openclaw

mirror of https://github.com/openclaw/openclaw.git synced 2026-05-07 06:20:42 +00:00

Author	SHA1	Message	Date
Peter Steinberger	f44759073b	feat(gateway): auto-approve trusted CIDR node pairing (#61004 ) (thanks @sahilsatralkar)	2026-04-25 06:40:25 +01:00
Peter Steinberger	67a2b187b7	docs: fix gateway security accordion	2026-04-24 18:42:07 +01:00
Peter Steinberger	b2352c3e24	docs: improve 2026.4.23 release docs	2026-04-24 17:55:03 +01:00
Peter Steinberger	b7fba2100f	docs: clarify private ws node setup	2026-04-24 07:32:29 +01:00
Vincent Koc	4a2cd533ac	docs: remove duplicate H1 where frontmatter title already sets it	2026-04-23 13:11:14 -07:00
Vincent Koc	b0efa8d43d	docs(gateway): security — sentence-case headings, remove manual TOC and H1, drop custom anchors, tuck triage notes into Accordion	2026-04-23 11:09:33 -07:00
Vincent Koc	b7506521e6	docs: restructure gateway security page and extract audit checks reference	2026-04-23 01:01:12 -07:00
Vincent Koc	daaedf37b7	docs: prune recent additions for readability	2026-04-23 00:23:18 -07:00
Peter Steinberger	dd17dea761	docs: align pairing metadata upgrade approval	2026-04-23 07:56:16 +01:00
Vincent Koc	c8aec6b951	docs: Control UI identity + gateway pairing hardening + release verification	2026-04-22 23:52:37 -07:00
Vincent Koc	30a5c441f3	docs(channels): cover WhatsApp replyToMode, Discord inheritParent, Slack HTTP/ACP/downloadFile, Telegram webhook+picker auth, Mattermost reasoning suppression, workspace .env block for channel endpoints	2026-04-22 23:39:38 -07:00
Peter Steinberger	46fba1d814	docs(config): clarify symlinked config support	2026-04-22 23:45:03 +01:00
Vincent Koc	475e6ff1d1	docs(gateway): replace user-facing 'extension' references with 'plugin' per terminology rules	2026-04-21 14:39:10 -07:00
Vincent Koc	9702f0bf21	docs: tool-progress preview streaming, Control UI avatar auth, exec heredoc and external-content token sanitization	2026-04-21 13:39:55 -07:00
Vincent Koc	b4a59be9b6	docs: document stdio env filter, enforceOwnerForCommands, OPENCLAW_* .env blocking	2026-04-21 13:21:34 -07:00
Peter Steinberger	2514746b32	fix: sanitize LLM special tokens in external content	2026-04-21 20:29:02 +01:00
Peter Steinberger	a292cbf46f	docs: clarify optional Docker sandboxing	2026-04-20 19:27:45 +01:00
Tak Hoffman	c37e49f275	Add /trace toggle and fix Active Memory diagnostics	2026-04-12 13:20:22 -05:00
Peter Steinberger	972ed139a7	fix: make docs anchor audit use Mintlify CLI	2026-04-10 21:39:52 +01:00
Agustin Rivera	905f19230a	Align external marker span mapping (#63885 ) * fix(markers): align external marker spans * fix(browser): ssrfPolicy defaults fail-closed for unconfigured installs (GHSA-53vx-pmqw-863c) * fix(browser): enforce strict default SSRF policy * chore(changelog): add browser SSRF default + marker alignment entry --------- Co-authored-by: Devin Robison <drobison@nvidia.com>	2026-04-10 12:35:20 -06:00
Peter Steinberger	4f9804ec24	docs: refresh config schema and gateway tool mirrors	2026-04-04 21:43:09 +01:00
Peter Steinberger	1ae356c40c	docs: refresh sandbox bind security refs	2026-04-04 20:57:37 +01:00
Peter Steinberger	976bc47458	docs: refresh gateway rpc safe-flow mirrors	2026-04-04 20:32:28 +01:00
Peter Steinberger	b1279b0db3	docs: refresh untrusted file wrapper refs	2026-04-04 19:39:09 +01:00
Peter Steinberger	0c3ec064f1	docs: refresh OpenResponses file input refs	2026-04-04 19:13:44 +01:00
Peter Steinberger	4db910698a	docs: refresh sandbox and security elevated refs	2026-04-04 18:39:12 +01:00
Peter Steinberger	89535f9313	docs: refresh pairing locality refs	2026-04-04 16:13:04 +01:00
Peter Steinberger	9ac9edff43	docs: refresh gateway operator scope refs	2026-04-04 15:25:57 +01:00
Peter Steinberger	114496871d	docs: refresh tailscale auth rate limit refs	2026-04-04 14:30:13 +01:00
Peter Steinberger	07c7c4b9ec	docs: refresh tailscale http auth refs	2026-04-04 14:13:36 +01:00
Peter Steinberger	022618e887	docs: refresh browser auth refs	2026-04-04 14:04:24 +01:00
Peter Steinberger	0afd30d325	docs: refresh shared-secret auth mirrors	2026-04-04 14:02:29 +01:00
Peter Steinberger	b0025b1921	docs: refresh hook ingress security refs	2026-04-04 13:59:09 +01:00
Peter Steinberger	c63a32661a	docs: refresh gateway auth overview mirrors	2026-04-04 13:54:15 +01:00
Peter Steinberger	11d17b3c38	docs: refresh control ui device identity refs	2026-04-04 13:52:23 +01:00
Peter Steinberger	4991cd66ef	docs: refresh reverse proxy hardening refs	2026-04-04 13:47:59 +01:00
Peter Steinberger	62babffc40	docs: refresh security audit reference docs	2026-04-04 13:42:47 +01:00
Peter Steinberger	375bd73ce1	docs: refresh security fix refs	2026-04-04 13:35:42 +01:00
Peter Steinberger	3100984a33	docs: refresh browser origin auth refs	2026-04-04 12:34:11 +01:00
Peter Steinberger	aaa173a4a7	docs: clarify node exec approval binding	2026-04-04 12:18:32 +01:00
Peter Steinberger	7671f4f1e3	docs: clarify gateway and plugin http auth scopes	2026-04-04 09:01:05 +01:00
huntharo	c4f40c3f7d	Plugins: allow unsafe-force override on update	2026-04-04 01:49:35 +09:00
Peter Steinberger	a6649201b7	docs: clarify default subagent allowlists	2026-04-03 19:45:05 +09:00
Vincent Koc	2f013b68f8	docs: add missing changelog entries and update context visibility security docs	2026-04-03 12:39:45 +09:00
Peter Steinberger	35e1605147	feat: add configurable context visibility	2026-04-03 04:34:57 +09:00
Peter Steinberger	4269f40811	docs(security): clarify exec yolo default	2026-04-02 14:52:51 +01:00
Peter Steinberger	8b2d24b62b	docs(security): clarify node pairing trust boundary	2026-04-01 18:27:23 +09:00
Peter Steinberger	0d7f1e2c84	feat(security): fail closed on dangerous skill installs	2026-03-31 23:27:20 +09:00
Peter Steinberger	44b9936136	feat(plugins): add dangerous unsafe install override	2026-03-31 23:16:11 +09:00
Peter Steinberger	cbfeecfab4	fix(gateway): restore shared-secret HTTP tool invoke auth	2026-03-31 22:55:15 +09:00

1 2 3 4

163 Commits