vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-31 13:48:34 +00:00
Code Issues Packages Projects Releases Wiki Activity
53,723 Commits 1,843 Branches 149 Tags
aeeccdf27fd4003019a2bf40ec7b347bb5e757bb
Commit Graph

1262 Commits

Author SHA1 Message Date
Dallin Romney
aeeccdf27f fix(ci): bound ClawHub docs checkout (#87811) 2026-05-28 16:25:09 -07:00
Peter Steinberger
201fe25dad ci(release): let Telegram QA wait on credential leases 2026-05-28 23:58:52 +01:00
Vincent Koc
7b8ec95108 fix(ci): stabilize agentic drift checks (#87786) 
* fix(ci): stabilize agentic drift checks

* fix(ci): refresh opengrep scanner pin

* fix(ci): avoid full-depth opengrep checkout
 2026-05-28 23:33:47 +01:00
Peter Steinberger
bd77ebc761 ci(release): fix release smoke timeouts 2026-05-28 23:13:33 +01:00
Peter Steinberger
6d39b94a7b ci(release): serialize Telegram CI bot consumers 2026-05-28 22:42:06 +01:00
Dallin Romney
563ad77d13 ci: sparse checkout CodeQL actions shard (#87775) 2026-05-28 14:36:31 -07:00
Dallin Romney
2be9eb1e97 ci: consolidate Blacksmith runner defaults (#87503) 2026-05-28 13:28:22 -07:00
Dallin Romney
c629270f23 ci: filter release workflow matrices (#87508) 2026-05-28 13:12:54 -07:00
Dallin Romney
3dee915b3b ci: warm pnpm store before node fanout (#87518) 
* ci: warm pnpm store before node fanout

* test: update pnpm cache acceptance key

* ci: clarify pnpm cache save controls
 2026-05-28 13:11:20 -07:00
Vincent Koc
f9834a3f95 ci: pin macOS runner labels 2026-05-28 20:52:52 +02:00
Dallin Romney
5f9d71f8af fix(ci): raise plugin sdk strict smoke heap (#87729) 2026-05-28 10:39:32 -07:00
Peter Steinberger
910354b07f docs: point release process at public evidence repo 2026-05-28 15:04:33 +01:00
Ayaan Zaidi
3cb7ae5350 fix(docker): alias main images to latest release 2026-05-28 19:30:17 +05:30
Vincent Koc
44451eaa47 fix(ci): run CodeQL on main pushes 2026-05-28 15:49:18 +02:00
Ayaan Zaidi
dc31f73b39 ci(docker): publish browser release images 2026-05-28 18:48:45 +05:30
Vincent Koc
4bd711e1c4 fix(security): avoid fetching untrusted proof refs 2026-05-28 12:39:12 +02:00
Vincent Koc
3844e035bb fix(security): avoid CodeQL legacy auth patterns 2026-05-28 12:32:49 +02:00
Vincent Koc
f9aec04167 fix(qa): stabilize live transport lanes 
Wire QA fallback models into live gateway config, fix Slack allowlist-block coverage, and keep WhatsApp live artifacts useful while redacting raw credential metadata.\n\nVerification: focused QA Vitest; autoreview clean; AWS Crabbox pnpm check:changed run_0207de7d47aa; QA-Lab branch-defined transport run 26565521272 with Matrix transport 56/56 and Slack/Discord/Telegram/parity clear. WhatsApp remains blocked by stale shared Convex WhatsApp Web credentials returning Baileys 401 before scenarios.
 2026-05-28 10:38:09 +01:00
Vincent Koc
b008989bef fix(security): address OpenClaw CodeQL alerts 2026-05-28 11:34:32 +02:00
Peter Steinberger
ca1829c3f4 fix(ci): bound optional performance report publishing 2026-05-28 07:01:55 +01:00
Dallin Romney
53704b26e8 perf(ci): instrument build artifacts phases (#87514) 2026-05-27 22:31:32 -07:00
Ayaan Zaidi
51d7f3c143 ci(mantis): route telegram proof runs to us-east-1 2026-05-28 10:10:32 +05:30
Agustin Rivera
b860a0d4d0 fix: harden qqbot direct media uploads 
Harden QQBot direct media URL uploads by downloading through the local SSRF guard before QQ upload, disabling redirects, bounding fetch/setup and body reads, and routing downloaded buffers through the existing one-shot/chunked size gate.

Co-authored-by: Agustin Rivera <agustin@rivera-web.com>
 2026-05-28 04:21:46 +01:00
keshavbotagent
e339586750 fix(plugin-state): evict current namespace on plugin row cap 
Make plugin-state enforce the plugin-wide live-row fuse by evicting only from the namespace currently being written, preserving sibling namespace rows and still failing atomically when the current namespace cannot free enough rows.

Raise the plugin-wide cap to 6,000 rows, keep Telegram's persistent message-cache namespace at 3,000 entries, and document the updated SDK runtime contract. Harden legacy plugin-state import so capacity pressure cannot archive a source after losing imported keys, with focused regression coverage for Telegram-shaped namespaces and migration rollback.

Also restore the Docker runtime-assets preflight step in full release validation so release workflow contract tests stay aligned.

Verification: focused plugin-state, migration, Telegram, workflow-contract, lint, deprecated-API, diff-check, Blacksmith Testbox, CI, CodeQL, Workflow Sanity, OpenGrep, and autoreview all passed on PR head fee021cfa6.

Co-authored-by: Keshav's Bot <keshavbotagent@gmail.com>
 2026-05-27 20:33:40 +01:00
Peter Steinberger
bb46b79d3c refactor: internalize OpenClaw agent runtime (#85341) 
* refactor: extract agent core package

Introduce packages/agent-core as the OpenClaw-owned home for reusable agent loop, harness, session, prompt, and runtime dependency contracts.

* refactor: extract shared llm runtime

Move provider model registries, stream wrappers, OAuth helpers, and LLM utilities into src/llm with plugin-sdk barrels instead of depending on the old embedded runtime layout.

* refactor: remove pi runtime internals

Rename remaining Pi-shaped agent surfaces to OpenClaw agent runtime names, delete obsolete Pi docs and package graph checks, and add the third-party notice for incorporated code.

* refactor: tighten agent session runtime

Make agent-core/runtime dependencies explicit, consolidate compaction and session transcript helpers, and move model/session helpers behind OpenClaw-owned contracts.

* refactor: remove static model and pi auth paths

Drop static model catalogs and Pi auth bridges, move model/provider facts to manifest-owned runtime contracts, and harden internal embedded-agent utilities.

* refactor: remove legacy provider compat paths

* docs: remove agent parity notes

* fix: skip provider wildcard metadata parsing

* refactor: share session extension sdk loading

* refactor: inline acpx proxy error formatter

* refactor: fold edit recovery into edit tool

* fix: accept extension batch separator

* test: align startup provider plugin expectations

* fix: restore provider-scoped release discovery

* test: align static asset packaging expectations

* fix: run static provider catalogs during scoped discovery

* fix: add provider entry catalogs for scoped live discovery

* fix: load lightweight provider catalog entries

* fix: refresh provider-scoped plugin metadata

* fix: keep provider catalog entries on release live path

* fix: keep static manifest models in release live checks

* fix: harden release model discovery

* fix: reduce OpenAI live cache probe reasoning

* fix: disable OpenAI cache probe reasoning

* ci: extend OpenAI gateway live timeout

* fix: extend live gateway model budget

* fix: stabilize release validation regressions

* fix: honor provider aliases in model rows

* fix: stabilize release validation lanes

* fix: stabilize release memory qa

* ci: stabilize release validation lanes

* ci: prefer ipv4 for live docker node calls

* fix: restore shared tool-call stream wrapper

* ci: remove legacy pi test shard alias

* fix: clean up embedded agent test drift

* fix: stabilize runtime alias status

* fix: clean up embedded agent ci drift

* fix: restore release ci invariants

* fix: clean up post-rebase runtime drift

* fix: restore release ci checks

* fix: restore release ci after rebase

* fix: remove stale pi runtime path

* test: align compaction runtime expectations

* test: update plugin prerelease expectations

* fix: handle claude live tool approvals

* fix: stabilize release validation gates

* fix: finish agent runtime import

* test: finish post-rebase agent runtime mocks

* fix: keep codex compaction native

* fix: stabilize codex app-server hook tests

* test: isolate codex diagnostic active run

* test: remove codex diagnostic completion race

# Conflicts:
#	extensions/codex/src/app-server/run-attempt.test.ts

* ci: fix full release manifest performance run id

* refactor: narrow llm plugin sdk boundary

* chore: drop generated google boundary stamps

* fix: repair rebase fallout

* fix: clean up rebased runtime references

* fix: decode codex jwt payloads as base64url

* fix: preserve shipped pi runtime alias

* fix: add scoped sdk virtual modules

* fix: decode llm codex oauth jwt as base64url

* fix: avoid stale vertex adc negative cache

* fix: harden tool arg decoding and codeql path

* fix: keep vertex adc negative checks live

* refactor: consolidate codex jwt and edit helpers

* fix: await codex oauth node runtime imports

* fix: preserve sdk tool and notice contracts

* fix: preserve shipped compat config boundaries

* fix: align codex oauth callback host

* fix: terminate agent-core loop streams on failure

* fix: keep codex oauth callback alive during fallback

* ci: include session tools in critical codeql scans

* fix: keep Cloudflare Anthropic provider auth header

* docs: redirect legacy pi runtime pages

* fix: honor bundled web provider compat discovery

* fix: protect session output spill files

* fix: keep legacy agent dir env blocked

* fix: contain auto-discovered skill symlinks

* fix: harden agent core sdk proxy surfaces

* fix: restore approval reaction sdk compat

* fix: keep live docker runs bounded

* fix: keep codex oauth redirect host aligned

* fix: resolve post-rebase agent runtime drift

* fix: redact anthropic oauth parse failures

* fix: preserve responses strict tool shaping

* fix: repair agent runtime rebase cleanup

* docs: redirect retired parity pages

* fix: bound auto-discovered resources to roots

* fix: repair post-rebase agent test drift

* fix: preserve bundled provider allowlist migration

* fix: preserve manifest-owned provider aliases

* fix: declare photon image dependency

* fix: keep provider headers out of proxy body

* fix: preserve shipped env aliases

* fix: refresh control ui i18n generated state

* fix: quote read fallback paths

* fix: preview edits through configured backend

* test: satisfy core test typecheck

* fix: preserve ZAI usage auth fallback

* test: repair codex diagnostic test

* fix: repair agent runtime rebase drift

* test: finish embedded runner import rename

* fix: repair agent runtime rebase integrations

* test: align compaction oauth fallback expectations

* fix: allow sdk-auth session models

* fix: update doctor tool schema import

* fix: preserve bedrock plugin region

* fix: stream harmony-like prose immediately

* ci: include session runtime in codeql shards

* fix: repair latest rebase integrations

* fix: honor explicit codex websocket transport

* fix: keep openai-compatible credentials provider-scoped

* fix: refresh sdk api baseline after rebase

* fix: route cli runtime aliases through openclaw harness

* test: rename stale harness mock expectation

* test: rename embedded agent overflow calls

* test: clean embedded auth test wording

* test: use openclaw stream types in deepinfra cache test

* fix: refresh sdk api baseline on latest main

* fix: honor bundled discovery compat allowlists

* fix: refresh sdk api baseline after latest rebase

* fix: remove stale rebase imports

* test: rename stale model catalog mock

* test: mock renamed doctor runtime modules

* fix: map canonical kimi env auth

* fix: use internal model registry in bench script

* fix: migrate deepinfra provider catalog entry

* fix: enforce builtin tool suppression

* fix: route compaction auth and proxy payloads safely

* refactor: prune unused llm registry leftovers

* test: update codex hooks session import

* test: fix model picker ci coverage

* test: align model picker auth mock types
 2026-05-27 19:24:04 +01:00
Peter Steinberger
c0f16460d7 ci(release): smoke Docker runtime templates in full validation 2026-05-27 19:08:56 +01:00
Peter Steinberger
659b5dce79 fix(docker): package runtime workspace templates 2026-05-27 18:54:22 +01:00
Peter Steinberger
1e67af7006 ci(release): accept main full-validation proof 2026-05-27 13:58:14 +01:00
Peter Steinberger
8d990378a6 ci: fall back from stale workflow dispatch refs 2026-05-27 03:39:28 -04:00
Peter Steinberger
95c8fc9678 ci: support native Windows Crabbox daemon hydration (#87175) 
* ci: support native Windows Crabbox hydration

* ci: use Windows PowerShell for Crabbox hydrate

* ci: reduce Windows pnpm install handle pressure

* ci: narrow native Windows hydrate install scope

* ci: keep Windows hydrate workspace-complete

* ci: persist Windows hydrate tool paths

* ci: split native Windows Crabbox hydration job

* ci: scope native Windows hydrate to daemon proof

* ci: use PowerShell for Windows hydrate fetch

* ci: write Windows hydrate command files as UTF-8

* ci: document Windows hydrate runner mode

* ci: preserve custom Crabbox hydrate markers

* ci: avoid forced copy imports in Windows hydrate
 2026-05-27 06:32:09 +01:00
Agustin Rivera
06047005ef fix(browser): validate current tab before snapshots (#78526) 
* fix(browser): validate current tab before snapshots

* fix(browser): reject snapshot selector before SSRF guard

* fix(test): stabilize plugin activation normalization

* fix(ci): fetch opengrep base history

* fix(snapshot): enforce snapshot ssrf policy

* docs(changelog): add unreleased entry for snapshot SSRF fix

* Revert "docs(changelog): add unreleased entry for snapshot SSRF fix"

This reverts commit 4f3031ff65.

* fix(changelog): record snapshot ssrf entry
 2026-05-26 19:11:01 -07:00
Peter Steinberger
716d719d4c ci: prepare pnpm for crabbox hydrate 2026-05-26 21:58:49 -04:00
Peter Steinberger
a1934e9d0e fix(cli): handle Bun launcher module misses 
Fixes #86198.

Co-authored-by: Gio Della-Libera <giodl73@gmail.com>
 2026-05-27 01:20:14 +01:00
Peter Steinberger
ce4db4f9f3 ci: allow Windows Node 22 patch range 2026-05-26 22:26:08 +01:00
Peter Steinberger
b546998b9b ci: fix post-merge Rastermill checks 2026-05-26 22:11:50 +01:00
Peter Steinberger
f7e2d9bb47 ci(release): port 2026.5.25 release gate fixes 2026-05-26 21:19:51 +01:00
Vincent Koc
c867ecb136 fix(ci): kill wedged checkout fetches 2026-05-26 19:38:34 +02:00
Vincent Koc
081e29595e fix(ci): kill timed tui pty test runs 2026-05-26 18:55:47 +02:00
Peter Steinberger
cf21c8abcb ci: harden live release gates 2026-05-26 17:41:30 +01:00
Vincent Koc
e96cde7e14 fix(ci): bound docker pull smoke steps 2026-05-26 17:28:37 +02:00
Vincent Koc
d54c90699f fix(ci): kill timed website installer docker steps 2026-05-26 16:51:43 +02:00
Vincent Koc
cf6f9ad8a3 fix(ci): kill timed install smoke docker steps 2026-05-26 16:36:18 +02:00
Vincent Koc
d1c8f09b00 fix(ci): bound crabbox hydrate downloads 2026-05-26 15:57:01 +02:00
Vincent Koc
c38b5033e6 fix(ci): kill timed workflow process groups 2026-05-26 15:40:44 +02:00
Peter Steinberger
4c6aeb9bb2 ci: use local node toolcache setup 2026-05-26 13:47:19 +01:00
Peter Steinberger
8d6a6e9f89 ci: use unauthenticated workflow fetches 2026-05-26 13:28:32 +01:00
Peter Steinberger
df13d3a724 ci: avoid token-backed read checkouts 2026-05-26 13:28:32 +01:00
Vincent Koc
a3bb4fe814 fix(ci): time out website installer docker runs 2026-05-26 13:29:35 +02:00
Vincent Koc
92fb79ee69 fix(ci): fail Testbox changed-check delegation 2026-05-26 13:24:42 +02:00
Vincent Koc
30c4489af4 fix(ci): time out install smoke docker runs 2026-05-26 13:22:20 +02:00