openclaw

mirror of https://github.com/openclaw/openclaw.git synced 2026-06-08 21:32:57 +00:00

Author	SHA1	Message	Date
Pavan Kumar Gondhi	91590132f6	Block unsafe Node runtime env overrides [AI] (#87308 ) * fix: block unsafe node runtime env overrides * fix: block node env path redirects * docs: add changelog entry for PR merge	2026-05-27 20:34:12 +05:30
Peter Steinberger	77d9ac30bb	refactor: reuse shared coercion helpers (#86419 ) * refactor: share talk event metric extraction * refactor: reuse shared coercion helpers * refactor: reuse shared primitive guards * refactor: reuse shared record guard * refactor: reuse shared primitive helpers * refactor: reuse shared string guards * refactor: reuse shared non-empty string guard * refactor: share plugin primitive coercion helpers * refactor: reuse plugin coercion helpers * refactor: reuse plugin coercion helpers in more plugins * refactor: reuse channel coercion helpers * refactor: reuse monitor coercion helpers * refactor: reuse provider coercion helpers * refactor: reuse core coercion helpers * refactor: reuse runtime coercion helpers * refactor: reuse helper coercion in codex paths * refactor: reuse helper coercion in runtime paths * refactor: reuse codex app-server coercion helpers * refactor: reuse codex record helpers * refactor: reuse migration and qa record helpers * refactor: reuse feishu and core helper guards * refactor: reuse browser and policy coercion helpers * refactor: reuse memory wiki record helper * refactor: share boolean coercion helpers * refactor: reuse finite number coercion * refactor: reuse trimmed string list helpers * refactor: reuse string list normalization * refactor: reuse remaining string list helpers * refactor: reuse string entry normalizer * refactor: share sorted string helpers * refactor: share string list normalization * test: preserve command registry browser imports * refactor: reuse trimmed list helpers * refactor: reuse string dedupe helpers * refactor: reuse local dedupe helpers * refactor: reuse more string dedupe helpers * refactor: reuse command string dedupe helpers * refactor: dedupe memory path lists with helper * refactor: expose string dedupe helpers to plugins * refactor: reuse core string dedupe helpers * refactor: reuse shared unique value helpers * refactor: reuse unique helpers in agent utilities * refactor: reuse unique helpers in config plumbing * refactor: reuse unique helpers in extensions * refactor: reuse unique helpers in core utilities * refactor: reuse unique helpers in qa plugins * refactor: reuse unique helpers in memory plugins * refactor: reuse unique helpers in channel plugins * refactor: reuse unique helpers in core tails * refactor: reuse unique helper in comfy workflow * refactor: reuse unique helpers in test utilities * refactor: expose unique value helper to plugins * refactor: reuse unique helpers for numeric lists * refactor: replace index dedupe filters * refactor: reuse string entry normalization * refactor: reuse string normalization in plugin helpers * refactor: reuse string normalization in extension helpers * refactor: reuse string normalization in channel parsers * refactor: reuse string normalization in memory search * refactor: reuse string normalization in provider parsers * refactor: reuse string normalization in qa helpers * refactor: reuse string normalization in infra parsers * refactor: reuse string normalization in messaging parsers * refactor: reuse string normalization in core parsers * refactor: reuse string normalization in extension parsers * refactor: reuse string normalization in remaining parsers * refactor: reuse string normalization in final parser spots * refactor: reuse string normalization in qa media helpers * refactor: reuse normalization in provider and media lists * refactor: reuse normalization for remaining set filters * refactor: reuse normalization in policy allowlists * refactor: reuse normalization in session and owner lists * refactor: centralize primitive string lists * refactor: reuse lowercase entry helpers * refactor: reuse sorted string helpers * refactor: reuse unique trimmed helpers * refactor: reuse string normalization helpers * refactor: reuse catalog string helpers * refactor: reuse remaining string helpers * refactor: simplify remaining list normalization * refactor: reuse codex auth order normalization * chore: refresh plugin sdk api baseline * fix: make shared string sorting deterministic * chore: refresh plugin sdk api baseline * fix: align host env security ordering	2026-05-25 21:20:41 +01:00
Josh Avant	cbe68ba1a1	Fix inherited XDG env for exec subprocesses (#85139 ) * fix exec xdg env inheritance * chore changelog xdg env fix	2026-05-21 18:01:38 -07:00
Michael Appel	c1da0ddd54	fix(security): block workspace env from overriding Windows system root paths [AI] (#74458 ) * fix: address issue * fix: address PR review feedback * fix: address PR review feedback * fix: address PR review feedback * fix: address codex review feedback * fix: address codex review feedback * changelog: PR #74458 --------- Co-authored-by: Devin Robison <drobison@nvidia.com>	2026-05-04 10:13:50 -06:00
Pavan Kumar Gondhi	2d126fc623	fix(infra): expand host env security policy denylist [AI] (#63277 ) * fix: address issue * fix: address PR review feedback * fix: address PR review feedback * fix: address PR review feedback * fix: address PR review feedback * fix: address PR review feedback * fix: address PR review feedback * fix: address PR review feedback * fix: address PR review feedback * fix: close host env inherited sanitization gap * fix: enforce host env reported baseline coverage * fix: address PR review feedback * fix: address PR review feedback * fix: address PR review feedback * docs: add changelog entry for PR merge	2026-04-10 11:36:39 +05:30
Agustin Rivera	fa82193c72	fix(env): align inherited host exec env filtering (#59119 ) * fix(env): block inherited host exec config vars * fix(env): preserve trusted inherited proxy env * fix(env): preserve inherited host exec vars * fix(env): refresh host env policy parity artifacts * test(env): align blocked override ordering * docs(changelog): add host env policy parity entry --------- Co-authored-by: Devin Robison <drobison@nvidia.com>	2026-04-07 15:50:32 -06:00
Agustin Rivera	423a14e2be	fix(git): expand host env denylist coverage (#62002 ) * fix(git): expand host env denylist * fix(git): block alternate object directories * docs(changelog): add git env denylist entry * docs(changelog): remove conflict markers --------- Co-authored-by: Devin Robison <drobison@nvidia.com>	2026-04-07 15:39:28 -06:00
pgondhi987	23ab290a71	fix: expand host-exec env blocklist for Java, Rust, and Cargo toolchains [AI-assisted] (#62291 ) * fix: address issue * docs(changelog): add host env blocklist entry --------- Co-authored-by: Devin Robison <drobison@nvidia.com> Co-authored-by: Devin Robison <drobison00@users.noreply.github.com>	2026-04-07 12:40:54 -06:00
Devin Robison	7306cf3707	fix: multiple dangerous build tool environment variab (#317 ) (#62079 )	2026-04-06 13:10:38 -06:00
pgondhi987	b48b528b02	fix(skills): block UV_PYTHON in workspace dotenv and harden uv installer env [AI] (#59178 ) * fix: address issue * fix: finalize issue changes * fix: address PR review feedback * Changelog: note uv installer env hardening --------- Co-authored-by: Jacob Tomlinson <jtomlinson@nvidia.com>	2026-04-03 06:50:43 -07:00
Devin Robison	7eae9c0e62	Block remaining host env override pivots (#59233 ) * Blck remaining host env override pivots * Feedback update	2026-04-02 06:00:26 -07:00
Vincent Koc	4d912e0451	fix(exec): block proxy-style env overrides (#58202 ) * fix(exec): block proxy-style env overrides * fix(exec): keep trusted host proxy env inherited * fix(exec): block git tls override env vars * fix(skills): block dangerous env override keys	2026-03-31 21:25:36 +09:00
Vincent Koc	eb8de6715f	fix(exec): block risky host env overrides (#58209 ) * fix(exec): block risky host env overrides * fix(exec): block GOPRIVATE host env overrides	2026-03-31 19:37:43 +09:00
Josh Avant	c918ab4faf	fix(tts): restore 3.28 schema compatibility and fallback observability (#57953 ) * fix(tts): restore legacy config compatibility and fallback observability * fix(tts): surface fallback attempts in status and telephony * test(tts): cover /tts audio to /tts status fallback flow * docs(tts): align migration and fallback observability guidance * TTS: redact fallback logs and scope legacy plugin migration * Infra: dedupe UV_EXTRA_INDEX_URL in host env policy * Docs: scope doctor TTS migration to voice-call * voice-call: restore strict known TTS provider validation	2026-03-30 22:05:03 -05:00
Vincent Koc	5d8ca42c7d	fix(ci): regenerate mac host env policy	2026-03-31 10:12:20 +09:00
Vincent Koc	7ae1bb0c77	fix(host-env): block Python package index redirection env vars (#58011 ) * fix(host-env): block Python package index redirection vars * docs(changelog): note Python index override block * Update src/infra/host-env-security-policy.json Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com> * fix(exec): block remaining uv index override env vars --------- Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>	2026-03-31 09:53:32 +09:00
Jacob Tomlinson	e277a37f89	Infra: block compiler env overrides (#57832 )	2026-03-30 20:06:32 +01:00
pgondhi987	bc3b05dce4	fix(infra): block BROWSER, GIT_EDITOR, GIT_SEQUENCE_EDITOR from inherited host env (#57559 )	2026-03-30 12:31:04 +01:00
Tak Hoffman	4430805719	Allow inherited AWS config file paths	2026-03-27 15:16:19 -05:00
Jacob Tomlinson	6eb82fba3c	Infra: block additional host exec env keys (#55977 )	2026-03-27 18:50:37 +00:00
Josh Avant	7abfff756d	Exec: harden host env override handling across gateway and node (#51207 ) * Exec: harden host env override enforcement and fail closed * Node host: enforce env override diagnostics before shell filtering * Env overrides: align Windows key handling and mac node rejection	2026-03-20 15:44:15 -05:00
Andrew Demczuk	089a43f5e8	fix(security): block build-tool and glibc env injection vectors in host exec sandbox (#49702 ) Add GLIBC_TUNABLES, MAVEN_OPTS, SBT_OPTS, GRADLE_OPTS, ANT_OPTS, DOTNET_ADDITIONAL_DEPS to blockedKeys and GRADLE_USER_HOME to blockedOverrideKeys in the host exec security policy. Closes #22681	2026-03-18 13:11:01 +01:00
Andrew Demczuk	f84a41dcb8	fix(security): block JVM, Python, and .NET env injection vectors in host exec sandbox (#49025 ) Add JAVA_TOOL_OPTIONS, _JAVA_OPTIONS, JDK_JAVA_OPTIONS, PYTHONBREAKPOINT, and DOTNET_STARTUP_HOOKS to blockedKeys in the host exec security policy. Closes #22681	2026-03-17 15:37:55 +01:00
Vincent Koc	1dcef7b644	Infra: block GIT_EXEC_PATH in host env sanitizer (#43685 ) * Infra: block GIT_EXEC_PATH in host env sanitizer * Changelog: note host env hardening	2026-03-12 01:16:03 -04:00
Peter Steinberger	eba9dcc67a	Refactor release hardening follow-ups (#39959 ) * build: fail fast on stale host-env swift policy * build: sync generated host env swift policy * build: guard bundled extension root dependency gaps * refactor: centralize provider capability quirks * test: table-drive provider regression coverage * fix: block merge when prep branch has unpushed commits * refactor: simplify models config merge preservation	2026-03-08 14:49:58 +00:00
Peter Steinberger	53fb317e7f	fix(macos): clean swiftformat pass and sendable warning	2026-03-08 13:22:46 +00:00
Peter Steinberger	e27bbe4982	fix(exec): block dangerous override-only env pivots	2026-03-07 19:18:05 +00:00
Peter Steinberger	46b62c53f0	fix(ci): restore scope-test require import and sync host policy	2026-03-03 03:18:45 +00:00
Peter Steinberger	80efcb75c7	style(swift): apply lint and format cleanup	2026-03-03 03:07:55 +00:00
Peter Steinberger	1c0d36eed0	fix(ci): resolve i18n typing and generated-policy drift	2026-03-02 04:29:18 +00:00
Peter Steinberger	7b3f506e64	style(swift): apply swiftformat and swiftlint fixes	2026-03-02 04:15:43 +00:00
Frank Yang	ed86252aa5	fix: handle CLI session expired errors gracefully instead of crashing gateway (#31090 ) * fix: handle CLI session expired errors gracefully - Add session_expired to FailoverReason type - Add isCliSessionExpiredErrorMessage to detect expired CLI sessions - Modify runCliAgent to retry with new session when session expires - Update agentCommand to clear expired session IDs from session store - Add proper error handling to prevent gateway crashes on expired sessions Fixes #30986 * fix: add session_expired to AuthProfileFailureReason and missing log import * fix: type cli-runner usage field to match EmbeddedPiAgentMeta * fix: harden CLI session-expiry recovery handling * build: regenerate host env security policy swift --------- Co-authored-by: Peter Steinberger <steipete@gmail.com>	2026-03-02 01:11:05 +00:00
Vincent Koc	ac3e1e769b	chore(format): swiftformat host env and exec approvals (#31115 )	2026-03-01 17:00:17 -08:00
Peter Steinberger	5b62d5603d	fix: unblock CI minimatch audit and host policy check	2026-02-26 22:48:09 +00:00
Peter Steinberger	c35368c6dd	fix(ios): eliminate Swift warnings and clean build logs	2026-02-26 22:42:23 +00:00
Peter Steinberger	10481097f8	refactor(security): enforce v1 node exec approval binding	2026-02-26 18:09:01 +01:00
Peter Steinberger	4894d907fa	refactor(exec-approvals): unify system.run binding and generate host env policy	2026-02-26 16:58:01 +01:00

37 Commits