vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-03-16 20:40:45 +00:00
Code Issues Packages Projects Releases Wiki Activity
18,188 Commits 762 Branches 80 Tags
93114f8918f6ccdbcea2c0aa6bf485284ecbb8ce
Commit Graph

11602 Commits

Author SHA1 Message Date
Gustavo Madeira Santana
df6b6762c0 Matrix: fix verification client lifecycle and quiet CLI noise 2026-03-12 16:47:10 +00:00
Gustavo Madeira Santana
21f1e903a4 Plugins: scope SDK imports and harden Matrix routing 2026-03-12 16:47:09 +00:00
Gustavo Madeira Santana
e80483ff00 poll and profile fixes 2026-03-12 16:47:09 +00:00
Gustavo Madeira Santana
50568f29d5 Matrix: tighten verification trust and expose profile updates 2026-03-12 16:47:09 +00:00
Gustavo Madeira Santana
9101916e53 Matrix: improve migration startup warnings 2026-03-12 16:47:09 +00:00
Gustavo Madeira Santana
0fdc404a2b Matrix: keep default account device fields scoped 2026-03-12 16:47:08 +00:00
Gustavo Madeira Santana
8e962668ce Matrix: replace legacy plugin with new implementation 2026-03-12 16:47:08 +00:00
Gustavo Madeira Santana
887e2aca79 matrix-js: require explicit thread-bound spawn config 2026-03-12 16:47:07 +00:00
Gustavo Madeira Santana
94f3b1b57d matrix-js: add account-aware bindings and ACP routing 2026-03-12 16:47:07 +00:00
Gustavo Madeira Santana
d4e3a98613 matrix-js: add startup verification policy 2026-03-12 16:47:07 +00:00
Gustavo Madeira Santana
3eb6c4c8ec matrix-js: improve thread context and auto-threading 2026-03-12 16:47:06 +00:00
Gustavo Madeira Santana
a670c21ab4 matrix-js: harden reaction handling 2026-03-12 16:47:06 +00:00
Gustavo Madeira Santana
00019c73e4 move matrix-js helpers to be locally scoped 2026-03-12 16:47:06 +00:00
Gustavo Madeira Santana
e07b6072b5 make matrix-js atomic and add poll voting support 2026-03-12 16:47:06 +00:00
Gustavo Madeira Santana
082a1aedd5 Tests: restore matrix-js bind integration coverage 2026-03-12 16:47:05 +00:00
Gustavo Madeira Santana
5fddbc1d9b Matrix-js: sync with main plugin-loading standards 2026-03-12 16:47:05 +00:00
Peter Steinberger
9f08af1f06 fix(ci): harden docker builds and unblock config docs 2026-03-12 16:45:29 +00:00
Gustavo Madeira Santana
46f0bfc55b Gateway: harden custom session-store discovery (#44176) 
Merged via squash.

Prepared head SHA: 52ebbf5188
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-03-12 16:44:46 +00:00
Nimrod Gutman
b77b7485e0 feat(push): add iOS APNs relay gateway (#43369) 
* feat(push): add ios apns relay gateway

* fix(shared): avoid oslog string concatenation

# Conflicts:
#	apps/shared/OpenClawKit/Sources/OpenClawKit/GatewayChannel.swift

* fix(push): harden relay validation and invalidation

* fix(push): persist app attest state before relay registration

* fix(push): harden relay invalidation and url handling

* feat(push): use scoped relay send grants

* feat(push): configure ios relay through gateway config

* feat(push): bind relay registration to gateway identity

* fix(push): tighten ios relay trust flow

* fix(push): bound APNs registration fields (#43369) (thanks @ngutman)
 2026-03-12 18:15:35 +02:00
2233admin
9342739d71 fix(providers): respect user-configured baseUrl for kimi-coding (#36647) 
* fix(providers): respect user-configured baseUrl for kimi-coding

The kimi-coding provider was built exclusively from
`buildKimiCodingProvider()` defaults, ignoring any user-specified
`baseUrl` or other overrides in `openclaw.json` providers config.
This caused 404 errors when users configured a custom endpoint.

Now merge `explicitProviders["kimi-coding"]` on top of defaults,
matching the pattern used by ollama/vllm. User's `baseUrl`, `api`,
and `models` take precedence; env/profile API key still wins.

Fixes #36353

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* Tests: use Kimi implicit provider harness

---------

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
 2026-03-12 12:14:07 -04:00
Vincent Koc
3e28e10c2f Plugins: require explicit trust for workspace-discovered plugins (#44174) 
* Plugins: disable implicit workspace plugin auto-load

* Tests: cover workspace plugin trust gating

* Changelog: note workspace plugin trust hardening

* Plugins: keep workspace trust gate ahead of memory slot defaults

* Tests: cover workspace memory-slot trust bypass
 2026-03-12 12:12:41 -04:00
chengzhichao-xydt
0a8fa0e001 Moonshot: respect explicit baseUrl for CN endpoint so platform.moonshot.cn keys authenticate (#33637) (#33696) 
* Moonshot: respect explicit baseUrl for CN endpoint so platform.moonshot.cn keys authenticate (#33637)

* Moonshot: address review - remove dead constant, import canonical URLs (#33696)
 2026-03-12 12:10:38 -04:00
Jacob Riff
3fa91cd69d feat: add sessions_yield tool for cooperative turn-ending (#36537) 
Merged via squash.

Prepared head SHA: 75d9204c86
Co-authored-by: jriff <50276+jriff@users.noreply.github.com>
Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com>
Reviewed-by: @jalehman
 2026-03-12 08:46:47 -07:00
Gustavo Madeira Santana
e6897c800b Plugins: fix env-aware root resolution and caching (#44046) 
Merged via squash.

Prepared head SHA: 6e8852a188
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-03-12 15:31:31 +00:00
Rodrigo Uroz
688e3f0863 Compaction Runner: emit transcript updates post-compact (#25558) 
Merged via squash.

Prepared head SHA: 8a858436ed
Co-authored-by: rodrigouroz <384037+rodrigouroz@users.noreply.github.com>
Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com>
Reviewed-by: @jalehman
 2026-03-12 08:22:12 -07:00
Vincent Koc
8ad0ca309e Subagents: stop retrying external completion timeouts (#41235) (#43847) 
* Changelog: add subagent announce timeout note

* Tests: cover subagent completion timeout no-retry

* Subagents: stop retrying external completion timeouts

* Config: update subagent announce timeout default docs

* Tests: use fake timers for subagent timeout retry guard
 2026-03-12 11:03:06 -04:00
Vincent Koc
7844bc89a1 Security: require Feishu webhook encrypt key (#44087) 
* Feishu: require webhook encrypt key in schema

* Feishu: cover encrypt key webhook validation

* Feishu: enforce encrypt key at startup

* Feishu: add webhook forgery regression test

* Feishu: collect encrypt key during onboarding

* Docs: require Feishu webhook encrypt key

* Changelog: note Feishu webhook hardening

* Docs: clarify Feishu encrypt key screenshot

* Feishu: treat webhook encrypt key as secret input

* Feishu: resolve encrypt key only in webhook mode
 2026-03-12 11:01:00 -04:00
Vincent Koc
99170e2408 Hardening: normalize Unicode command obfuscation detection (#44091) 
* Exec: cover unicode obfuscation cases

* Exec: normalize unicode obfuscation detection

* Changelog: note exec detection hardening

* Exec: strip unicode tag character obfuscation

* Exec: harden unicode suppression and length guards

* Exec: require path boundaries for safe URL suppressions
 2026-03-12 10:57:49 -04:00
Vincent Koc
eff0d5a947 Hardening: tighten preauth WebSocket handshake limits (#44089) 
* Gateway: tighten preauth handshake limits

* Changelog: note WebSocket preauth hardening

* Gateway: count preauth frame bytes accurately

* Gateway: cap WebSocket payloads before auth
 2026-03-12 10:55:41 -04:00
Vincent Koc
48cbfdfac0 Hardening: require LINE webhook signatures (#44090) 
* LINE: require webhook signatures in express handler

* LINE: require webhook signatures in node handler

* LINE: update express signature tests

* LINE: update node signature tests

* Changelog: note LINE webhook hardening

* LINE: validate signatures before parsing webhook bodies

* LINE: reject missing signatures before body reads
 2026-03-12 10:50:36 -04:00
Lyle
c965049dc6 fix(mattermost): pass mediaLocalRoots through reply delivery (#44021) 
Merged via squash.

Prepared head SHA: 856f11f129
Co-authored-by: LyleLiu666 <31182860+LyleLiu666@users.noreply.github.com>
Co-authored-by: mukhtharcm <56378562+mukhtharcm@users.noreply.github.com>
Reviewed-by: @mukhtharcm
 2026-03-12 20:13:51 +05:30
Altay
b0f717aa02 build: align Node 22 guidance with 22.16 minimum 2026-03-12 20:07:44 +05:30
Altay
0a8d2b6200 build: raise Node 22 compatibility floor to 22.16 2026-03-12 20:07:44 +05:30
Altay
deada7edd3 build: default to Node 24 and keep Node 22 compat 2026-03-12 20:07:44 +05:30
Vincent Koc
2f037f0930 Agents: adapt pi-ai oauth and payload hooks 2026-03-12 10:19:14 -04:00
0x4C33
f3be1c828c fix(status): resolve context window by provider-qualified key, prefer max on bare-id collision, solve #35976 (#36389) 
Merged via squash.

Prepared head SHA: f8cf752c59
Co-authored-by: haoruilee <60883781+haoruilee@users.noreply.github.com>
Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com>
Reviewed-by: @jalehman
 2026-03-12 07:00:36 -07:00
rabsef-bicrym
ff47876e61 fix: carry observed overflow token counts into compaction (#40357) 
Merged via squash.

Prepared head SHA: b99eed4329
Co-authored-by: rabsef-bicrym <52549148+rabsef-bicrym@users.noreply.github.com>
Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com>
Reviewed-by: @jalehman
 2026-03-12 06:58:42 -07:00
avirweb
f2e28fc30f fix(telegram): allow fallback models in /model validation (#40105) 
Merged via squash.

Prepared head SHA: de07585e03
Co-authored-by: avirweb <257412074+avirweb@users.noreply.github.com>
Co-authored-by: velvet-shark <126378+velvet-shark@users.noreply.github.com>
Reviewed-by: @velvet-shark
 2026-03-12 13:55:51 +01:00
Nimrod Gutman
4f620bebe5 fix(doctor): canonicalize gateway service entrypoint paths (#43882) 
Merged via squash.

Prepared head SHA: 9f530d2a86
Co-authored-by: ngutman <1540134+ngutman@users.noreply.github.com>
Co-authored-by: ngutman <1540134+ngutman@users.noreply.github.com>
Reviewed-by: @ngutman
 2026-03-12 12:39:22 +02:00
Ayaan Zaidi
5acf6cae8e fix: stop main-session UI replies inheriting channel routes 2026-03-12 15:39:34 +05:30
glitch
8ea79b64d0 fix: preserve sandbox write payload stdin (#43876) 
Merged via squash.

Prepared head SHA: a10fd4b21c
Co-authored-by: glitch418x <189487110+glitch418x@users.noreply.github.com>
Co-authored-by: altaywtf <9790196+altaywtf@users.noreply.github.com>
Reviewed-by: @altaywtf
 2026-03-12 12:42:57 +03:00
jnMetaCode
f640326e31 fix(failover): add missing network errno patterns to text-based timeout classifier (#42830) 
Merged via squash.

Prepared head SHA: 91761487e8
Co-authored-by: jnMetaCode <12096460+jnMetaCode@users.noreply.github.com>
Co-authored-by: altaywtf <9790196+altaywtf@users.noreply.github.com>
Reviewed-by: @altaywtf
 2026-03-12 12:34:44 +03:00
Vincent Koc
7c889e7113 Refactor: trim duplicate gateway/onboarding helpers and dead utils (#43871) 
* Gateway: share input provenance schema

* Onboarding: dedupe top-level channel patching

* Utils: remove unused path helpers

* Protocol: refresh generated gateway models
 2026-03-12 05:04:31 -04:00
Vincent Koc
cb7b38105f Merge remote-tracking branch 'origin/vincentkoc-code/fix-terminal-table-width' 
* origin/vincentkoc-code/fix-terminal-table-width:
  Terminal: consume unsupported escape bytes in tables
  Skills: normalize emoji presentation across outputs
  Changelog: note terminal skills table fixes
  Skills: use Terminal-safe emoji in list output
  Terminal: stop shrinking CLI tables by one column
  Terminal: refine table wrapping and width handling
  Update CHANGELOG.md
  Deps: patch file-type and hono
  Tests: cover emoji table alignment
  Terminal: wrap table cells by grapheme width
  Terminal: measure grapheme display width
  Tests: cover grapheme terminal width
  Changelog: add unreleased March 9 entries

# Conflicts:
#	CHANGELOG.md
#	package.json
#	pnpm-lock.yaml
#	src/cli/skills-cli.format.ts
#	src/terminal/table.test.ts
 2026-03-12 04:56:21 -04:00
Xaden Ryan
658bd54ecf feat(llm-task): add thinking override 
Co-authored-by: Xaden Ryan <165437834+xadenryan@users.noreply.github.com>
 2026-03-12 19:21:35 +11:00
Vincent Koc
f37815b323 Gateway: block profile mutations via browser.request (#43800) 
* Gateway: block profile mutations via browser.request

* Changelog: note GHSA-vmhq browser request fix

* Gateway: normalize browser.request profile guard paths
 2026-03-12 04:21:03 -04:00
Vincent Koc
46a332385d Gateway: keep spawned workspace overrides internal (#43801) 
* Gateway: keep spawned workspace overrides internal

* Changelog: note GHSA-2rqg agent boundary fix

* Gateway: persist spawned workspace inheritance in sessions

* Agents: clean failed lineage spawn state

* Tests: cover lineage attachment cleanup

* Tests: cover lineage thread cleanup
 2026-03-12 04:20:00 -04:00
Vincent Koc
97683071b5 Tests: extend exec allowlist glob coverage 2026-03-12 04:01:49 -04:00
Vincent Koc
9aeaa19e9e Agents: clear invalidated Kimi tool arg repair (#43824) 2026-03-12 03:53:06 -04:00
Val Alexander
c5ea6134d0 feat(ui): add chat infrastructure modules (slice 1/3 of dashboard-v2) (#41497) 
* feat(ui): add chat infrastructure modules (slice 1 of dashboard-v2)

New self-contained chat modules extracted from dashboard-v2-structure:

- chat/slash-commands.ts: slash command definitions and completions
- chat/slash-command-executor.ts: execute slash commands via gateway RPC
- chat/slash-command-executor.node.test.ts: test coverage
- chat/speech.ts: speech-to-text (STT) support
- chat/input-history.ts: per-session input history navigation
- chat/pinned-messages.ts: pinned message management
- chat/deleted-messages.ts: deleted message tracking
- chat/export.ts: shared exportChatMarkdown helper
- chat-export.ts: re-export shim for backwards compat

Gateway fix:
- Restore usage/cost stripping in chat.history sanitization
- Add test coverage for sanitization behavior

These modules are additive and tree-shaken — no existing code
imports them yet. They will be wired in subsequent slices.

* Update ui/src/ui/chat/export.ts

Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>

* fix(ui): address review feedback on chat infra slice

- export.ts: handle array content blocks (Claude API format) instead
  of silently exporting empty strings
- slash-command-executor.ts: restrict /kill all to current session's
  subagent subtree instead of all sessions globally
- slash-command-executor.ts: only count truly aborted runs (check
  aborted !== false) in /kill summary

* fix: scope /kill <id> to current session subtree and preserve usage.cost in chat.history

- Restrict /kill <id> matching to only subagents belonging to the current
  session's agent subtree (P1 review feedback)
- Preserve nested usage.cost in chat.history sanitization so cost badges
  remain available (P2 review feedback)

* fix(ui): tighten slash kill scoping

* fix(ui): support legacy slash kill scopes

* fix(ci): repair pr branch checks

* Gateway: harden chat abort and export

* UI: align slash commands with session tree scope

* UI: resolve session aliases for slash command lookups

* Update .gitignore

* Cron: use shared nested lane resolver

---------

Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
 2026-03-12 03:48:58 -04:00