vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-06-25 19:39:32 +00:00
Code Issues Packages Projects Releases Wiki Activity
58,802 Commits 1,843 Branches 149 Tags
965fa05df38bb03e4e3bcf7d8e0cb1ccaba46778
Commit Graph

305 Commits

Author SHA1 Message Date
clawsweeper[bot]
2bec2caf0c fix(channel): harden local setup trust (#92175) 
Summary:
- The PR extends channel setup trust enforcement and trusted catalog fallback from workspace-origin plugins to ... nfigured load paths into catalog discovery, and adds focused regression plus Docker/package proof coverage.
- PR surface: Source +190, Tests +892, Other +324. Total +1406 across 13 files.
- Reproducibility: yes. The source PR provides a concrete clean-main Docker/package path where an explicitly t ... ns unresolved, while the patched package resolves it and still blocks untrusted module and setup execution.

Automerge notes:
- PR branch already contained follow-up commit before automerge: fix(channel): stabilize trusted catalog dts typing
- PR branch already contained follow-up commit before automerge: fix(channel): repair trusted catalog exclusions typing
- PR branch already contained follow-up commit before automerge: test(channel): cover local channel plugin trust
- PR branch already contained follow-up commit before automerge: chore(deps): refresh plugin shrinkwraps
- PR branch already contained follow-up commit before automerge: test(channel): route trust regression in command shard
- PR branch already contained follow-up commit before automerge: test(channel): remove e2e-named trust regression

Validation:
- ClawSweeper review passed for head eabee04d54.
- Required merge gates passed before the squash merge.

Prepared head SHA: eabee04d54
Review: https://github.com/openclaw/openclaw/pull/92175#issuecomment-4680798117

Co-authored-by: Mason Huang <masonxhuang@tencent.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: clawsweeper <274271284+clawsweeper[bot]@users.noreply.github.com>
Co-authored-by: clawsweeper[bot] <274271284+clawsweeper[bot]@users.noreply.github.com>
Approved-by: hxy91819
Co-authored-by: hxy91819 <8814856+hxy91819@users.noreply.github.com>
 2026-06-11 13:48:41 +00:00
brokemac79
de4b8d8ebf feat(plugins): allow installed trusted policy contracts 
Allow explicitly enabled installed plugins to register declared trusted tool policies and agent tool result middleware, with trusted policy ids scoped by plugin owner.\n\nVerification covered targeted plugin/agent tests, typecheck, build, lint, local autoreview, and a Blacksmith Testbox runtime proof (tbx_01ktr1nq0rhq47fjkwrepm7fd3).
 2026-06-10 16:18:23 +10:00
Peter Steinberger
f875b519e5 docs: document plugin host contracts 2026-06-04 04:51:24 -04:00
Mason Huang
004835f4c7 fix(plugins): block untrusted workspace setup-only channel loads (#86953) 
Summary:
- This PR blocks disabled workspace-origin channel plugins from setup-only scoped imports, rejects their channel registrations at registry assembly, documents the trust rule, and adds regression coverage.
- PR surface: Source +46, Tests +610, Docs +13. Total +669 across 22 files.
- Reproducibility: yes. source inspection gives a high-confidence reproduction path: current main's setup-only ... ce channel plugin can be imported before this PR. I did not run the repro locally in this read-only review.

Automerge notes:
- PR branch already contained follow-up commit before automerge: test(plugins): cover workspace channel registry guard
- PR branch already contained follow-up commit before automerge: fix(plugins): isolate setup channel registration errors
- PR branch already contained follow-up commit before automerge: fix(channels): mark raw catalog listing internal
- PR branch already contained follow-up commit before automerge: test(channels): cover trusted catalog filtering
- PR branch already contained follow-up commit before automerge: test(channels): mock raw catalog helper
- PR branch already contained follow-up commit before automerge: docs(changelog): credit setup channel hardening

Validation:
- ClawSweeper review passed for head 11438bc1a0.
- Required merge gates passed before the squash merge.

Prepared head SHA: 11438bc1a0
Review: https://github.com/openclaw/openclaw/pull/86953#issuecomment-4545730044

Co-authored-by: masonxhuang <masonxhuang@tencent.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Mason Huang <masonxhuang@tencent.com>
Co-authored-by: Sebastien Tardif <sebtardif@ncf.ca>
Co-authored-by: clawsweeper <274271284+clawsweeper[bot]@users.noreply.github.com>
Co-authored-by: clawsweeper[bot] <274271284+clawsweeper[bot]@users.noreply.github.com>
Approved-by: hxy91819
Co-authored-by: hxy91819 <8814856+hxy91819@users.noreply.github.com>
 2026-06-01 09:25:56 +00:00
Shakker
ae800e160d fix: prefer source plugins in dev runs 2026-05-31 01:47:11 +01:00
Peter Steinberger
3fc0df953c refactor(agents): bind subagent threads in core (#88416) 
Move subagent thread binding ownership into core so session-mode spawns prepare channel bindings before launching the child agent. Deprecate the legacy subagent_spawning SDK hook in code, compatibility metadata, diagnostics, and plugin docs; plugin authors should observe subagent_spawned instead.

Verification:
- node scripts/run-vitest.mjs src/agents/sessions-spawn-hooks.test.ts src/agents/subagent-spawn.thread-binding.test.ts src/agents/subagent-spawn.workspace.test.ts src/agents/subagent-spawn.mode-session-diagnostics.test.ts
- node scripts/run-tsgo.mjs -p tsconfig.core.json --incremental --tsBuildInfoFile .artifacts/tsgo-cache/core.tsbuildinfo
- git diff --check
- .agents/skills/autoreview/scripts/autoreview --mode local
- CI run 26693808952 green, including checks-node-agentic-agents-core and checks-node-agentic-plugin-sdk
 2026-05-30 21:19:09 +01:00
Marvinthebored
6b41a0692f fix(plugins): preserve single-pass plugin env config 
Resolve raw plugin config environment references before plugin discovery and validation, while preserving the existing single-pass behavior for configs already loaded through config IO.

The loader now resolves raw config opt-ins with config.env vars included, bypasses active/cache reuse for that mode, and redacts plugin entry config from raw-mode cache keys so resolved secrets do not enter registry keys or reentry errors.

Verification:
- OPENCLAW_VITEST_MAX_WORKERS=1 node scripts/run-vitest.mjs src/plugins/loader.test.ts src/plugins/loader.runtime-registry.test.ts
- autoreview --mode branch --base origin/main
- pnpm check:changed on Blacksmith Testbox tbx_01ksw36bp7zygwxgq3jcsvjv3b / GitHub Actions run 26680322889
- PR CI green on facb77634e

Co-authored-by: Peter Lindsey <peter@lindsey.jp>
 2026-05-30 11:39:15 +02:00
Peter Steinberger
1517fe2c32 perf: prefer package-local bundled plugin artifacts 2026-05-29 22:57:40 +01:00
Peter Steinberger
57a3dbe736 perf: avoid jiti for built plugin startup paths 2026-05-29 10:17:43 +01:00
Peter Steinberger
8ed9330a30 perf: defer Slack full startup (#87760) 2026-05-28 20:37:09 +01:00
Peter Steinberger
fe91ada730 fix: reflect lazy plugin runtime surfaces 2026-05-27 18:35:04 +01:00
Bob
4d89e00c50 feat(embeddings): add OpenAI-compatible core provider (#85269) 
Merged via squash.

Prepared head SHA: dc9a5d5397
Co-authored-by: dutifulbob <261991368+dutifulbob@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
 2026-05-27 14:37:17 +02:00
Peter Steinberger
b972ac1940 fix(release): keep private QA markers out of bundled alias code 2026-05-24 06:03:21 +01:00
Gio Della-Libera
e6d5b7db96 fix(plugins): return plugin gateway method results (#85785) 2026-05-23 20:41:52 -07:00
Kaspre
fd2a9adbe6 fix(ollama): bypass managed proxy for loopback embeddings (#85707) 
* fix(ollama): bypass proxy for local embeddings

* fix(ollama): keep managed proxy bypass loopback-only

* fix(ollama): keep proxy bypass internal

* fix(ollama): keep proxy bypass private

* fix(ollama): harden internal proxy bypass

* chore(plugin-sdk): refresh api baseline

* fix(ollama): keep internal bypass out of qa aliases

* test(ollama): keep ssrf runtime mock complete

* fix(ollama): keep dist sdk aliases public-only

* fix(ollama): keep fetch bypass out of infra runtime

* fix(ollama): preserve packaged private sdk alias

* test(ollama): harden private ssrf alias coverage

* test(ollama): cover private ssrf resolver edges

* fix(ollama): scope private sdk native aliases

* test(ollama): audit blocked loopback bypasses

* fix(plugins): keep staged sdk aliases public-only

* test(ollama): harden proxy bypass proof

* test(ollama): cover origin mismatch proxy path

* test(ollama): cover ipv6 and batch bypass paths

* fix lint findings in Ollama proxy tests

* refactor: tighten Ollama proxy bypass

* fix: widen private sdk owner registry type

* test: stabilize Ollama proxy PR checks

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
 2026-05-23 21:17:55 +01:00
Bob
ae4806ed9a feat(plugins): add embedding provider contract (#84947) 
Summary:
- Merged feat(plugins): add embedding provider contract after ClawSweeper review.

Automerge notes:
- PR branch already contained follow-up commit before automerge: chore(plugins): refresh embedding provider sdk baseline
- PR branch already contained follow-up commit before automerge: docs(plugins): document embedding provider contract
- PR branch already contained follow-up commit before automerge: fix(plugins): restore embedding providers after snapshot loads
- PR branch already contained follow-up commit before automerge: fix(plugins): resolve embedding providers from manifests
- PR branch already contained follow-up commit before automerge: fix(plugin-sdk): keep embedding provider registry mutators internal
- PR branch already contained follow-up commit before automerge: chore(plugin-sdk): refresh embedding provider API baseline

Validation:
- ClawSweeper review passed for head 41ebd66ab4.
- Required merge gates passed before the squash merge.

Prepared head SHA: 41ebd66ab4
Review: https://github.com/openclaw/openclaw/pull/84947#issuecomment-4514762026

Co-authored-by: Bob <dutifulbob@gmail.com>
Co-authored-by: Mariano Belinky <mbelinky@gmail.com>
Co-authored-by: clawsweeper[bot] <274271284+clawsweeper[bot]@users.noreply.github.com>
Approved-by: osolmaz
Co-authored-by: osolmaz <2453968+osolmaz@users.noreply.github.com>
 2026-05-22 03:36:51 +00:00
Peter Steinberger
4f4d108639 chore(lint): remove underscore-dangle allow list (#83542) 
* chore(lint): reduce underscore-dangle exceptions

* chore(lint): reduce more underscore exceptions

* chore(lint): remove underscore-dangle allow list

* fix(lint): repair underscore cleanup regressions

* test(lint): track version define suppression
 2026-05-18 14:56:06 +01:00
Vincent Koc
a85cd65775 fix(plugins): deprecate deactivate hook alias 2026-05-16 18:36:27 +08:00
Vincent Koc
33be0fbea7 fix(plugins): accept deactivate hook alias 2026-05-16 17:47:14 +08:00
Peter Steinberger
373f709130 fix(gateway): preserve core method collision guards 2026-05-15 12:25:31 +01:00
Peter Steinberger
db3c4ba8d3 refactor(gateway): collapse method metadata shims 2026-05-15 12:25:31 +01:00
Peter Steinberger
622728757f refactor(gateway): add method descriptor registry 2026-05-15 12:25:31 +01:00
samzong
1d121c1f08 chore(gateway): add startup trace attribution (#81738) 
Adds owner-level startup trace attribution for gateway auth, plugin loading, lookup counts, and plugin sidecar services.

Verification:
- node scripts/run-vitest.mjs src/plugins/startup-trace-segment.test.ts src/plugins/services.test.ts src/plugins/loader.test.ts src/gateway/server-startup-config.secrets.test.ts
- pnpm build
- pnpm check

CI override:
- Red checks are unrelated baseline noise. The failed CI shard is src/cli/plugins-install-persist.test.ts, which fails on origin/main 336ba2a2b3 with the same missing resolveIsNixMode mock export. PR #81738 touches gateway/plugin startup trace files and CHANGELOG.md, not the failing CLI plugin install test.

Thanks @samzong.

Co-authored-by: samzong <13782141+samzong@users.noreply.github.com>
 2026-05-14 16:50:08 +08:00
Vincent Koc
25eef1203a fix(plugins): prefer installed memory tool owners 2026-05-14 14:35:45 +08:00
Shakker
c80152eadd test: canonicalise plugin discovery paths 2026-05-12 21:52:03 +01:00
Peter Steinberger
93dd5e61ba test: guard multiline helper assertions 2026-05-11 20:49:23 +01:00
Peter Steinberger
0e82b77857 test: guard plugin loader diagnostics 2026-05-11 20:08:19 +01:00
Chinar Amrutkar
f2c15f94ae fix(channels): narrow bundled channel loader diagnostics 
Narrow bundled channel wrong-loader diagnostics, preserve ordinary missing-register debug details, and add focused loader coverage.

Verification:
- pnpm test src/plugins/loader.test.ts src/plugins/loader.cli-metadata.test.ts -- --reporter=verbose
- env -u OPENCLAW_TESTBOX -u OPENCLAW_TESTBOX_REMOTE_RUN pnpm check:changed

CI notes:
- Real behavior proof passed with maintainer proof: override label.
- check-additional-boundaries-d is red from existing extension test imports outside this PR: extensions/telegram/src/bot.create-telegram-bot.test.ts and extensions/whatsapp/src/login.coverage.test.ts.

Co-authored-by: Chinar Amrutkar <chinar.amrutkar@gmail.com>
 2026-05-11 16:58:06 +01:00
Eva
50ee68cdf4 feat(plugin-sdk): consolidate session workflow APIs 2026-05-11 03:24:08 +01:00
Peter Steinberger
827b0de0ce refactor: reduce plugin sdk surface 2026-05-10 12:37:10 +01:00
Peter Steinberger
04a414de20 test: clear plugin loader broad matchers 2026-05-10 08:40:19 +01:00
Shakker
df4aaaecfa test: tighten plugin loader empty array assertions 2026-05-09 05:19:02 +01:00
Shakker
fa83925fab test: tighten plugin empty state assertions 2026-05-09 04:10:32 +01:00
Peter Steinberger
594abbd44b test: tighten plugin loader transform assertions 2026-05-09 04:07:17 +01:00
Peter Steinberger
5bec7022c7 test: tighten plugin loader hook assertion 2026-05-09 04:05:24 +01:00
Peter Steinberger
3c131c8474 test: simplify loader duplicate counts 2026-05-08 23:15:30 +01:00
Peter Steinberger
edfc5294cb test: avoid line count filter allocations 2026-05-08 22:13:46 +01:00
Peter Steinberger
66232280b7 test: avoid loader count filter allocations 2026-05-08 22:00:29 +01:00
Peter Steinberger
172158bfcb test: require plugin test handles 2026-05-08 17:06:54 +01:00
Peter Steinberger
b38c78fe63 test: clarify plugin loader channel assertions 2026-05-08 11:19:17 +01:00
Shakker
e978ec6ff7 test: assert plugin loader diagnostics 2026-05-08 10:39:20 +01:00
Peter Steinberger
9ef37d1907 test: tighten assertions and harness coverage 2026-05-08 05:28:12 +01:00
Peter Steinberger
1dd9a15eb8 fix: preserve deferred channel setup contracts 2026-05-07 09:07:18 +01:00
Peter Steinberger
330ba1fa31 refactor: move canvas to plugin surfaces 2026-05-07 09:07:18 +01:00
Chunyue Wang
42a32298f9 fix(plugins): forward setChannelRuntime from non-bundled external setup entries (#77799) 
Merged via squash.

Prepared head SHA: 7b7676be0d
Co-authored-by: openperf <80630709+openperf@users.noreply.github.com>
Co-authored-by: openperf <80630709+openperf@users.noreply.github.com>
Reviewed-by: @openperf
 2026-05-07 10:33:17 +08:00
Jesse Merhi
1c42c77433 feat: add user input blocking lifecycle gates (#75035) 
Summary:
- The PR adds a `before_agent_run` plugin hook with pass/block decisions, redacted blocked-turn persistence, diagnostics/docs/changelog updates, and focused runner, gateway, session, and plugin tests.
- Reproducibility: not applicable. as a feature PR rather than a current-main bug report. Current main lacks ` ... un`, while the PR head adds source coverage and copied live Gateway/WebChat log proof for the new behavior.

Automerge notes:
- PR branch already contained follow-up commit before automerge: fix: trim before agent hook PR scope
- PR branch already contained follow-up commit before automerge: fix: keep before-agent blocks redacted
- PR branch already contained follow-up commit before automerge: fix: keep runtime context out of model prompt
- PR branch already contained follow-up commit before automerge: docs: refresh config baseline after rebase
- PR branch already contained follow-up commit before automerge: fix: align blocked turn clients with redacted content
- PR branch already contained follow-up commit before automerge: fix: remove out-of-scope client block UI changes

Validation:
- ClawSweeper review passed for head 767e46fde8.
- Required merge gates passed before the squash merge.

Prepared head SHA: 767e46fde8
Review: https://github.com/openclaw/openclaw/pull/75035#issuecomment-4351843275

Co-authored-by: Jesse Merhi <jessejmerhi@gmail.com>
Co-authored-by: jesse-merhi <79823012+jesse-merhi@users.noreply.github.com>
Co-authored-by: clawsweeper <274271284+clawsweeper[bot]@users.noreply.github.com>
 2026-05-06 11:41:04 +00:00
Peter Steinberger
900e416688 test: avoid deepseek loader cold path 2026-05-06 08:17:44 +01:00
Peter Steinberger
e3b0707a53 fix: preserve source plugin loading fallbacks 2026-05-06 01:46:42 +01:00
Vincent Koc
baecb6b4d6 fix(plugin): preserve sdk alias fallback for native loads 2026-05-04 01:40:58 -07:00
Vincent Koc
1d34564de9 fix(plugins): expose hook timeout overrides 2026-05-03 12:21:59 -07:00