Commit Graph

67697 Commits

Author SHA1 Message Date
Peter Steinberger
0086763ba4 feat(fleet): harden create, port allocation, drift visibility, and audit guidance (#104814) 2026-07-12 07:02:42 +01:00
soldforaloss
5459a94763 docs(browser): clarify JSON flag placement (#103155)
* docs(browser): clarify JSON flag placement

* docs(browser): align JSON flag examples

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-12 06:58:40 +01:00
llagy007
f6d11d0e29 fix(google-meet): guard node-host meet URLs (#104687) 2026-07-12 06:55:38 +01:00
Peter Steinberger
4b50658b76 feat(ui): make the working indicator an OpenClaw claw that pinches (#105020) 2026-07-12 06:54:10 +01:00
Vincent Koc
e680b3dbeb fix(tasks): fail closed on registry restore errors (#105031) 2026-07-12 13:50:28 +08:00
Shubhankar Tripathy
86cd9786c8 fix(google-meet): actually leave the Meet call in the browser on leave (#103386) (#103522)
* fix(google-meet): leave browser calls on session end

Co-authored-by: lonexreb <reach2shubhankar@gmail.com>

* fix(google-meet): keep agent browser control in gateway

* chore(google-meet): move release note to pr

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-12 06:50:13 +01:00
Vincent Koc
c8427919b9 refactor(acpx): remove redundant probe plumbing (#105023) 2026-07-12 13:49:32 +08:00
Vincent Koc
01b9c428aa chore(i18n): reconcile native locale inventory 2026-07-12 13:45:20 +08:00
Vincent Koc
78d142e84f fix(i18n): scan typed fallback copy 2026-07-12 13:45:20 +08:00
Vincent Koc
b3fb295e94 fix(i18n): preserve localized helper inventory 2026-07-12 13:45:20 +08:00
Vincent Koc
484c3a18b2 fix(i18n): validate native locale artifacts 2026-07-12 13:45:20 +08:00
Vincent Koc
9b5fbee3b0 fix(ui): localize usage views 2026-07-12 13:45:11 +08:00
Vincent Koc
77207c9784 fix(ui): localize channel and session views 2026-07-12 13:45:11 +08:00
Vincent Koc
27da133957 fix(ui): localize chat surfaces 2026-07-12 13:45:11 +08:00
Vincent Koc
0faeb8e9c3 fix(ui): localize cron and workboard controls 2026-07-12 13:45:11 +08:00
Vincent Koc
65f8e27900 fix(ui): localize plugins and skills 2026-07-12 13:45:11 +08:00
Vincent Koc
ca5195418b fix(ui): localize configuration and node controls 2026-07-12 13:45:11 +08:00
Vincent Koc
b9f6cae6bc fix(ui): localize agent controls 2026-07-12 13:45:11 +08:00
Vincent Koc
eb4e3b2472 fix(ui): localize shared preview controls 2026-07-12 13:45:11 +08:00
Vincent Koc
c90ca4e968 fix(ui): add remaining localization source copy 2026-07-12 13:45:11 +08:00
Peter Steinberger
05e95b7b45 fix: hide external files from the session workspace rail (#105015)
* fix(ui): hide external files from workspace rail

Co-authored-by: 赵旺0668001248 <zhao.wang1@xydigit.com>

* chore: leave release notes to release workflow

---------

Co-authored-by: 赵旺0668001248 <zhao.wang1@xydigit.com>
2026-07-12 06:42:49 +01:00
Ayaan Zaidi
47ce757c0f fix(auto-reply): adopt the target run slot when command turns continue into agent turns
Native command turns keep #104144 source-keyed admission, but a turn that
continues into a full agent turn (/steer fallback, /goal, /learn, unhandled
body) now moves its reservation and lifecycle lease to the target session
before running. Concurrent target inbounds see the owner and queue/steer
instead of double-admitting and splitting the session into two conversation
families; steering also targets the registered run owner instead of a stale
source-keyed reservation.

Fixes #104844
2026-07-12 11:12:04 +05:30
pick-cat
3c7edce61e fix(codex): preserve UTF-16 pairs in tool output delta truncation (#104116)
* fix(codex): preserve UTF-16 pairs in tool output delta truncation

* chore: trigger CI re-run

* test(codex): add UTF-16 safety regression test for progress message cap

* chore: trigger CI re-run

Co-Authored-By: Claude <noreply@anthropic.com>

* test(codex): tighten UTF-16 progress regression

* test(codex): match progress label

---------

Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-12 06:40:48 +01:00
thomas.szbay
4dfffeb4ce fix(infra): bound ed25519 base64url decode input length (#104921) 2026-07-12 06:39:35 +01:00
Vincent Koc
8f8b44a3ce fix(qa): isolate plugin tools MCP smoke 2026-07-12 07:37:47 +02:00
Peter Steinberger
d14bb8ec44 fix: resume replay-safe work after gateway restarts (#104997)
* fix: resume replay-safe work after gateway restart

* chore: leave restart note to release process

* fix: sync restart recovery protocol artifacts
2026-07-12 06:37:22 +01:00
Peter Steinberger
096cb91175 feat(tooling): enforce noUncheckedIndexedAccess in core and ui lanes (NUIA phase 3c) (#104981)
* fix(ui): make indexed access explicit across the Control UI

Burns down all 322 ui-lane noUncheckedIndexedAccess errors: untrusted
markdown/diff/patch parsing gets miss-tolerant guards (renderer rules
degrade to empty output instead of throwing mid-render), accumulators
use canonical sparse initialization, DOM lookups stay null-guarded, and
length-checked constructions carry named invariants.

* feat(tooling): enforce noUncheckedIndexedAccess in the core and ui lanes

Flips the flag on for tsconfig.core.json and tsconfig.ui.json (covering
src, all packages including the two deferred ones, and ui) and retires
the strict-ratchet lane wholesale: config, script, projects reference,
check/CI wiring, changed-lane routing, and sync test. The assertion-ban
oxlint override stays as an independent surface.
2026-07-12 06:36:36 +01:00
Peter Steinberger
a40e43e46e feat(mac): redesign the menu bar critter to match the mascot (#104846)
* feat(mac): redesign menu bar critter to match the mascot

* fix(mac): draw happy-eye arcs upward and guard stale celebration expiry

* docs(mac): update menu bar icon states for critter redesign

* fix(mac): own celebration expiry with a start-only generation counter

* fix(mac): give voice-wake antennae real headroom at 18pt
2026-07-12 06:35:02 +01:00
Peter Steinberger
176647aa84 ci: gate frozen QA smoke by capability (#105006) 2026-07-12 06:32:26 +01:00
dependabot[bot]
33da64c5d0 build(deps): bump the android-deps group across 1 directory with 4 updates (#104807)
Bumps the android-deps group with 4 updates in the /apps/android directory: [gradle-wrapper](https://github.com/gradle/gradle), [io.kotest:kotest-assertions-core-jvm](https://github.com/kotest/kotest), [io.kotest:kotest-runner-junit5-jvm](https://github.com/kotest/kotest) and [com.google.devtools.ksp](https://github.com/google/ksp).


Updates `gradle-wrapper` from 9.4.1 to 9.6.1
- [Release notes](https://github.com/gradle/gradle/releases)
- [Commits](https://github.com/gradle/gradle/compare/v9.4.1...v9.6.1)

Updates `io.kotest:kotest-assertions-core-jvm` from 6.2.1 to 6.2.2
- [Release notes](https://github.com/kotest/kotest/releases)
- [Commits](https://github.com/kotest/kotest/compare/6.2.1...6.2.2)

Updates `io.kotest:kotest-runner-junit5-jvm` from 6.2.1 to 6.2.2
- [Release notes](https://github.com/kotest/kotest/releases)
- [Commits](https://github.com/kotest/kotest/compare/6.2.1...6.2.2)

Updates `io.kotest:kotest-runner-junit5-jvm` from 6.2.1 to 6.2.2
- [Release notes](https://github.com/kotest/kotest/releases)
- [Commits](https://github.com/kotest/kotest/compare/6.2.1...6.2.2)

Updates `com.google.devtools.ksp` from 2.3.9 to 2.3.10
- [Release notes](https://github.com/google/ksp/releases)
- [Commits](https://github.com/google/ksp/compare/2.3.9...2.3.10)

---
updated-dependencies:
- dependency-name: gradle-wrapper
  dependency-version: 9.6.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: android-deps
- dependency-name: io.kotest:kotest-assertions-core-jvm
  dependency-version: 6.2.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: android-deps
- dependency-name: io.kotest:kotest-runner-junit5-jvm
  dependency-version: 6.2.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: android-deps
- dependency-name: io.kotest:kotest-runner-junit5-jvm
  dependency-version: 6.2.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: android-deps
- dependency-name: com.google.devtools.ksp
  dependency-version: 2.3.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: android-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-07-12 06:30:17 +01:00
Peter Steinberger
23d4e48172 fix: harden live updater snapshot recovery (#105007)
* fix(updater): harden snapshot recovery

* fix(updater): avoid snapshot code execution
2026-07-12 06:29:41 +01:00
thomas.szbay
a9e2b06812 fix(nextcloud-talk): align supported message actions (#104906)
Nextcloud Talk's supportsAction advertised support for all non-send
actions (including delete, pin, edit, read), but the handler only
implements 'react'. Unsupported actions passed the dispatcher boundary
check only to fail inside the handler.

This aligns supportsAction with actual implementation, matching the
pattern from PR #104788 (Signal adapter fix).
2026-07-12 06:28:07 +01:00
WhatsSkiLL
604c026409 fix(android): keep session search in context (#104792)
Co-authored-by: Peter Steinberger <steipete@gmail.com>
Co-authored-by: IWhatsskill <284122573+IWhatsskill@users.noreply.github.com>
2026-07-12 06:27:07 +01:00
Vincent Koc
f696430fd8 refactor(tts): split complex command handlers (#105005) 2026-07-12 13:23:27 +08:00
Peter Steinberger
36da65d050 fix(tests): relocate provider auth-literal parity test outside core source (#104995)
The parity test loaded the test-only bundled-plugin public-surface
helper from src/plugins, which the extension-test boundary forbids for
core source files; every PR touching the build-artifacts shard now
fails. Moving it to test/plugins keeps the dynamic-import lane
protection and passes both the boundary and parity suites.
2026-07-12 06:20:30 +01:00
RickLin
4cfe0077ff fix(models): redact synthetic auth credentials from models status --json (#104734)
The provider auth overview passed the caller's synthetic-auth object
through to the JSON payload. Status hands it the full runtime shape,
which also carries the raw credential, so structural typing let live
API keys/tokens ship in a diagnostic surface (#104713). Re-project to
the declared value/source fields at the overview boundary.

Fixes #104713
2026-07-12 06:20:28 +01:00
Peter Steinberger
3d9b912b88 feat: sidebar session state slot, worktree/automation badges, archive disables bound cron jobs (#104730)
* feat(gateway): flag sessions with attached automations and disable bound cron jobs on archive

Session rows now carry hasAutomation, derived from a lifecycle-owned index
over the cron service's in-memory jobs; cron events push refreshed rows so
badges stay live. sessions.patch { archived: true } disables enabled cron
jobs bound to the session (locked binding re-check, internal/operator-admin
callers only); restore intentionally does not re-enable them.

Refs #104700

* feat(ui): sidebar session state slot and worktree/automation badges

The run spinner moves into a leading state slot shared with the unread dot,
keeping the timestamp visible during runs; muted fork/clock badges sit after
the title (outside the trail/action overlap so pinned rows and touch devices
keep them). New strings localized via ui:i18n:sync (English fallback pending
a keyed translation run).

Refs #104700

* test(gateway): pin cron binding broadcast test to the event mechanism

The shard shares one process; session-store state from earlier tests can make
the row load return null, which legitimately produces a keyless refresh
payload. Row-field projection stays covered by session-utils and
session-automation-index tests.
2026-07-12 06:19:01 +01:00
Vincent Koc
a2c2c5576e fix(qa): restore OpenAI web search smoke 2026-07-12 07:17:48 +02:00
Vincent Koc
66cd7b1f4c refactor(acp): share runtime option action handling (#104998) 2026-07-12 13:13:31 +08:00
Vincent Koc
da78d6f2a5 chore(i18n): reconcile native locale artifacts 2026-07-12 13:12:45 +08:00
github-actions[bot]
0a957a265e chore(i18n): refresh native locales 2026-07-12 13:12:45 +08:00
Vincent Koc
dc6b447c07 fix(release): verify named backport provenance 2026-07-12 13:12:30 +08:00
Vincent Koc
16d9ef5848 refactor(tasks): centralize managed flow mutations (#104994) 2026-07-12 13:11:03 +08:00
Peter Steinberger
b163dbb97d ci: harden current and frozen release checks (#104956)
* test(qa): wait for complete process pid fixture

* style(qa): format pid readiness predicate

* test(sqlite): allow schema version pragma

* ci: install target playwright for frozen UI checks
2026-07-11 22:08:49 -07:00
Vincent Koc
b67417909b refactor: remove dead core and extension exports (#104963)
* refactor(agents): remove obsolete exec eligibility helper

* refactor(diffs): internalize viewer-only state

* refactor(qa-lab): internalize implementation helpers
2026-07-12 13:06:23 +08:00
Vincent Koc
dd084b29dd fix(tasks): make registry reads index-safe (#104990) 2026-07-12 13:05:51 +08:00
Vincent Koc
2ff8fcab07 refactor(agents): share top-level resource collection (#104988) 2026-07-12 13:05:34 +08:00
Sally O'Malley
f3971bbd56 feat(mcp): support sandboxed MCP Apps (#69039)
Implement stable opt-in MCP Apps negotiation, caller-specific tool
visibility, bounded ephemeral UI resources, a dedicated-origin double
iframe host, restrictive CSP, configuration, docs, and regression tests.

Co-authored-by: Peter Steinberger <steipete@gmail.com>
Co-authored-by: Sally O'Malley <11166065+sallyom@users.noreply.github.com>
2026-07-11 22:04:38 -07:00
Peter Steinberger
dd5928711a feat(ui): fold Skills and Skill Workshop into a Plugins hub (#104834)
* feat(ui): fold Skills and Skill Workshop into a Plugins hub

One sidebar entry (Plugins) now covers plugins, skills, and skill-workshop
routes via a shared hub tab strip (Installed / Discover / Skills / Workshop).
Routes and URLs are unchanged; /settings/plugins gains ?tab= deep links and
the sidebar highlights Plugins for all hub routes.

Also latches Skill Workshop proposal loading so updated() no longer re-kicks
loads while one is pending or after one fails - the early-return finally
used to spin the page at 100% CPU whenever skills.proposals.list stalled.

* feat(mock): plugin catalog and skill-workshop fixtures for the mock harness

* docs(web): describe the Plugins hub tabs in the Control UI guide

* test(ui): backfill initialTab in plugins route-data fixtures

* fix(ui): review fixes for the plugins hub

- plugins route declares loaderDeps on the ?tab= param so query-only
  navigation and back/forward re-run the loader instead of reusing the
  cached match with the previous tab
- catalog tab clicks navigate so the URL and history stay in sync with
  the documented ?tab=discover deep link (local switch stays instant)
- skill-workshop error banner gains a Try again button so a transient
  proposals-list failure is recoverable without remounting the route

* fix(ui): restore the Installed tab on bare plugins URLs in history navigation

* fix(ui): manual-activation hub tablist with cross-route focus hand-off

Arrow keys only move focus now; activation stays on click/Enter so arrowing
can never unmount the strip under the user's focus. Keyboard activation of a
cross-route tab hands focus to the destination strip's active tab, and the
hub-route set uses a Set per lint.

* fix(ui): defer hub-tab focus reclaim until the strip is connected

* fix(ui): skip focus recovery for same-tab hub activation

* docs(css): note the hub-panel flex ownership for the workshop board

* fix(ui): adapt hub test to retired Overview route

* chore(i18n): sync locale bundles for the plugins hub keys

* docs(map): regenerate for the plugins hub section
2026-07-11 22:03:38 -07:00
Peter Steinberger
2263272a32 fix(updater): build snapshot control client safely (#104964) 2026-07-11 22:02:50 -07:00