vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-06 09:30:43 +00:00
Code Issues Packages Projects Releases Wiki Activity
38,453 Commits 1,843 Branches 149 Tags
b8372a714ccc5d1d8a26a12d3e8d941687d664b7
Commit Graph

38453 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Agustin Rivera
b8372a714c fix(auth): bound bootstrap handoff scopes (#72919) 
* fix(auth): bound bootstrap handoff scopes

Co-authored-by: zsx <git@zsxsoft.com>

* fix(auth): log stripped bootstrap scopes

* docs: add changelog entry for bootstrap handoff scope bounds

---------

Co-authored-by: zsx <git@zsxsoft.com>
Co-authored-by: Devin Robison <drobison@nvidia.com>
 2026-04-29 14:11:16 -06:00
Vincent Koc
60c2a90550 fix(ui): gate control ui raw copy 2026-04-29 13:09:47 -07:00
Vincent Koc
c9156cd9a8 chore(ci): add network SSRF CodeQL shard 
Adds a narrow critical-security CodeQL shard for the network/SSRF boundary and documents the new category.
 2026-04-29 13:08:46 -07:00
Peter Steinberger
65e969aeea ci(dup): split duplicate scans 2026-04-29 21:02:24 +01:00
Agustin Rivera
fef42acda0 fix(commands): scope owner allowlist prefixes (#72928) 
* fix(commands): scope owner allowlist prefixes

Co-authored-by: zsx <git@zsxsoft.com>

* fix(commands): annotate owner allowlist short-circuit

* docs: move changelog entry to unreleased fixes

---------

Co-authored-by: zsx <git@zsxsoft.com>
Co-authored-by: Devin Robison <drobison@nvidia.com>
 2026-04-29 14:00:07 -06:00
Josh Lehman
f05b789736 test: align Codex provider payload test (#74536) 2026-04-29 12:56:27 -07:00
Michael Appel
665b0ef542 fix(agents): move groupId trust check into resolveGroupToolPolicy for all callers [AI-assisted] (#73720) 
* fix: address issue

* fix: address review feedback

* fix(gateway): validate groupId against session key before persisting to session entry

* test(gateway): verify groupId is validated against session key before session entry write

* fix(agents): trust stored group metadata

* fix(gateway): keep first group selectors

* docs: add group policy trust changelog entry

---------

Co-authored-by: Devin Robison <drobison@nvidia.com>
 2026-04-29 13:56:26 -06:00
clawsweeper[bot]
7c51cd2baf fix(device-pair): reject invalid remote setup URLs 
Fail setup-code generation when gateway.remote.url is configured but malformed, instead of falling back to a bind-derived URL and issuing a bootstrap token.
 2026-04-29 20:45:33 +01:00
Vincent Koc
21b3eb5c34 test(memory-wiki): remove duplicate fixture keys 2026-04-29 12:43:01 -07:00
Peter Steinberger
dac7237494 ci: shard release validation hotspots 2026-04-29 20:40:42 +01:00
Peter Steinberger
fdba408bce fix: restore codex verbose full output 2026-04-29 20:36:36 +01:00
clawsweeper[bot]
8a3507e310 fix(memory-wiki): route natural people questions 
Let route-question searches match people-routing metadata from natural-language prompts, and allow wiki_apply evidence provenance fields that the markdown parser already supports.
 2026-04-29 20:36:31 +01:00
Devin Robison
4808361fca fix: gate startup context for sandboxed spawned sessions (#73611) 
* fix: gate startup context for sandboxed spawned sessions

* docs: add startup sandbox changelog entry

* fix: address startup sandbox review feedback

* test: format startup sandbox coverage
 2026-04-29 13:35:55 -06:00
Vincent Koc
3abc90aac5 test(scripts): remove managed child race 2026-04-29 12:34:41 -07:00
Val Alexander
323985f4ca fix(ui): align sidebar trigger affordances 
Align the Control UI and exported transcript sidebar triggers around a shared accessible hamburger affordance.
 2026-04-29 20:33:39 +01:00
Vincent Koc
f55b810412 docs(changelog): backfill last 6h user-facing entries 
Adds six missing entries for commits that landed without their own
CHANGELOG.md update, picked from the last six hours of origin/main and
attributed to the original contributors.

Changes:
- Control UI/i18n locale registry expansion + new docs glossaries
  (297f4c6e60, 0126692bf5 by @vincentkoc).
- Gateway/diagnostics opt-in startup timeline (097eed8cd8, d001c3436b,
  e69da9d578 by @shakkernerd).

Fixes:
- Matrix `verify confirm-sas` cross-signing close (86956f71e6 by
  @nklock; #74542).
- `openclaw status` channel context-window overrides (eb7d89f4b9 by
  @HemantSudarshan).
- Sandbox Docker daemon graceful when sandbox mode is off (2dadc82cf4
  by @kaseonedge; #73671).
- Control UI mobile chat settings persisted via Lit state (b1c515270e
  by @BunsDev).

Skipped Peter-only commits with no external collaborator (per the
maintainer-attribution rule against thanking @steipete) and the model
list auth-index series (already covered by the existing "Models/UI:
hide unauthenticated providers" entry).
 2026-04-29 12:31:29 -07:00
Jeff
9b6670d5c9 fix(ssrf): allow IPv6 fake-ip SSRF opt-in 
Allow trusted fake-IP proxy stacks to opt into IPv6 unique-local SSRF resolution without opening broader private-network access.
 2026-04-29 20:31:17 +01:00
github-actions[bot]
cd00a6d6dd chore(ui): refresh fa control ui locale 2026-04-29 19:29:08 +00:00
github-actions[bot]
070129f34f chore(ui): refresh nl control ui locale 2026-04-29 19:28:59 +00:00
github-actions[bot]
d6918113f0 chore(ui): refresh vi control ui locale 2026-04-29 19:28:23 +00:00
github-actions[bot]
9ffc2f9d06 chore(ui): refresh th control ui locale 2026-04-29 19:27:46 +00:00
github-actions[bot]
38694111aa chore(ui): refresh id control ui locale 2026-04-29 19:27:43 +00:00
github-actions[bot]
ec0836693c chore(ui): refresh pl control ui locale 2026-04-29 19:27:40 +00:00
Vincent Koc
e1c97cb24d fix(memory-wiki): satisfy CI guard checks 2026-04-29 12:27:22 -07:00
github-actions[bot]
9af0a7153e chore(ui): refresh it control ui locale 2026-04-29 19:26:53 +00:00
github-actions[bot]
5de9145562 chore(ui): refresh ar control ui locale 2026-04-29 19:26:45 +00:00
github-actions[bot]
fe15e1e83e chore(ui): refresh uk control ui locale 2026-04-29 19:26:43 +00:00
github-actions[bot]
dba4487d05 chore(ui): refresh tr control ui locale 2026-04-29 19:26:28 +00:00
github-actions[bot]
fd98ce3c15 chore(ui): refresh ko control ui locale 2026-04-29 19:25:41 +00:00
github-actions[bot]
8b54c71f90 chore(ui): refresh fr control ui locale 2026-04-29 19:25:36 +00:00
github-actions[bot]
09d7c66c06 chore(ui): refresh ja-JP control ui locale 2026-04-29 19:25:27 +00:00
github-actions[bot]
9168ad1b19 chore(ui): refresh es control ui locale 2026-04-29 19:25:06 +00:00
github-actions[bot]
6e940d3cc8 chore(ui): refresh de control ui locale 2026-04-29 19:24:37 +00:00
github-actions[bot]
e2ffc49f9a chore(ui): refresh zh-TW control ui locale 2026-04-29 19:24:34 +00:00
github-actions[bot]
da0e96dbbb chore(ui): refresh pt-BR control ui locale 2026-04-29 19:24:27 +00:00
Peter Steinberger
d2e55b01f2 perf(tests): speed up channel plugin id tests 2026-04-29 20:24:12 +01:00
Peter Steinberger
4aedffd37a refactor(plugins): split loader runtime helpers (#74545) 
* refactor(plugins): split loader runtime helpers

* test(scripts): include discord api barrel lane

* test(ci): align built artifact guard expectations

* fix(plugins): avoid redundant cache key assertion
 2026-04-29 19:22:41 +00:00
openclaw-clownfish[bot]
648ed69f82 fix(control-ui): repair zh-CN localization coverage 
Route remaining Control UI agent, debug, channel refresh, and exec approval copy through the locale source of truth.

Preserve the English Cron Jobs tab label, keep the security audit command monospace, and regenerate locale metadata against current main.

Verified locally:
- pnpm test ui/src/ui/views/agents.test.ts ui/src/ui/views/debug.test.ts ui/src/ui/views/exec-approval.test.ts
- pnpm ui:i18n:check
- pnpm exec oxfmt --check --threads=1 ui/src/i18n/locales/en.ts ui/src/i18n/locales/zh-CN.ts ui/src/ui/views/agents-panels-status-files.ts ui/src/ui/views/agents.ts ui/src/ui/views/agents.test.ts ui/src/ui/views/debug.ts ui/src/ui/views/debug.test.ts ui/src/ui/views/exec-approval.ts ui/src/ui/views/exec-approval.test.ts
- git diff --check origin/main...HEAD
 2026-04-29 14:22:36 -05:00
Peter Steinberger
3059702687 feat(memory-wiki): add agent-facing people wiki metadata 2026-04-29 20:17:37 +01:00
Vyctor Huggo Przozwski da Silva
ccb8472daf fix(agents): preserve seeded Anthropic text blocks 
* fix(agents): preserve seeded Anthropic text blocks

* docs(changelog): note Anthropic seeded block fix

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
 2026-04-29 20:16:52 +01:00
辉哥
4eb30fc13a fix(media): surface vision pipeline diagnostics 
* fix: improve error message in optimizeImageToJpeg to include actual error details

* fix: improve error message to include configured input for Model does not support images

* fix(media): surface vision pipeline diagnostics

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
 2026-04-29 20:13:19 +01:00
Peter Steinberger
945c910f20 test: remove redundant migration runtime assertion 2026-04-29 20:09:50 +01:00
Vincent Koc
26c03c761f test(ci): align CI guard expectations 2026-04-29 12:09:09 -07:00
Vyctor Huggo Przozwski da Silva
06b1d4e0f7 fix(agents): avoid empty Codex Responses input 2026-04-29 20:08:49 +01:00
Peter Steinberger
4b4e0c82e4 perf(tests): avoid channel plugin imports in system prompt 2026-04-29 20:06:07 +01:00
Peter Steinberger
b0ae867034 refactor(migration): share cached config runtime helper 2026-04-29 20:05:23 +01:00
Vyctor Huggo Przozwski da Silva
97e2f5b332 fix(auto-reply): honor direct silent empty replies 
* fix(auto-reply): allow direct silent empty replies

* fix(auto-reply): guard direct silent empty replies
 2026-04-29 20:02:38 +01:00
Hemant Sudarshan
eb7d89f4b9 fix(status): honor channel model context windows 2026-04-29 19:58:21 +01:00
Peter Steinberger
57e4994caf ci: speed up release validation 2026-04-29 19:55:37 +01:00
clawsweeper[bot]
fc2d957923 test(infra): assert dotenv logger warning sink 
Co-authored-by: openclaw-clawsweeper[bot] <280122609+openclaw-clawsweeper[bot]@users.noreply.github.com>
 2026-04-29 19:55:18 +01:00