vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-06-08 09:32:54 +00:00
Code Issues Packages Projects Releases Wiki Activity
55,234 Commits 1,843 Branches 149 Tags
9c1adf4e51a9ce41ee2d5ee2fae2be33dd22a33b
Commit Graph

8 Commits

Author SHA1 Message Date
brokemac79
aafed830a5 fix: preflight malformed openshell exec commands 2026-05-25 18:36:55 +01:00
Josh Avant
ba06376c79 fix: harden codex sandbox execution 
Harden the Codex app-server native execution bridge for OpenClaw sandboxed runs. The change keeps core sandbox policy in OpenClaw while exposing the process, filesystem, and HTTP relay behavior Codex needs inside a scoped exec server.

The large exec-server/test files were split into focused modules before landing, and the PR was rebased onto current main with focused tests, Testbox changed checks, CI, and Codex autoreview green.

Co-authored-by: joshavant <830519+joshavant@users.noreply.github.com>
 2026-05-21 23:47:32 +01:00
Peter Steinberger
538605ff44 [codex] Extract filesystem safety primitives (#77918) 
* refactor: extract filesystem safety primitives

* refactor: use fs-safe for file access helpers

* refactor: reuse fs-safe for media reads

* refactor: use fs-safe for image reads

* refactor: reuse fs-safe in qqbot media opener

* refactor: reuse fs-safe for local media checks

* refactor: consume cleaner fs-safe api

* refactor: align fs-safe json option names

* fix: preserve fs-safe migration contracts

* refactor: use fs-safe primitive subpaths

* refactor: use grouped fs-safe subpaths

* refactor: align fs-safe api usage

* refactor: adapt private state store api

* chore: refresh proof gate

* refactor: follow fs-safe json api split

* refactor: follow reduced fs-safe surface

* build: default fs-safe python helper off

* fix: preserve fs-safe plugin sdk aliases

* refactor: consolidate fs-safe usage

* refactor: unify fs-safe store usage

* refactor: trim fs-safe temp workspace usage

* refactor: hide low-level fs-safe primitives

* build: use published fs-safe package

* fix: preserve outbound recovery durability after rebase

* chore: refresh pr checks
 2026-05-06 02:15:17 +01:00
Jacob Tomlinson
cfe1445953 Sandbox: sanitize SSH subprocess env (#57848) 
* Sandbox: sanitize SSH subprocess env

* Sandbox: add sanitize env undefined test
 2026-03-30 20:05:57 +01:00
Peter Steinberger
e774fe1286 refactor: share browser and sandbox helpers 2026-03-26 18:43:57 +00:00
Peter Steinberger
6f6468027a refactor: dedupe test and runtime seams 2026-03-24 23:33:30 +00:00
Gustavo Madeira Santana
8ad8069854 Tests: fix green check typing regressions 2026-03-16 12:54:01 +00:00
Gustavo Madeira Santana
9fc6c1929a Plugin SDK: split setup and sandbox subpaths 2026-03-16 12:06:32 +00:00