steinberger
7866655176 test: merge audit allowCommands cases 2026-03-17 16:21:59 +00:00
Peter Steinberger
9e087f66be test: merge audit browser sandbox cases 2026-03-17 16:21:59 +00:00
Peter Steinberger
9b7aafa141 test: merge audit sandbox docker config cases 2026-03-17 16:21:59 +00:00
Peter Steinberger
23a3211c29 test: merge audit discord allowlist cases 2026-03-17 16:21:59 +00:00
Peter Steinberger
c1733d700d test: merge audit sandbox docker danger cases 2026-03-17 16:21:59 +00:00
Peter Steinberger
610d836151 test: merge audit gateway auth guardrail cases 2026-03-17 16:21:59 +00:00
Peter Steinberger
8cfcce0849 test: merge audit resolved inspection cases 2026-03-17 16:21:59 +00:00
Peter Steinberger
fb4b6eef03 test: merge audit code safety failure cases 2026-03-17 16:21:59 +00:00
Peter Steinberger
a24325f40c test: merge audit deny command cases 2026-03-17 16:21:59 +00:00
Peter Steinberger
8ab2d886eb test: merge audit windows acl cases 2026-03-17 16:21:59 +00:00
Peter Steinberger
2cfccf59c7 test: merge audit browser container cases 2026-03-17 16:21:59 +00:00
Peter Steinberger
355051f401 test: merge audit gateway auth presence cases 2026-03-17 16:21:59 +00:00
Peter Steinberger
97c481120f test: merge audit extension allowlist severity cases 2026-03-17 16:21:58 +00:00
Peter Steinberger
23d700b090 test: merge audit hooks ingress cases 2026-03-17 16:21:58 +00:00
Peter Steinberger
17143ed878 test: merge audit exposure heuristic cases 2026-03-17 16:21:58 +00:00
Peter Steinberger
588c8be6ff test: merge audit extension and workspace cases 2026-03-17 16:21:58 +00:00
Peter Steinberger
7efa79121a test: merge install metadata audit cases 2026-03-17 16:21:58 +00:00
Peter Steinberger
85c5ec8065 test: share audit exposure severity helper 2026-03-17 16:21:58 +00:00
Peter Steinberger
167a6ebed9 test: merge gateway http audit cases 2026-03-17 16:21:58 +00:00
Peter Steinberger
4fd17021f2 test: merge hooks audit risk cases 2026-03-17 16:21:58 +00:00
Peter Steinberger
3aa76a8ce7 test: merge feishu audit doc cases 2026-03-17 16:21:58 +00:00
Peter Steinberger
7e1bc4677f test: merge control ui audit cases 2026-03-17 16:21:58 +00:00
Peter Steinberger
5f0f69b2c7 test: merge browser control audit cases 2026-03-17 16:21:58 +00:00
Peter Steinberger
2ef7b13962 test: merge channel command audit cases 2026-03-17 16:21:58 +00:00
Peter Steinberger
03b405659b test: merge audit auth precedence cases 2026-03-17 16:21:58 +00:00
Peter Steinberger
0c070ccd53 test: merge zalouser audit group cases 2026-03-17 16:21:58 +00:00
Peter Steinberger
1038990bdd test: merge discord audit allowlist cases 2026-03-17 16:21:58 +00:00
Josh Avant
a2cb81199e secrets: harden read-only SecretRef command paths and diagnostics (#47794) 
* secrets: harden read-only SecretRef resolution for status and audit

* CLI: add SecretRef degrade-safe regression coverage

* Docs: align SecretRef status and daemon probe semantics

* Security audit: close SecretRef review gaps

* Security audit: preserve source auth SecretRef configuredness

* changelog

Signed-off-by: joshavant <830519+joshavant@users.noreply.github.com>

---------

Signed-off-by: joshavant <830519+joshavant@users.noreply.github.com>
 2026-03-15 21:55:24 -05:00
Peter Steinberger
3f12e90f3e fix(ci): repair security and route test fixtures 2026-03-15 19:54:00 -07:00
Peter Steinberger
a472f988d8 fix: harden remote cdp probes 2026-03-15 08:23:01 -07:00
Peter Steinberger
f36d8c09f1 feat(zalouser): audit mutable group allowlists 2026-03-13 01:44:42 +00:00
Peter Steinberger
eece586747 refactor(security): reuse hook agent routing normalization 2026-03-12 21:44:06 +00:00
Peter Steinberger
904db27019 fix(security): audit unrestricted hook agent routing 2026-03-12 21:36:19 +00:00
Vincent Koc
e4d80ed556 CI: restore main detect-secrets scan (#38438) 
* Tests: stabilize detect-secrets fixtures

* Tests: fix rebased detect-secrets false positives

* Docs: keep snippets valid under detect-secrets

* Tests: finalize detect-secrets false-positive fixes

* Tests: reduce detect-secrets false positives

* Tests: keep detect-secrets pragmas inline

* Tests: remediate next detect-secrets batch

* Tests: tighten detect-secrets allowlists

* Tests: stabilize detect-secrets formatter drift
 2026-03-07 10:06:35 -08:00
Josh Avant
0e4245063f CLI: make read-only SecretRef status flows degrade safely (#37023) 
* CLI: add read-only SecretRef inspection

* CLI: fix read-only SecretRef status regressions

* CLI: preserve read-only SecretRef status fallbacks

* Docs: document read-only channel inspection hook

* CLI: preserve audit coverage for read-only SecretRefs

* CLI: fix read-only status account selection

* CLI: fix targeted gateway fallback analysis

* CLI: fix Slack HTTP read-only inspection

* CLI: align audit credential status checks

* CLI: restore Telegram read-only fallback semantics
 2026-03-05 23:07:13 -06:00
Josh Avant
72cf9253fc Gateway: add SecretRef support for gateway.auth.token with auth-mode guardrails (#35094) 2026-03-05 12:53:56 -06:00
Ho Lim
da0e245db6 fix(security): avoid prototype-chain account path checks (#34982) 
Merged via squash.

Prepared head SHA: f89cc6a649
Co-authored-by: HOYALIM <166576253+HOYALIM@users.noreply.github.com>
Co-authored-by: dvrshil <81693876+dvrshil@users.noreply.github.com>
Reviewed-by: @dvrshil
 2026-03-04 17:38:09 -08:00