Peter Steinberger
|
1f12e7fc87
|
fix(ios): replace dead-end discovered gateway connects (#103289)
* fix(ios): clarify insecure discovered gateways
* fix(ios): finish discovered gateway guidance
* fix(ios): preserve gateway failure expression
|
2026-07-10 05:08:58 +01:00 |
|
Josh Avant
|
6438c89f05
|
fix(mobile): clarify gateway connection security setup (#101325)
* fix(mobile): clarify gateway connection setup
* chore(i18n): sync native mobile strings
* fix(mobile): align manual gateway previews
* chore(i18n): refresh native source inventory
* chore(android): remove unused connect tab strings
* test(i18n): drop removed connect tab sentinel
* fix(ios): brand connection security picker labels
* fix(mobile): hide gateway endpoint previews
* chore(i18n): sync native source inventory
* fix(mobile): remove redundant TLS helper copy
|
2026-07-07 14:43:11 -05:00 |
|
PollyBot13
|
a320f775f0
|
fix(ios): defer QR pairing after scanner dismissal (#99572)
* fix(ios): defer QR pairing after scanner dismissal
* fix(ios): process QR pairing after scanner dismissal
* fix(ios): harden QR scanner handoff
* fix(ios): give QR scanner dismissal more time
* fix(ios): keep onboarding open for QR trust prompt
* fix(ios): keep QR trust prompt owned by onboarding
* fix(ios): recover operator pairing after QR bootstrap
* fix(ios): cancel stale QR scanner handoffs
Co-authored-by: PollyBot13 <pollybot13@gmail.com>
* fix(ios): defer QR setup until onboarding closes
* fix(ios): keep QR setup links with visible settings
* fix(ios): consume setup links during onboarding
* fix(ios): handle setup links during onboarding launch
* fix(ios): route setup links through active onboarding
* fix(ios): harden QR gateway handoff
* fix(ios): cancel superseded gateway attempts
* fix(ios): serialize scanner result delivery
* fix(ios): prevent stale gateway reconnects
* fix(ios): serialize gateway target handoff
* fix(ios): disable stale gateway relaunch route
* fix(ios): await staged bootstrap reset
* test(ios): bound gateway reset handoff
* fix(ios): preserve explicit gateway handoff
* fix(ios): harden gateway lifecycle ownership
* chore(ios): sync native i18n inventory
* test(ios): align gateway ownership assertions
* refactor(ios): remove superseded gateway helpers
* fix(ios): keep gateway auth route scoped
* fix(ios): restore gateway target review state
* fix(protocol): refresh Swift plugin approval model
* test(ios): isolate state directory overrides
* fix(ios): preserve watch alerts across gateway switches
* fix(ios): bind deferred work to gateway ownership
* docs(changelog): credit iOS gateway handoff fix
* chore(i18n): sync native app inventory
* test(ios): remove unused Watch approval hooks
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com>
|
2026-07-05 12:31:53 -07:00 |
|
Peter Steinberger
|
862de9f1a1
|
fix(pairing): advertise reachable Tailnet routes (#100317)
* fix(pairing): advertise reachable tailnet routes
* fix(pairing): satisfy native and SDK checks
* fix(ios): cancel stale pairing route probes
* test(pairing): document LAN-only Serve fallback
* fix(ios): preserve pairing result initializer
|
2026-07-05 07:43:43 -07:00 |
|
Josh Avant
|
0c7bac34ae
|
fix(ios): classify TLS fingerprint timeouts (#98429)
* fix(ios): classify gateway TLS fingerprint timeouts
* Add discovered TLS trust regression test
|
2026-07-01 01:06:13 -05:00 |
|
Sash Zats
|
233b48daaa
|
refactor: prune unused iOS code (#91996)
Prune unused iOS surfaces and regenerate the Xcode project. Add a scoped Periphery PR gate with hardened artifact handling and stale-status cleanup.
Co-authored-by: Sash Zats <sash@zats.io>
|
2026-06-15 02:07:15 -07:00 |
|
Nimrod Gutman
|
00a0858fd9
|
fix(ios): recover rotated gateway certificates
## Summary
- allow iOS to trust system-valid rotated gateway certificates
- rebuild active gateway sessions after replacing the stored TLS pin
- expose certificate trust recovery from gateway problem banners
## Verification
- swift test --filter 'GatewayErrorsTests|GatewayNodeSessionTests/changedSessionBoxRebuildsExistingGatewayChannel'
- xcodebuild build -scheme OpenClaw -destination 'platform=iOS,id=00008140-000848A92EE3001C'
- installed and launched OpenClaw on attached iPhone with devicectl
- verified iOS gateway log connected to wss://gutsy-home.tail06a72.ts.net:443 after trust/pairing recovery
|
2026-05-10 21:10:35 +03:00 |
|
Val Alexander
|
36df0d93b9
|
fix: repair iOS LAN pairing
Fix iOS LAN/setup-code pairing policy for #47887.
- Allow explicit private LAN and .local plaintext ws:// setup/manual connects where policy allows it.
- Keep public hosts, .ts.net, and Tailscale CGNAT plaintext fail-closed.
- Prefer explicit passwords over stale bootstrap tokens in Swift and TypeScript gateway clients.
- Update setup-code/device-pair coverage, docs, and changelog with source credit for #65185.
Verification:
- pnpm install
- git diff --check origin/main..HEAD
- pnpm exec oxfmt --check --threads=1 src/gateway/client.ts src/gateway/client.test.ts src/pairing/setup-code.ts src/pairing/setup-code.test.ts extensions/device-pair/index.ts extensions/device-pair/index.test.ts
- pnpm format:docs:check
- pnpm test src/gateway/client.test.ts src/pairing/setup-code.test.ts extensions/device-pair/index.test.ts
- cd apps/shared/OpenClawKit && swift test --filter 'DeepLinksSecurityTests|GatewayNodeSessionTests'
- pnpm lint:swift passes with the existing TalkModeRuntime.swift type-body-length warning
Blocked locally:
- iOS app-target xcodebuild tests require unavailable watchOS 26.4 runtime here.
- Testbox check:changed previously failed because the image lacks swiftlint; local swiftlint passes.
|
2026-05-05 21:07:19 -05:00 |
|
Nimrod Gutman
|
69fe999373
|
fix(pairing): restore qr bootstrap onboarding handoff (#58382) (thanks @ngutman)
* fix(pairing): restore qr bootstrap onboarding handoff
* fix(pairing): tighten bootstrap handoff follow-ups
* fix(pairing): migrate legacy gateway device auth
* fix(pairing): narrow qr bootstrap handoff scope
* fix(pairing): clear ios tls trust on onboarding reset
* fix(pairing): restore qr bootstrap onboarding handoff (#58382) (thanks @ngutman)
|
2026-03-31 21:11:35 +03:00 |
|
Peter Steinberger
|
8553d22428
|
refactor(tests): dedupe ios gateway and deeplink fixtures
|
2026-03-02 09:55:46 +00:00 |
|
Mariano Belinky
|
d06d8701fd
|
iOS: normalize watch quick actions and fix test signing
|
2026-02-24 15:16:11 +00:00 |
|
Mariano
|
fe3215092c
|
test(ios): cover IPv4-mapped IPv6 loopback in manual TLS policy (#22045)
Merged via /review-pr -> /prepare-pr -> /merge-pr.
Prepared head SHA: ec952f0a80
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
|
2026-02-20 17:23:33 +00:00 |
|
Mariano
|
8fa46d709a
|
fix(ios): force tls for non-loopback manual gateway hosts (#21969)
Merged via /review-pr -> /prepare-pr -> /merge-pr.
Prepared head SHA: 9fb39f566e
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
|
2026-02-20 16:28:47 +00:00 |
|
Peter Steinberger
|
054366dea4
|
fix(security): require explicit trust for first-time TLS pins
|
2026-02-14 17:55:20 +01:00 |
|
Peter Steinberger
|
d583782ee3
|
fix(security): harden discovery routing and TLS pins
|
2026-02-14 17:18:14 +01:00 |
|