vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-04-09 08:11:09 +00:00
Code Issues Packages Projects Releases Wiki Activity
24,683 Commits 1,175 Branches 101 Tags
b40ef364b71cd686c1ee87db5499d5cc0deca4ef
Commit Graph

4399 Commits

Author SHA1 Message Date
wangchunyue
b40ef364b7 fix: pin admin-only subagent gateway scopes (#59555) (thanks @openperf) 
* fix(agents): pin subagent gateway calls to admin scope to prevent scope-upgrade pairing failures

callSubagentGateway forwards params to callGateway without explicit scopes,
so callGatewayLeastPrivilege negotiates the minimum scope per method
independently.  The first connection pairs the device at a lower tier and
every subsequent higher-tier call triggers a scope-upgrade handshake that
headless gateway-client connections cannot complete interactively
(close 1008 "pairing required").

Pin callSubagentGateway to operator.admin so the device is paired at the
ceiling scope on the very first (silent, local-loopback) handshake, avoiding
any subsequent scope-upgrade negotiation entirely.

Fixes #59428

* fix: pin admin-only subagent gateway scopes (#59555) (thanks @openperf)

---------

Co-authored-by: Ayaan Zaidi <hi@obviy.us>
 2026-04-02 19:40:03 +05:30
Vincent Koc
b0f94a227b refactor(providers): normalize transport policy wiring (#59682) 
* refactor(providers): normalize transport policy wiring

* fix(providers): address transport policy review

* fix(providers): harden transport overrides

* fix(providers): keep env proxy tls separate

* fix(changelog): note provider transport policy hardening
 2026-04-02 22:54:34 +09:00
Peter Steinberger
c678ae7e7a feat(exec): default host exec to yolo 2026-04-02 14:52:51 +01:00
Vincent Koc
cfbad0a4f9 fix(providers): unify request policy resolution (#59653) 
* fix(providers): unify request policy resolution

* fix(providers): preserve request config SDK contract

* fix(providers): harden request header policy
 2026-04-02 21:42:11 +09:00
Vincent Koc
6eca1949d5 refactor(plugins): tighten web fetch provider boundary (#59646) 
* refactor(plugins): tighten web fetch provider boundary

* fix(config): sync fetch secret parity and baseline

* fix(ci): enforce web fetch boundary guard
 2026-04-02 20:53:57 +09:00
Vincent Koc
5abd5d889f fix(providers): classify copilot native endpoints (#59644) 
* fix(providers): classify copilot native endpoints

* fix(changelog): add copilot endpoint note

* fix(providers): handle copilot proxy hints
 2026-04-02 20:51:46 +09:00
Vincent Koc
c405bcfa98 refactor(providers): centralize request capabilities (#59636) 
* refactor(providers): centralize request capabilities

* fix(providers): harden comparable base url parsing
 2026-04-02 20:26:22 +09:00
Vincent Koc
38d2faee20 !feat(plugins): add web fetch provider boundary (#59465) 
* feat(plugins): add web fetch provider boundary

* feat(plugins): add web fetch provider modules

* refactor(web-fetch): remove remaining core firecrawl fetch config

* fix(web-fetch): address review follow-ups

* fix(web-fetch): harden provider runtime boundaries

* fix(web-fetch): restore firecrawl compare helper

* fix(web-fetch): restore env-based provider autodetect

* fix(web-fetch): tighten provider hardening

* fix(web-fetch): restore fetch autodetect and compat args

* chore(changelog): note firecrawl fetch config break
 2026-04-02 20:25:19 +09:00
Vincent Koc
d49460b417 fix(providers): centralize Anthropic endpoint classification (#59608) 
* fix(providers): centralize Anthropic endpoint classification

* fix(agents): share Anthropic thinking recovery gating
 2026-04-02 19:54:43 +09:00
Vincent Koc
707f5485b9 fix(ci): tighten thinking recovery stream types 2026-04-02 19:47:52 +09:00
Vincent Koc
9aa2ef2736 fix(agents): recover Anthropic thinking after crash (#59062) 
* fix(agents): recover Anthropic thinking after crash

* fix(agents): avoid duplicate Anthropic recovery chunks

* fix(agents): preserve Anthropic stream result
 2026-04-02 19:30:25 +09:00
Vincent Koc
0e9a9dae84 fix(providers): centralize Google endpoint classification (#59556) 
* fix(providers): centralize Google endpoint classification

* fix(providers): tighten Google endpoint fallback parsing

* fix(security): harden provider endpoint fallback parsing
 2026-04-02 19:21:31 +09:00
Ayaan Zaidi
176ff18d18 fix: strip antml thinking tags 2026-04-02 14:28:54 +05:30
Vincent Koc
331e835dab fix(providers): centralize stream request headers (#59542) 
* fix(providers): centralize stream request headers

* Update src/agents/provider-request-config.ts

Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>

---------

Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
 2026-04-02 17:21:46 +09:00
Vincent Koc
08962b6812 fix(browser): keep static helper seams cold (#59471) 
* fix(browser): keep static helper seams cold

* fix(browser): narrow sandbox helper facade imports

* fix(browser): harden host inspection helpers
 2026-04-02 17:12:32 +09:00
Ayaan Zaidi
b441cd2f4f fix: normalize kimi anthropic tool payloads (#59440) 
* fix: normalize kimi anthropic tool payloads

* fix: normalize kimi anthropic tool payloads (#59440)
 2026-04-02 13:39:51 +05:30
Gustavo Madeira Santana
8748b7c54c Matrix: keep partial previews aligned with block streaming (#59384) 
Merged via squash.

Prepared head SHA: 981aa35a7c
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-04-02 03:39:27 -04:00
Vincent Koc
ed6012eb5b fix(agents): honor cacheRetention for custom anthropic providers (#59049) 
* fix(agents): honor cacheRetention for custom anthropic providers

* docs(changelog): add cache retention entry

* Update CHANGELOG.md

* test(agents): add direct cache retention assertions
 2026-04-02 14:34:01 +09:00
Vincent Koc
1707493be4 refactor(providers): add internal request config seam (#59454) 2026-04-02 14:28:25 +09:00
Gustavo Madeira Santana
f69570f820 Exec approvals: fix policy source attribution (#59367) 
Merged via squash.

Prepared head SHA: 974945a9f0
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-04-02 01:28:14 -04:00
Vincent Koc
1a037ff6cd refactor(providers): centralize request attribution policy (#59433) 
* refactor(providers): centralize request attribution policy

* style(providers): normalize request policy formatting

* style(providers): normalize request policy formatting

* style(providers): normalize request policy formatting

* docs(changelog): note provider request policy fix

* fix(providers): tighten request policy gates
 2026-04-02 14:10:53 +09:00
Priyansh Gupta
b9c74fc884 fix(image-tool): resolve relative paths against workspaceDir (#57222) 
Relative paths like "inbox/receipt.png" were resolved against
process.cwd() instead of the agent's workspaceDir, causing the
allowlist check to fail with "Local media path is not under an
allowed directory". This matches how the read tool already behaves.

Fixes #57215

Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-02 00:41:09 -04:00
Vincent Koc
7771c69caf fix(plugins): enforce activation before shipped imports (#59136) 
* fix(plugins): enforce activation before shipped imports

* fix(plugins): remove more ambient bundled loads

* fix(plugins): tighten scoped loader matching

* fix(plugins): remove channel-id scoped loader matches

* refactor(plugin-sdk): relocate ambient provider helpers

* fix(plugin-sdk): preserve unicode ADC credential paths

* fix(plugins): restore safe setup fallback
 2026-04-02 11:18:49 +09:00
Gustavo Madeira Santana
ba735d0158 Exec approvals: unify effective policy reporting and actions (#59283) 
Merged via squash.

Prepared head SHA: d579b97a93
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-04-01 22:02:39 -04:00
Gustavo Madeira Santana
32fa5c3be5 fix(agents): resolve compaction wait before channel flush (#59308) 
Merged via squash.

Prepared head SHA: bf17502df8
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-04-01 21:40:23 -04:00
joshavant
c22233d96c Revert "refactor(plugins): remove before_install hook" 2026-04-01 19:57:07 -05:00
Gustavo Madeira Santana
560ea25294 Matrix: restore ordered progress delivery with explicit streaming modes (#59266) 
Merged via squash.

Prepared head SHA: 523623b7e1
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-04-01 19:35:03 -04:00
Logan Ye
d9a7ffe003 failover: classify AbortError / stream-abort messages as timeout (#58315) (#58324) 
Merged via squash.

Prepared head SHA: d8412f27e6
Co-authored-by: yelog <14227866+yelog@users.noreply.github.com>
Co-authored-by: altaywtf <9790196+altaywtf@users.noreply.github.com>
Reviewed-by: @altaywtf
 2026-04-02 00:02:31 +03:00
Josh Lehman
71346940ad refactor: add provider replay runtime hook surfaces (#59143) 
Merged via squash.

Prepared head SHA: 56b41e87a5
Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com>
Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com>
Reviewed-by: @jalehman
 2026-04-01 13:45:41 -07:00
Bruno Lorente
ca76e2fedc fix(cron-tool): add typed properties to job/patch schemas (#55043) 
Merged via squash.

Prepared head SHA: 979bb0e8b7
Co-authored-by: brunolorente <127802443+brunolorente@users.noreply.github.com>
Co-authored-by: altaywtf <9790196+altaywtf@users.noreply.github.com>
Reviewed-by: @altaywtf
 2026-04-01 23:41:19 +03:00
9ra55
5cf254a5f7 fix: honor authHeader provider config by injecting Authorization Bear… (#54390) 
Merged via squash.

Prepared head SHA: 9889615571
Co-authored-by: lndyzwdxhs <16411017+lndyzwdxhs@users.noreply.github.com>
Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com>
Reviewed-by: @jalehman
 2026-04-01 13:18:37 -07:00
Peter Steinberger
00218ac8a4 fix(auth): persist codex oauth refresh tokens 2026-04-01 14:25:33 +01:00
Jacob Tomlinson
14a779ee8d revert: sandbox: block sensitive external bind sources (#59016) 
This reverts commit 8db20c1965.
 2026-04-01 14:01:05 +01:00
Peter Steinberger
131f6dac37 refactor: unify failover signal classification 2026-04-01 21:50:58 +09:00
Peter Steinberger
33fbd9b770 refactor: dedupe auth profile store normalization 2026-04-01 13:37:37 +01:00
openperf
ac68321d4d fix(auth-profiles ): ensure credential key and token are strings to prevent crash 
Fixes #58861
 2026-04-01 21:33:10 +09:00
Peter Steinberger
cd4b03c568 fix: unify structured provider failover classification (#58856) (thanks @aaron-he-zhu) 2026-04-01 21:31:18 +09:00
Aaron Zhu
c96ee42300 fix(agents): normalize provider errors for better failover 
Add provider-specific error patterns for AWS Bedrock, Ollama, Mistral,
Cohere, DeepSeek, Together AI, and Cloudflare Workers AI. These providers
return errors in non-standard formats that the generic classifiers miss,
causing incorrect failover behavior (e.g., context overflow misclassified
as format error, ThrottlingException not recognized as rate limit).

Wire provider patterns into isContextOverflowError() and
classifyFailoverReason() as catch-all layers after generic classifiers.
 2026-04-01 21:31:18 +09:00
Ayaan Zaidi
ef286987e7 test: fix context pruning runtime fixtures 2026-04-01 16:48:00 +05:30
Ayaan Zaidi
f70ad924a6 fix: align cache-ttl pruning with thinking replay sanitization 2026-04-01 16:33:57 +05:30
Ayaan Zaidi
c65e152b39 fix: preserve anthropic thinking replay (#58916) 
* test: add anthropic thinking replay regressions

* fix: preserve anthropic thinking blocks on replay

* fix: preserve anthropic thinking replay (#58916)

* fix: move anthropic replay changelog entry (#58916)
 2026-04-01 16:23:47 +05:30
Vincent Koc
07c60ae461 fix(agent): treat webchat exec approvals as native UI (#58904) 
* fix(agent): treat webchat exec approvals as native UI

* docs(changelog): note webchat exec approval UI fix

* test(agent): cover webchat native approval guidance
 2026-04-01 18:36:21 +09:00
Vincent Koc
2d53ffdec1 fix(exec): resolve remote approval regressions (#58792) 
* fix(exec): restore remote approval policy defaults

* fix(exec): handle headless cron approval conflicts

* fix(exec): make allow-always durable

* fix(exec): persist exact-command shell trust

* fix(doctor): match host exec fallback

* fix(exec): preserve blocked and inline approval state

* Doctor: surface allow-always ask bypass

* Doctor: match effective exec policy

* Exec: match node durable command text

* Exec: tighten durable approval security

* Exec: restore owner approver fallback

* Config: refresh Slack approval metadata

---------

Co-authored-by: scoootscooob <zhentongfan@gmail.com>
 2026-04-01 02:07:20 -07:00
nanakotsai
7f53c1ca00 test(exec): cover delayed Discord approval continuation 2026-04-01 17:56:55 +09:00
nanakotsai
63da2c7034 fix(exec): resume agent session after approval completion 2026-04-01 17:56:55 +09:00
Forgely3D
4fa11632b4 fix: escalate to model fallback after rate-limit profile rotation cap (#58707) 
* fix: escalate to model fallback after rate-limit profile rotation cap

Per-model rate limits (e.g. Anthropic Sonnet-only quotas) are not
relieved by rotating auth profiles — if all profiles share the same
model quota, cycling between them loops forever without falling back
to the next model in the configured fallbacks chain.

Apply the same rotation-cap pattern introduced for overloaded_error
(#58348) to rate_limit errors:

- Add `rateLimitedProfileRotations` to auth.cooldowns config (default: 1)
- After N profile rotations on a rate_limit error, throw FailoverError
  to trigger cross-provider model fallback
- Add `resolveRateLimitProfileRotationLimit` helper following the same
  pattern as `resolveOverloadProfileRotationLimit`

Fixes #58572

* fix: cap prompt-side rate-limit failover (#58707) (thanks @Forgely3D)

* fix: restore latest-main gates for #58707

---------

Co-authored-by: Ember (Forgely3D) <ember@forgely.co>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
 2026-04-01 17:54:10 +09:00
Vincent Koc
8fce663861 fix(subagents): harden task-registry lifecycle writes (#58869) 
* fix(subagents): harden task-registry lifecycle writes

* chore(changelog): note subagent task-registry hardening

* fix(subagents): align lifecycle terminal timestamps

* fix(subagents): sanitize lifecycle warning metadata
 2026-04-01 17:50:52 +09:00
sandpile
1ce410a7be fix(sandbox): use browser image for browser runtime matching (#58759) 
* fix(sandbox): compare browser runtimes against sandbox browser image

* refactor(sandbox): route docker runtime matching by config label kind

* fix(sandbox): tag browser runtime removals correctly

* test(sandbox): share docker backend test config

* fix(sandbox): normalize browser runtime image matching

---------

Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
 2026-04-01 17:44:52 +09:00
Peter Steinberger
32f392eda4 refactor(core): drop old anthropic stream wrapper file 2026-04-01 09:21:48 +01:00
Peter Steinberger
59c23dee09 refactor(anthropic): move stream wrappers into plugin 2026-04-01 09:21:48 +01:00