vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-16 05:10:43 +00:00
Code Issues Packages Projects Releases Wiki Activity
40,417 Commits 1,843 Branches 149 Tags
95cee64ca6e8b2fb530b3c5f23fbfbf96ce4c1b4
Commit Graph

28 Commits

Author SHA1 Message Date
Vincent Koc
04cd861732 fix(shared): redact repeated URL userinfo 2026-05-01 16:13:42 -07:00
Jeff
9b6670d5c9 fix(ssrf): allow IPv6 fake-ip SSRF opt-in 
Allow trusted fake-IP proxy stacks to opt into IPv6 unique-local SSRF resolution without opening broader private-network access.
 2026-04-29 20:31:17 +01:00
Vincent Koc
8b71d2347f docs(types): mark remaining deprecated aliases 2026-04-29 00:04:17 -07:00
Gustavo Madeira Santana
28818f9140 Improve gateway diagnostics export for support reports (#70324) 
Merged via squash.

Prepared head SHA: 3d6ee85993
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-04-22 20:47:14 -04:00
Gustavo Madeira Santana
24db09a19b fix(cli): keep channel status checks off plugin runtimes (#69479) 
Merged via squash.

Prepared head SHA: 63f6e416a9
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-04-21 13:53:08 -04:00
Ziy
4b5987829d fix: redact credentials in browser.cdpUrl config paths (#67679) 
Merged via squash.

Prepared head SHA: 77bc2c50ce
Co-authored-by: Ziy1-Tan <49604965+Ziy1-Tan@users.noreply.github.com>
Co-authored-by: hxy91819 <8814856+hxy91819@users.noreply.github.com>
Reviewed-by: @hxy91819
 2026-04-18 14:22:58 +08:00
Peter Steinberger
182d41d678 refactor: dedupe command config lowercase helpers 2026-04-07 20:57:03 +01:00
Peter Steinberger
cd313c7f67 refactor: dedupe shared helper readers 2026-04-07 06:42:34 +01:00
Vincent Koc
23719dd513 feat(media): add request transport overrides (#59848) 
* style(providers): normalize request policy formatting

* style(providers): normalize request policy formatting

* feat(media): add request transport overrides

* fix(secrets): resolve media request secret refs

* fix(secrets): cover shared media request refs

* fix(secrets): scope media request ref activity

* fix(media): align request ref gating
 2026-04-03 17:35:26 +09:00
Peter Steinberger
e45cc3890b refactor: unify sensitive URL config hints 2026-03-29 22:21:29 +01:00
Peter Steinberger
bfb0907777 fix: harden MCP SSE config redaction (#50396) (thanks @dhananjai1729) 2026-03-30 04:23:47 +09:00
Jacob Tomlinson
d61f8e5672 Net: block missing IPv6 special-use ranges (#56008) 
* Net: block missing IPv6 special-use ranges

* Tests: refresh public IPv6 pinning fixtures
 2026-03-27 20:28:25 +00:00
Vincent Koc
f0202264d0 Gateway: scrub credentials from endpoint snapshots (#46799) 
* Gateway: scrub credentials from endpoint snapshots

* Gateway: scrub raw endpoint credentials in snapshots

* Gateway: preserve config redaction round-trips

* Gateway: restore redacted endpoint URLs on apply
 2026-03-15 10:28:15 -07:00
Peter Steinberger
854df8352c refactor: share net and slack input helpers 2026-03-13 23:35:26 +00:00
Val Alexander
158d970e2b [codex] Polish sidebar status, agent skills, and chat rendering (#45451) 
* style: update chat layout and spacing for improved UI consistency

- Adjusted margin and padding for .chat-thread and .content--chat to enhance layout.
- Consolidated CSS selectors for better readability and maintainability.
- Introduced new test for log parsing functionality to ensure accurate message extraction.

* UI: polish agent skills, chat images, and sidebar status

* test: stabilize vitest helper export types

* UI: address review feedback on agents refresh and chat styles

* test: update outbound gateway client fixture values

* test: narrow shared ip fixtures to IPv4
 2026-03-13 16:53:40 -05:00
Peter Steinberger
daca6c9df2 test: tighten small shared helper coverage 2026-03-13 21:48:40 +00:00
Peter Steinberger
2d7a061161 test: tighten shared ip parsing coverage 2026-03-13 21:45:30 +00:00
Peter Steinberger
4fd8b98b10 test: tighten shared message and ipv4 coverage 2026-03-13 21:37:48 +00:00
Peter Steinberger
5a9d3abc10 test: tighten shared ip helper coverage 2026-03-13 21:27:15 +00:00
Peter Steinberger
7fe5cd26b5 test: add entry status and ipv4 helper coverage 2026-03-13 20:29:40 +00:00
Peter Steinberger
61b3246a7f fix(ssrf): unify ipv6 special-use blocking 2026-02-26 03:43:42 +01:00
Peter Steinberger
baf656bc6f fix: block IPv6 multicast SSRF bypass 2026-02-26 03:35:10 +01:00
Peter Steinberger
3af9d1f8e9 fix: scope Telegram RFC2544 SSRF exception to policy opt-in (#24982) (thanks @stakeswky) 2026-02-24 03:28:00 +00:00
User
9df80b73e2 fix: allow RFC2544 benchmark range (198.18.0.0/15) through SSRF filter 
Telegram's API and file servers resolve to IPs in the 198.18.0.0/15
range (RFC 2544 benchmarking range). The SSRF filter was blocking these
addresses because ipaddr.js classifies them as 'reserved', and the
filter also had an explicit RFC2544_BENCHMARK_PREFIX check that blocked
them unconditionally.

Fix: exempt 198.18.0.0/15 from the 'reserved' range block in
isBlockedSpecialUseIpv4Address(). Other 'reserved' ranges (TEST-NET-2,
TEST-NET-3, documentation prefixes) remain blocked. The explicit
RFC2544_BENCHMARK_PREFIX check is repurposed as the exemption guard.

Closes #24973
 2026-02-24 03:28:00 +00:00
Peter Steinberger
98427453ba fix(network): normalize SSRF IP parsing and monitor typing 2026-02-22 18:55:34 +01:00
Peter Steinberger
333fbb8634 refactor(net): consolidate IP checks with ipaddr.js 2026-02-22 17:02:44 +01:00
Peter Steinberger
26c9b37f5b fix(security): enforce strict IPv4 SSRF literal handling 2026-02-19 15:24:47 +01:00
Peter Steinberger
4950fcfb33 refactor(gateway): share IPv4 input validator 2026-02-15 06:37:41 +00:00