vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-31 13:18:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
53,723 Commits 1,843 Branches 149 Tags
aeeccdf27fd4003019a2bf40ec7b347bb5e757bb
Commit Graph

1014 Commits

Author SHA1 Message Date
Peter Steinberger
56a5d7e865 fix(codex): defer report-mode plugin approvals 
Route Codex app-server report-mode PreToolUse plugin approval requirements through the matching app-server approval request instead of failing closed. Shares duplicate in-flight approvals, preserves block/rewrite fail-closed behavior, and keeps generic plugin allow-always scoped to one Codex request. Supersedes #86978; thanks @clawSean for the original docs clarification.
 2026-05-29 00:09:23 +01:00
Peter Steinberger
ea682182d0 fix: isolate npm plugin installs per package (#87647) 
* fix: isolate npm plugin installs per package

* test: assert isolated npm plugin projects in upgrade survivor

* test: assert plugin lifecycle npm project roots

* test: resolve npm project deps in live assertions

* fix: resolve codex bins from isolated npm projects

* docs: document isolated npm plugin projects

* ci: configure testbox workflow for crabbox

* fix: stabilize npm project fingerprint

* fix: keep fetch runtime import side-effect free

* test: keep dynamic live model unit hermetic

* ci: handle empty node toolcache roots

* test: make nounset toolcache probe deterministic
 2026-05-28 21:16:07 +01:00
Peter Steinberger
8ed9330a30 perf: defer Slack full startup (#87760) 2026-05-28 20:37:09 +01:00
Rohit
376b03f8ea fix(plugins): reject incompatible package plugin API installs (#87477) 
* fix(plugins): enforce package plugin API compatibility

* fix(plugins): preserve plugin API prerelease floors

* fix(plugins): gate persisted plugin api compatibility

* fix(plugins): skip incompatible package discovery

* fix(plugins): check api compatibility before package shape

* fix(plugins): gate bundle package api compatibility

* docs(plugins): clarify plugin API release sync

* test(agents): keep dynamic live model unit test runtime-free

* fix(plugins): normalize correction plugin api floors

* test(agents): align dynamic normalizer expectation

* fix(plugins): reject malformed plugin api metadata

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
 2026-05-28 20:25:30 +01:00
Peter Steinberger
b87510957f docs: clarify Codex native hook relay recovery 2026-05-28 19:21:50 +01:00
Peter Steinberger
cee2a50fe6 chore(release): prepare 2026.5.28 2026-05-28 01:48:07 +01:00
Kevin Lin
bb752c2b47 Revert "feat: expose plugin approval action metadata" (#87419) 
This reverts commit 0c867eef75.

# Conflicts:
#	docs/.generated/plugin-sdk-api-baseline.sha256
 2026-05-27 14:48:06 -07:00
Peter Steinberger
d93524d1cc fix(codex): route workspace memory through tools (#87383) 
* fix(codex): route workspace memory through tools

* fix(codex): preserve extra memory bootstrap files

* fix(codex): support memory_get-only context routing

* fix(codex): only tool-route canonical workspace memory

* fix(codex): keep memory fallback for sandbox workspaces
 2026-05-27 20:55:27 +01:00
keshavbotagent
e339586750 fix(plugin-state): evict current namespace on plugin row cap 
Make plugin-state enforce the plugin-wide live-row fuse by evicting only from the namespace currently being written, preserving sibling namespace rows and still failing atomically when the current namespace cannot free enough rows.

Raise the plugin-wide cap to 6,000 rows, keep Telegram's persistent message-cache namespace at 3,000 entries, and document the updated SDK runtime contract. Harden legacy plugin-state import so capacity pressure cannot archive a source after losing imported keys, with focused regression coverage for Telegram-shaped namespaces and migration rollback.

Also restore the Docker runtime-assets preflight step in full release validation so release workflow contract tests stay aligned.

Verification: focused plugin-state, migration, Telegram, workflow-contract, lint, deprecated-API, diff-check, Blacksmith Testbox, CI, CodeQL, Workflow Sanity, OpenGrep, and autoreview all passed on PR head fee021cfa6.

Co-authored-by: Keshav's Bot <keshavbotagent@gmail.com>
 2026-05-27 20:33:40 +01:00
Peter Steinberger
da1a3434f4 docs: document native Codex hook relay recovery 2026-05-27 19:46:56 +01:00
Peter Steinberger
bb46b79d3c refactor: internalize OpenClaw agent runtime (#85341) 
* refactor: extract agent core package

Introduce packages/agent-core as the OpenClaw-owned home for reusable agent loop, harness, session, prompt, and runtime dependency contracts.

* refactor: extract shared llm runtime

Move provider model registries, stream wrappers, OAuth helpers, and LLM utilities into src/llm with plugin-sdk barrels instead of depending on the old embedded runtime layout.

* refactor: remove pi runtime internals

Rename remaining Pi-shaped agent surfaces to OpenClaw agent runtime names, delete obsolete Pi docs and package graph checks, and add the third-party notice for incorporated code.

* refactor: tighten agent session runtime

Make agent-core/runtime dependencies explicit, consolidate compaction and session transcript helpers, and move model/session helpers behind OpenClaw-owned contracts.

* refactor: remove static model and pi auth paths

Drop static model catalogs and Pi auth bridges, move model/provider facts to manifest-owned runtime contracts, and harden internal embedded-agent utilities.

* refactor: remove legacy provider compat paths

* docs: remove agent parity notes

* fix: skip provider wildcard metadata parsing

* refactor: share session extension sdk loading

* refactor: inline acpx proxy error formatter

* refactor: fold edit recovery into edit tool

* fix: accept extension batch separator

* test: align startup provider plugin expectations

* fix: restore provider-scoped release discovery

* test: align static asset packaging expectations

* fix: run static provider catalogs during scoped discovery

* fix: add provider entry catalogs for scoped live discovery

* fix: load lightweight provider catalog entries

* fix: refresh provider-scoped plugin metadata

* fix: keep provider catalog entries on release live path

* fix: keep static manifest models in release live checks

* fix: harden release model discovery

* fix: reduce OpenAI live cache probe reasoning

* fix: disable OpenAI cache probe reasoning

* ci: extend OpenAI gateway live timeout

* fix: extend live gateway model budget

* fix: stabilize release validation regressions

* fix: honor provider aliases in model rows

* fix: stabilize release validation lanes

* fix: stabilize release memory qa

* ci: stabilize release validation lanes

* ci: prefer ipv4 for live docker node calls

* fix: restore shared tool-call stream wrapper

* ci: remove legacy pi test shard alias

* fix: clean up embedded agent test drift

* fix: stabilize runtime alias status

* fix: clean up embedded agent ci drift

* fix: restore release ci invariants

* fix: clean up post-rebase runtime drift

* fix: restore release ci checks

* fix: restore release ci after rebase

* fix: remove stale pi runtime path

* test: align compaction runtime expectations

* test: update plugin prerelease expectations

* fix: handle claude live tool approvals

* fix: stabilize release validation gates

* fix: finish agent runtime import

* test: finish post-rebase agent runtime mocks

* fix: keep codex compaction native

* fix: stabilize codex app-server hook tests

* test: isolate codex diagnostic active run

* test: remove codex diagnostic completion race

# Conflicts:
#	extensions/codex/src/app-server/run-attempt.test.ts

* ci: fix full release manifest performance run id

* refactor: narrow llm plugin sdk boundary

* chore: drop generated google boundary stamps

* fix: repair rebase fallout

* fix: clean up rebased runtime references

* fix: decode codex jwt payloads as base64url

* fix: preserve shipped pi runtime alias

* fix: add scoped sdk virtual modules

* fix: decode llm codex oauth jwt as base64url

* fix: avoid stale vertex adc negative cache

* fix: harden tool arg decoding and codeql path

* fix: keep vertex adc negative checks live

* refactor: consolidate codex jwt and edit helpers

* fix: await codex oauth node runtime imports

* fix: preserve sdk tool and notice contracts

* fix: preserve shipped compat config boundaries

* fix: align codex oauth callback host

* fix: terminate agent-core loop streams on failure

* fix: keep codex oauth callback alive during fallback

* ci: include session tools in critical codeql scans

* fix: keep Cloudflare Anthropic provider auth header

* docs: redirect legacy pi runtime pages

* fix: honor bundled web provider compat discovery

* fix: protect session output spill files

* fix: keep legacy agent dir env blocked

* fix: contain auto-discovered skill symlinks

* fix: harden agent core sdk proxy surfaces

* fix: restore approval reaction sdk compat

* fix: keep live docker runs bounded

* fix: keep codex oauth redirect host aligned

* fix: resolve post-rebase agent runtime drift

* fix: redact anthropic oauth parse failures

* fix: preserve responses strict tool shaping

* fix: repair agent runtime rebase cleanup

* docs: redirect retired parity pages

* fix: bound auto-discovered resources to roots

* fix: repair post-rebase agent test drift

* fix: preserve bundled provider allowlist migration

* fix: preserve manifest-owned provider aliases

* fix: declare photon image dependency

* fix: keep provider headers out of proxy body

* fix: preserve shipped env aliases

* fix: refresh control ui i18n generated state

* fix: quote read fallback paths

* fix: preview edits through configured backend

* test: satisfy core test typecheck

* fix: preserve ZAI usage auth fallback

* test: repair codex diagnostic test

* fix: repair agent runtime rebase drift

* test: finish embedded runner import rename

* fix: repair agent runtime rebase integrations

* test: align compaction oauth fallback expectations

* fix: allow sdk-auth session models

* fix: update doctor tool schema import

* fix: preserve bedrock plugin region

* fix: stream harmony-like prose immediately

* ci: include session runtime in codeql shards

* fix: repair latest rebase integrations

* fix: honor explicit codex websocket transport

* fix: keep openai-compatible credentials provider-scoped

* fix: refresh sdk api baseline after rebase

* fix: route cli runtime aliases through openclaw harness

* test: rename stale harness mock expectation

* test: rename embedded agent overflow calls

* test: clean embedded auth test wording

* test: use openclaw stream types in deepinfra cache test

* fix: refresh sdk api baseline on latest main

* fix: honor bundled discovery compat allowlists

* fix: refresh sdk api baseline after latest rebase

* fix: remove stale rebase imports

* test: rename stale model catalog mock

* test: mock renamed doctor runtime modules

* fix: map canonical kimi env auth

* fix: use internal model registry in bench script

* fix: migrate deepinfra provider catalog entry

* fix: enforce builtin tool suppression

* fix: route compaction auth and proxy payloads safely

* refactor: prune unused llm registry leftovers

* test: update codex hooks session import

* test: fix model picker ci coverage

* test: align model picker auth mock types
 2026-05-27 19:24:04 +01:00
Ben Badejo
7691a8a9a3 docs(codex): clarify computer use setup (#87313) 
Clarify the Codex Computer Use docs around inferred opt-in, read-only status checks, and marketplace root versus marketplace JSON path setup.

The docs now match current source-backed behavior: autoInstall opts Computer Use in, status does not mutate plugin setup, and marketplacePath is for a local marketplace JSON file while source registers a marketplace root.

Verification:
- pnpm docs:list
- GitHub CI check-docs passed
- Real behavior proof passed via maintainer proof override for this docs-only PR

Thanks @bdjben.

Co-authored-by: Benjamin Badejo <ben@benbadejo.com>
Co-authored-by: Sally O'Malley <somalley@redhat.com>
 2026-05-27 18:35:21 +01:00
Dallin Romney
d638611684 feat: split diffs language pack 
Split the diffs viewer Shiki language pack into an external publishable plugin.

The diffs plugin keeps the default curated syntax set, while the new @openclaw/diffs-language-pack package carries the extended Shiki languages for npm and ClawHub distribution. The install metadata includes the external ClawHub spec, and the curated C# alias set keeps both c# and cs supported without the language pack.

Co-authored-by: Dallin Romney <dallinromney@gmail.com>
 2026-05-27 18:08:40 +01:00
Mariano
c9d4f7e35c Deprecate memory-specific embedding provider registration (#85072) 
Merged via squash.

Prepared head SHA: 661eb99066
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
 2026-05-27 15:24:17 +02:00
Peter Steinberger
8e5183c60d refactor: move channel message sdk compat into core 2026-05-27 13:59:33 +01:00
Bob
4d89e00c50 feat(embeddings): add OpenAI-compatible core provider (#85269) 
Merged via squash.

Prepared head SHA: dc9a5d5397
Co-authored-by: dutifulbob <261991368+dutifulbob@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
 2026-05-27 14:37:17 +02:00
rendrag-git
e153eceea5 fix(vllm): wire configured thinking params 
Move vLLM Qwen thinking control onto configured model compat metadata and carry it through catalog/model-selection/runtime thinking contexts.

Also migrate legacy provider/default request params in doctor and keep Pi/runtime model rows buildable with explicit reasoning defaults.

Thanks @rendrag-git.

Co-authored-by: rendrag-git <253747599+rendrag-git@users.noreply.github.com>
 2026-05-27 13:32:18 +01:00
Vincent Koc
53662094c3 chore(pixverse): publish as external plugin 2026-05-27 12:41:10 +02:00
Peter Steinberger
6c3740255f refactor: remove channel turn runtime aliases 2026-05-27 11:37:23 +01:00
Peter Steinberger
c89298f9f8 fix: preserve channel runResolved mock compatibility 2026-05-27 10:36:33 +01:00
Peter Steinberger
1507a9701b refactor: centralize inbound supplemental context 
* refactor: centralize inbound supplemental context

* refactor: trim supplemental finalizer typing

* docs: clarify supplemental context projection

* refactor: move inbound finalization into core

* refactor: simplify channel inbound facts

* refactor: fold supplemental media into inbound finalizer

* refactor: migrate channel inbound callers to builder

* docs: mark inbound finalizer compat types deprecated

* refactor: wire runtime turn context builder

* refactor: replace channel turn runtime API

* fix: respect discord quote visibility

* fix: avoid deprecated line dispatch helper

* refactor: deprecate channel message SDK seams

* docs: trim channel outbound SDK page

* test: migrate irc inbound assertion

* refactor: deprecate outbound SDK facades

* refactor: deprecate channel helper SDK facades

* refactor: deprecate channel streaming SDK facade

* refactor: move direct dm helpers into inbound SDK

* chore: mark legacy test-utils SDK alias deprecated

* refactor: remove unused allow-from read helper

* refactor: route remaining channel dispatch through core

* refactor: enforce modern extension SDK imports

* test: give slow image root tests more time

* ci: support node fallback on windows

* fix: add transcripts tool display metadata

* refactor: trim legacy channel test seams

* fix: preserve channel compat after rebase

* fix: keep deprecated channel inbound aliases

* fix: preserve discord thread context visibility

* fix: clean final rebase conflicts

* fix: preserve channel message dispatch aliases

* fix: sync channel refactor after rebase

* fix: sync channel refactor after latest main

* fix: dedupe memory-core subagent mock

* test: align clickclack inbound dispatch assertions

* fix: sync plugin sdk api hash after rebase

* fix: sync channel refactor after latest main

* fix: sync plugin sdk api hash after rebase

* fix: sync plugin sdk api hash after latest main

* test: remove stale inbound context awaits
 2026-05-27 09:26:06 +01:00
Agustin Rivera
08a73dbe4b fix(qqbot): gate fallback approval buttons (#87154) 
QQBot fallback approval buttons now reuse the same slash-command authorization path as real commands, including access groups and default-account config merging.

Verification:
- node scripts/test-extension.mjs qqbot
- node --max-old-space-size=8192 --import tsx scripts/generate-plugin-sdk-api-baseline.ts --check && git diff --check
- pnpm lint --threads=8
- node scripts/run-vitest.mjs src/agents/agent-command.live-model-switch.test.ts
- GitHub PR checks for 7cc0f15031: passed

Thanks @eleqtrizit.

Co-authored-by: Agustin Rivera <agustin@rivera-web.com>
 2026-05-27 08:44:55 +01:00
Dallin Romney
780bc79147 fix(plugin-sdk): stop exporting vitest test helpers (#87120) 2026-05-26 23:10:41 -07:00
Agustin Rivera
2c88547254 fix(prompt): route untrusted group prompts outside system prompt [AI] (#87144) 
* fix(prompt): route untrusted group prompts outside system prompt

* fix(prompt): align untrusted group prompt helpers
 2026-05-26 22:47:54 -07:00
Pablo Guardiola
0c867eef75 feat: expose plugin approval action metadata 
Expose plugin approval action metadata so plugins can describe richer approval actions across gateway, SDK, channel, and UI surfaces.
 2026-05-26 22:46:09 -07:00
Peter Steinberger
231a812276 build(codex): update Codex CLI to 0.134.0 2026-05-27 04:42:12 +01:00
Peter Steinberger
0cfccdb0c7 fix(codex): keep WebChat delivery hints out of user requests 
Land PR #87003 from @ragesaq with a maintainer fix for routed room events.

Co-authored-by: Forge <forge@psiclawops.dev>
 2026-05-27 03:44:27 +01:00
uday
0f18d52f16 fix(codex): raise dynamic tool timeout 2026-05-27 01:25:48 +01:00
Kevin Lin
7d6b7f434c feat(plugin-sdk): add reaction approval helpers (#86735) 
* feat(plugin-sdk): add reaction approval helpers

* fix(signal): register target approval reactions

* Remove legacy WhatsApp approval reaction appender

* refactor(plugin-sdk): share native exec prompt suppression

* revert(discord): keep exec prompt suppression local

* refactor(plugin-sdk): share native approval fallback suppression

* fix(whatsapp): bind outbound approval reactions

* chore(plugin-sdk): refresh api baseline

* revert(imessage): defer reaction approval changes
 2026-05-26 15:28:50 -07:00
Peter Steinberger
cac0b2db18 refactor: move transcripts into core 
Move meeting notes into core transcripts, remove the bundled meeting-notes plugin/API, and require explicit transcripts.enabled before exposing the recording-capable tool.
 2026-05-26 14:51:11 +01:00
Peter Steinberger
d00d0a21c2 chore: bump OpenClaw to 2026.5.26 2026-05-26 01:26:00 +01:00
Peter Steinberger
a4f12699cf refactor: share realtime output activity tracking (#86661) 2026-05-25 23:51:34 +01:00
Dmitry Golubev
0f35ec29d3 fix(codex): disable native thread personality (#85891) (thanks @lastguru-net) 
Behavior addressed: Native Codex app-server threads now disable Codex's built-in personality on thread/start, thread/resume, turn/start, bound conversation turns, and /btw side-thread forks so OpenClaw agent workspace identity stays authoritative.

Real environment tested: Local OpenClaw source checkout plus GitHub CI on PR #85891.

Exact steps or command run after this patch: pnpm test extensions/codex/src/app-server/thread-lifecycle.test.ts extensions/codex/src/app-server/side-question.test.ts extensions/codex/src/conversation-binding.test.ts extensions/codex/src/app-server/schema-normalization-runtime-contract.test.ts; pnpm check:docs; pnpm prompt:snapshots:check; OPENCLAW_ADDITIONAL_BOUNDARY_SHARD=1/4 OPENCLAW_ADDITIONAL_BOUNDARY_CONCURRENCY=4 node scripts/run-additional-boundary-checks.mjs.

Evidence after fix: Focused Codex test shard passed 4 files / 79 tests; docs check passed; prompt snapshots are current; CI passed all code/quality checks, with only Real behavior proof failing as unrelated proof-bot gating for this non-channel change.

Observed result after fix: App-server request snapshots and unit tests include personality: "none" on native Codex start/resume/turn/fork paths.

What was not tested: A live Codex app-server model run was not executed.

Co-authored-by: Beru <beru@lastguru.lv>
 2026-05-25 23:15:03 +01:00
Peter Steinberger
fda0141a01 Refactor realtime voice turn context tracking (#86650) 
* refactor: share realtime turn context tracking

* chore: track realtime voice sdk api baseline

* fix: preserve pruned realtime turn handle state
 2026-05-25 23:13:27 +01:00
Peter Steinberger
5dccba7405 refactor: share realtime forced consult coordination 2026-05-25 22:02:19 +01:00
Peter Steinberger
cda7c30150 build: refresh dependency pins (#86628) 
* build: refresh dependencies

* build: align pi fallback version
 2026-05-25 21:55:46 +01:00
Sebastien Tardif
e7c7ee4385 docs(manifest): note safe-regex validation for modelPatterns 2026-05-25 20:57:04 +01:00
Peter Steinberger
822ee62947 fix: tighten openshell exec preflight 2026-05-25 18:36:55 +01:00
Gio Della-Libera
fbb6340542 Policy: add agent-scoped policy overlays (#85817) 
* feat(policy): add agent-scoped policy overlays

* docs(policy): use generic agent-scoped examples

* fix(policy): generalize scoped policy overlays

* fix(policy): clean scoped overlay checks

* fix(policy): evaluate inherited scoped agent posture

* chore(policy): keep agent harness out of scoped policy pr
 2026-05-25 08:45:16 -07:00
Peter Steinberger
a3ae5c8382 refactor(plugin-sdk): rename plain text tool-call compat wrapper 2026-05-25 15:08:01 +01:00
Peter Steinberger
5d018034f6 feat: promote provider tool call stream wrapper (#86489) 2026-05-25 13:55:23 +01:00
FullerStackDev
0a98c2d626 address migrate auth review comments 2026-05-25 09:16:37 +01:00
FullerStackDev
17edec75e4 honor migrate auth opt-out in plan 2026-05-25 09:16:37 +01:00
FullerStackDev
f9a87bf312 fix ci blockers for migrate auth 2026-05-25 09:16:37 +01:00
Kevin Lin
0dabb7010b docs: replace OpenClaw docs skill and add plugin permissions guide 
* docs: replace openclaw docs skill

* docs: align technical documentation skill policy

* docs: restore openclaw refactor docs skill
 2026-05-24 23:20:14 -07:00
pashpashpash
dd47e479ae Fail Codex compaction at the Codex boundary (#85958) 2026-05-24 22:12:34 -07:00
Peter Steinberger
c38a9a883a fix: label meeting note transcript speakers 
Include speaker-labeled transcript lines in Meeting Notes summaries and structured summary artifacts.
 2026-05-24 04:29:01 +01:00
Peter Steinberger
0cba872e38 chore: bump version to 2026.5.24 2026-05-24 02:40:16 +01:00
Peter Steinberger
40d36b5bbc docs(talk): document realtime active-run control 
Co-authored-by: Colin <colin@solvely.net>
 2026-05-24 02:35:04 +01:00
Gio Della-Libera
1e2e614748 Policy: add tool posture conformance checks (#85482) 
* feat(policy): add tool posture conformance

* fix(policy): attest tool alsoAllow posture
 2026-05-23 16:44:42 -07:00