vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-06 09:00:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
37,956 Commits 1,843 Branches 149 Tags
be445dd1c12840b77055965dd7da1f659236f8f4
Commit Graph

881 Commits

Author SHA1 Message Date
Vincent Koc
e53c45ba94 ci: shard control ui codeql quality 
Adds a narrow CodeQL Critical Quality shard for the Control UI/control-plane surface and fixes the custom-theme font-family ReDoS finding discovered by the new shard.
 2026-04-28 20:24:19 -07:00
Peter Steinberger
3dc6e408b9 ci(release): isolate channel live qa from provider latency 2026-04-29 04:22:01 +01:00
Peter Steinberger
64533ed7b1 ci(release): allow slower qa live canaries 2026-04-29 04:13:15 +01:00
Vincent Koc
86c5f378d6 fix(github): skip clownfish active PR label 2026-04-28 19:51:26 -07:00
Peter Steinberger
ba0f2e948f ci: preinstall ffmpeg for live media checks 2026-04-29 03:48:33 +01:00
Vincent Koc
09e2cf1103 ci: right-size codeql quality runners 
Run CodeQL Critical Quality on 4 vCPU Blacksmith runners.
 2026-04-28 19:26:45 -07:00
Peter Steinberger
13fdeec2cc ci: disable ClawSweeper commit checks by default 2026-04-29 03:25:20 +01:00
Peter Steinberger
7229ec5e04 fix(ci): pin release validation child ref 2026-04-29 01:30:53 +01:00
Peter Steinberger
ceeb3a7398 ci: dispatch commit reviews on main pushes 2026-04-29 01:27:45 +01:00
Peter Steinberger
6249c32826 ci: raise Blacksmith Docker cache caps 2026-04-29 01:14:39 +01:00
Vincent Koc
9c9dcd4d5d ci: shard agent runtime codeql quality 
Add the agent runtime boundary to the CodeQL Critical Quality workflow.
 2026-04-28 16:18:33 -07:00
Peter Steinberger
955b4df093 fix(ci): stabilize full release validation 2026-04-28 23:54:43 +01:00
Peter Steinberger
60861b3823 ci: use api key auth for Codex CLI backend smoke 2026-04-28 23:24:45 +01:00
Peter Steinberger
cc7a209982 fix: normalize QA model refs for parity gates 2026-04-28 23:01:58 +01:00
Vincent Koc
e7947948b6 test(ci): add plugin prerelease suite to CI (#73741) 
* test(ci): route plugin prerelease coverage to plugin shard

* test(ci): add plugin prerelease suite to CI

* fix(ci): preserve pnpm path in plugin prerelease shard

* fix(ci): avoid inheriting secrets for plugin prerelease suite
 2026-04-28 14:52:03 -07:00
Peter Steinberger
69fb7455c6 fix(ci): harden full release validation monitors 2026-04-28 22:36:14 +01:00
Peter Steinberger
d9b46e0551 ci: start repo live release checks earlier 2026-04-28 22:18:41 +01:00
Peter Steinberger
969cb8b4c0 ci: use standard runner for release package preparation 2026-04-28 21:51:30 +01:00
Peter Steinberger
35059d1e3a ci: use standard runner for cross-os preparation 2026-04-28 21:47:35 +01:00
Peter Steinberger
da1084caf2 ci: start release checks on standard runner 2026-04-28 21:14:37 +01:00
Vincent Koc
87172dc9fe fix(ci): harden package acceptance refs 2026-04-28 12:53:05 -07:00
Vincent Koc
3ae69498e2 ci: shard channel codeql security 
Add a narrow channel-runtime CodeQL critical-security shard and document it.
 2026-04-28 12:46:44 -07:00
Peter Steinberger
230f8886c6 ci: keep full release validation children pinned 2026-04-28 20:43:39 +01:00
Peter Steinberger
4a24b23e3e fix(ci): stabilize full release validation 2026-04-28 20:14:14 +01:00
Vincent Koc
bb0461b682 ci: shard channel codeql quality 
Add a narrow channel-runtime CodeQL critical-quality shard and document it.
 2026-04-28 11:52:54 -07:00
Vincent Koc
e476523082 ci: shard gateway codeql quality 
Add a narrow gateway/runtime CodeQL critical-quality shard and document it.
 2026-04-28 11:16:48 -07:00
Vincent Koc
e10f493160 ci: shard config codeql quality 
Split config quality CodeQL results into a separate category while keeping the default quality bucket narrow.
 2026-04-28 04:00:14 -07:00
Peter Steinberger
2a0af6754e ci: narrow ClawSweeper dispatch cancellation 2026-04-28 11:53:06 +01:00
Peter Steinberger
94fc91e235 ci: harden clawsweeper dispatch workflow 2026-04-28 11:35:40 +01:00
Peter Steinberger
7150acba69 ci: debounce clawsweeper dispatch metadata 2026-04-28 11:31:49 +01:00
Vincent Koc
77192572f6 ci: split macos codeql shard 
Split the slow macOS CodeQL job into its own weekly/manual workflow and keep the daily CodeQL default on the fast JS/Actions security path.
 2026-04-28 03:14:07 -07:00
Vincent Koc
5820a48fca ci: add plugin boundary codeql quality shard (#73447) 2026-04-28 02:30:33 -07:00
Vincent Koc
b6a21cde34 ci: schedule android codeql shard (#73430) 2026-04-28 01:54:57 -07:00
Vincent Koc
5ac6d7661c fix(ci): harden workflow checkouts 2026-04-28 01:37:00 -07:00
Peter Steinberger
8ff0ea50b0 ci: stabilize full release validation 2026-04-28 09:26:50 +01:00
Vincent Koc
dbab162abd ci: split codeql quality workflow (#73404) 2026-04-28 01:04:59 -07:00
Peter Steinberger
a811e164e3 ci: speed up full release validation 2026-04-28 09:02:57 +01:00
Peter Steinberger
c7af9c765c ci: tolerate missing clawsweeper dispatch access 2026-04-28 09:02:28 +01:00
Peter Steinberger
bcf4628092 ci: use gpt-5.5 for live OpenAI defaults 2026-04-28 08:27:11 +01:00
Peter Steinberger
39cecd6428 ci: avoid unnecessary docker image pulls 2026-04-28 08:24:29 +01:00
Vincent Koc
1278f0bcc0 fix(codeql): tune Android pinning profile 
Remove noisy missing-certificate-pinning query from the critical Android CodeQL profile; gateway TLS uses custom certificate fingerprint pinning.
 2026-04-27 23:04:16 -07:00
Peter Steinberger
ee75a8ec2c ci: document clawsweeper dispatch trigger 2026-04-28 06:50:33 +01:00
Peter Steinberger
6f3674c8d0 ci: harden ClawSweeper dispatcher credentials 2026-04-28 06:48:38 +01:00
Peter Steinberger
ba17db96a4 ci: skip clawsweeper without app credentials 2026-04-28 06:48:29 +01:00
Peter Steinberger
0fc1cdec45 ci: fix ClawSweeper dispatcher payload 2026-04-28 06:44:26 +01:00
Peter Steinberger
23818600bb ci: add ClawSweeper event dispatcher 2026-04-28 06:43:38 +01:00
Peter Steinberger
017b8db616 ci: speed up release validation shards 2026-04-28 06:14:23 +01:00
Vincent Koc
2bce63cb65 fix(android): harden canvas webview bridge (#73240) 
* fix(android): harden canvas webview bridge

* fix(android): make canvas content access hardening explicit

* fix(android): keep webview hardening inline for CodeQL

* fix(android): avoid webview getter false positive
 2026-04-27 21:41:01 -07:00
Peter Steinberger
000d52be37 ci: pin Google live gateway profile models 2026-04-28 05:19:33 +01:00
Peter Steinberger
d9a6dd0c36 ci: pin OpenAI live gateway profile model 2026-04-28 04:57:48 +01:00