vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-29 17:45:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
52,535 Commits 1,843 Branches 149 Tags
a17ac3ec9d5406faab152e991ceea59c8beffbb8
Commit Graph

1217 Commits

Author SHA1 Message Date
Peter Steinberger
8d6a6e9f89 ci: use unauthenticated workflow fetches 2026-05-26 13:28:32 +01:00
Peter Steinberger
df13d3a724 ci: avoid token-backed read checkouts 2026-05-26 13:28:32 +01:00
Vincent Koc
a3bb4fe814 fix(ci): time out website installer docker runs 2026-05-26 13:29:35 +02:00
Vincent Koc
92fb79ee69 fix(ci): fail Testbox changed-check delegation 2026-05-26 13:24:42 +02:00
Vincent Koc
30c4489af4 fix(ci): time out install smoke docker runs 2026-05-26 13:22:20 +02:00
Vincent Koc
94a04e1aa6 ci(release): retry transient GitHub API suspension errors (#86859) 2026-05-26 12:17:38 +01:00
Peter Steinberger
0e733795f4 ci(release): include performance run in validation manifest 2026-05-26 10:03:41 +01:00
Peter Steinberger
a3cd90fb5a ci(release): exclude codex app-server integration from plugin prerelease 2026-05-26 07:36:48 +01:00
Peter Steinberger
a46556a6c2 ci(release): serialize plugin prerelease extension batch 2026-05-26 07:15:56 +01:00
Ayaan Zaidi
4fdf61753a ci(mantis): pass crabbox capacity regions 2026-05-26 09:02:11 +05:30
Peter Steinberger
c410658725 fix(perf): tolerate passing filtered release gates 2026-05-26 02:17:54 +01:00
Vincent Koc
fe3374789f test(installer): cover rocky cli installs 2026-05-26 01:07:39 +02:00
Peter Steinberger
3b0805414e ci: report memory metrics 2026-05-25 22:49:23 +01:00
Peter Steinberger
9f7485e182 test: port release validation stabilizers 2026-05-25 21:50:49 +01:00
Peter Steinberger
5a9673ecd7 test: stabilize release validation test harnesses 2026-05-25 21:35:29 +01:00
Ayaan Zaidi
cf275676f3 fix(mantis): release telegram user leases on startup failure 2026-05-25 23:34:35 +05:30
Peter Steinberger
a39a2c5acb ci: include performance evidence in release validation 2026-05-25 10:09:17 +01:00
Peter Steinberger
fbb6982e6e ci(release): fix plugin prerelease extension batch invocation 2026-05-25 08:47:27 +01:00
Vincent Koc
295339d616 fix(test): fail live gateway false greens 2026-05-24 12:38:23 +02:00
Vincent Koc
bca1ac03fe fix(ci): keep Crabbox pnpm hydration shims writable 2026-05-24 11:31:36 +02:00
Peter Steinberger
2cd93f1c0d fix(docker): seed lockfile snapshot tarballs before prune 2026-05-24 09:18:04 +01:00
Peter Steinberger
7439d78297 fix(release): accept sha-verified publish evidence 2026-05-24 04:17:40 +01:00
Peter Steinberger
ee61f79b90 ci: retry release child workflow dispatch 2026-05-23 19:56:23 +01:00
Peter Steinberger
fcb9c46af0 ci: retry GHCR docker login 2026-05-23 19:28:03 +01:00
Peter Steinberger
d42bc0b684 ci: harden manual checkout auth 2026-05-23 19:11:13 +01:00
Peter Steinberger
02b1c8c902 ci: fix release reachability auth 2026-05-23 18:59:14 +01:00
Peter Steinberger
41f4605020 ci: harden release package validation 2026-05-23 18:48:17 +01:00
Peter Steinberger
3e14f54ffc ci(testbox): expose stable pnpm through corepack 2026-05-23 18:32:04 +01:00
Peter Steinberger
1f2d8f98ba ci(testbox): avoid ready raw runners after hydration failure 2026-05-23 18:30:37 +01:00
Peter Steinberger
391f29baad ci: harden beta release validation flakes 2026-05-23 18:23:39 +01:00
Jason O'Neal
7fffbf60b0 fix: harden package URL downloads (#85578) 
* fix: harden package URL downloads

Guard package acceptance URL downloads with HTTPS-only validation, no embedded credentials, private/special-use DNS and IP rejection, manual redirect checks, bounded timeout/size limits, pinned lookup, and atomic temp-file writes. Add tooling tests for unsafe URLs, redirect validation, size limits, and successful writes.

* fix: cancel redirect response bodies before closing dispatcher

ClawSweeper P2: the redirect branch in openPackageDownloadResponse cleared
the timeout and awaited dispatcher.close() without first cancelling
response.body. Undici's close() is graceful — it waits for in-flight
requests to complete — so a malicious redirect with a slow/never-ending
body could hang the hardened downloader.

Fix: call response.body?.cancel() before dispatcher.close() to abort the
redirect body immediately.

Test: add a regression test that uses a ReadableStream with an indefinite
interval to simulate a hanging body, and asserts cancel() was called.

Refs: clawsweeper review on PR #85512

* test: harden redirect body cancellation race in regression test

Guard the ReadableStream controller.enqueue() call with a cancelled
flag and try/catch to prevent ERR_INVALID_STATE when the interval
fires after cancel() closes the controller.

* fix: cancel final response body before closing dispatcher in downloadUrl

ClawSweeper P2: the HTTP-error and declared-oversize early-exit paths
in downloadUrl threw before consuming or canceling response.body. The
finally block then cleared the timeout and awaited graceful
dispatcher.close() with the body still open, allowing a slow/never-ending
response to hang release tooling.

Fix: add response.body?.cancel() in the finally block before
dispatcher.close().

Tests: add two regressions:
- HTTP 500 with slow body: asserts cancel() called before dispatcher close
- Declared content-length oversize with slow body: same assertion

* fix: add trusted package URL source policy

* fix: keep package URL resolver dependency-free

* test: cover encoded IPv6 package URL bypasses

* docs: sync package acceptance source overview

* docs: restore release doc formatting

* docs: sync package acceptance trusted-url source

* test: cover dotted IPv4 embedded IPv6 package URLs

* fix: parse dotted IPv4 embedded in IPv6 package URLs

* test: isolate anthropic pruning defaults

* test: move anthropic dated model coverage

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
 2026-05-23 17:28:29 +01:00
Peter Steinberger
35969ff440 ci: retry npm Telegram release dispatch 2026-05-23 17:19:00 +01:00
Peter Steinberger
6191750deb ci: avoid duplicate release-check auth headers 2026-05-23 16:55:03 +01:00
Peter Steinberger
0c192e2915 ci: authenticate release-check reachability fetches 2026-05-23 16:45:13 +01:00
Peter Steinberger
d9f73cfe33 ci: persist checkout credentials for release validation 2026-05-23 16:17:24 +01:00
Peter Steinberger
9c26b87114 ci(release): isolate npm publish concurrency 2026-05-23 13:39:43 +01:00
Peter Steinberger
0e3726305b ci(release): allow beta publish after npm preflight 2026-05-23 13:39:43 +01:00
Peter Steinberger
c689f71805 ci(release): retry child workflow polling 2026-05-23 13:39:43 +01:00
Peter Steinberger
e5dab55aca ci(release): poll child workflows through actions api 2026-05-23 13:39:43 +01:00
Vincent Koc
0d7d99befa fix(ci): repair crabbox hydrate replay (#85706) 2026-05-23 20:02:07 +08:00
Vincent Koc
68bcd4e39d test(ci): harden installer smoke coverage 2026-05-23 13:19:12 +02:00
Vincent Koc
1e21121021 fix(ci): require live docker credentials by resource 2026-05-23 12:39:02 +02:00
Vincent Koc
cc6c3728c7 fix(ci): require factory auth for droid live docker 2026-05-23 12:20:26 +02:00
Kevin Lin
5656f687c1 Add Slack approval QA checkpoints (#85141) 
* test: add slack approval qa checkpoints

* fix(slack): scope plugin approval session fallback

* ci(mantis): allow slack approval checkpoint dispatch

* ci(mantis): use on-demand aws slack desktops

* ci(mantis): run slack smoke from candidate checkout

* ci(mantis): pin aws ssh ingress to runner

* test(mantis): skip crabbox actions hydrate for slack desktop

* ci(mantis): use fresh pr checkout for slack desktop

* ci(mantis): start slack desktop smoke from source

* fix(mantis): use relative slack qa output dir

* test(mantis): surface slack smoke failure logs

* fix(mantis): write slack approval watcher script

* fix(mantis): accept successful slack qa metadata

* fix(mantis): tighten slack approval evidence

* fix(mantis): repair slack evidence manifest

* fix(mantis): render slack approval checkpoint proof

* fix(mantis): quote approval checkpoint renderer html

* fix(mantis): preserve slack approval failure artifacts

* fix(mantis): timeout silent slack desktop runs

* fix(mantis): keep slack desktop runs chatty

* fix(mantis): keep slack workflow harness trusted

* fix(qa-lab): make slack approval evidence robust

* fix(qa-lab): harden slack approval workflow proof

* test(qa-lab): surface slack approval diagnostics

* test(qa-lab): loosen slack approval readiness
 2026-05-22 22:04:15 -07:00
Peter Steinberger
dcfc7e58fa ci: unblock advisory Tideclaw alpha release checks 2026-05-22 22:09:18 +01:00
Dallin Romney
0a50cbdf34 Add TUI PTY integration coverage (#85485) 
* test: add TUI PTY integration coverage

* test: stabilize TUI PTY CI

* test: speed up TUI PTY coverage

* test: bound TUI PTY local waits

* ci: keep TUI PTY gate fast

* test: route TUI PTY project in full suite

* ci: run TUI PTY on routing edits
 2026-05-22 13:42:58 -07:00
Peter Steinberger
4b63502279 ci: run binding command escape in release checks 2026-05-22 20:12:53 +01:00
Peter Steinberger
0241a6e7ae ci: skip pnpm auto repair in Crabbox shell 2026-05-22 19:47:16 +01:00
Peter Steinberger
7552634996 ci: share Crabbox hydrate pnpm store 2026-05-22 19:37:46 +01:00
Peter Steinberger
b6940b5dc4 ci(release): pass node pin to pnpm setup 2026-05-22 19:27:56 +01:00