vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-03-12 07:20:45 +00:00
Code Issues Packages Projects Releases Wiki Activity
17,196 Commits 680 Branches 76 Tags
c6472c189f830c9b6d975b2ea03108bd40878c19
Commit Graph

17196 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Peter Steinberger
c6472c189f chore: land #39056 Node version hint sync (thanks @onstash) 
Land contributor change from #39056 and append changelog credit for @onstash.

Co-authored-by: Santosh Venkatraman <santosh.venk@gmail.com>
 2026-03-07 17:51:54 +00:00
Byungsker
7735a0b85c fix(security): use icacls /sid for locale-independent Windows ACL audit (#38900) 
* fix(security): use icacls /sid for locale-independent Windows ACL audit

On non-English Windows editions (Russian, Chinese, etc.) icacls prints
account names in the system locale.  When Node.js reads the output in a
different code page the strings are garbled (e.g. "NT AUTHORITY\???????"
for "NT AUTHORITY\СИСТЕМА"), causing summarizeWindowsAcl to classify SYSTEM
and Administrators as untrusted and flag the config files as "others
writable" — a false-positive security alert.

Fix:
1. Pass /sid to icacls so it outputs security identifiers (*S-1-5-X-...)
   instead of locale-dependent account names.
2. Extend SID_RE to accept the leading * that icacls prepends to SIDs in
   /sid mode: /^\*?s-\d+-\d+(-\d+)+$/i
3. Strip the * before looking up the bare SID in TRUSTED_SIDS / the
   per-user USERSID set so *S-1-5-18 is correctly classified as SYSTEM
   (trusted) and *S-1-5-32-544 as Administrators (trusted).

Tests:
- Update the inspectWindowsAcl "returns parsed ACL entries" assertion to
  expect the /sid flag in the icacls call.
- Add "classifies *S-1-5-18 (icacls /sid prefix form of SYSTEM) as trusted"
  SID classification test.
- Add "classifies *S-1-5-32-544 (icacls /sid Administrators) as trusted".
- Add inspectWindowsAcl end-to-end test with /sid-format mock output
  (*S-1-5-18, *S-1-5-32-544, user SID) — all three classified as trusted.

Fixes #35834

* fix(security): classify world-equivalent SIDs as 'world' when using icacls /sid

When icacls is invoked with /sid, world-equivalent principals like
Everyone, Authenticated Users, and BUILTIN\Users are emitted as raw
SIDs (*S-1-1-0, *S-1-5-11, *S-1-5-32-545). classifyPrincipal() had
no SID-based mapping for these, so they fell through to the generic
'group' category instead of 'world', silently downgrading security
findings that should trigger world-write/world-readable alerts.

Fix: add a WORLD_SIDS constant and check it before falling back to
'group'. Add three regression tests to lock in the behaviour.

* Security: resolve owner SID fallback for Windows ACL audit

---------

Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
 2026-03-07 12:49:33 -05:00
Peter Steinberger
4de697f8fa fix(ci): refresh detect-secrets baseline offsets 2026-03-07 17:42:17 +00:00
Peter Steinberger
46715371b0 fix(security): strip custom auth headers on cross-origin redirects 2026-03-07 17:34:42 +00:00
Peter Steinberger
630485ac98 fix(ci): harden diffs viewer request guard and secret scan baseline 2026-03-07 17:32:30 +00:00
Josh Avant
8e20dd22d8 Secrets: harden SecretRef-safe models.json persistence (#38955) 2026-03-07 11:28:39 -06:00
Peter Steinberger
b08337b902 docs(changelog): credit allowlist scoping report 2026-03-07 17:09:28 +00:00
Peter Steinberger
6f3990ddca refactor(commands): dedupe onboard search perplexity test setup 2026-03-07 17:05:23 +00:00
Peter Steinberger
8e6acded82 refactor(commands): dedupe message command secret-config tests 2026-03-07 17:05:23 +00:00
Peter Steinberger
0a73328053 refactor(cli): dedupe restart health probe setup tests 2026-03-07 17:05:23 +00:00
Peter Steinberger
8fd043abac refactor(cron): dedupe interim retry fallback assertions 2026-03-07 17:05:23 +00:00
Peter Steinberger
d103918891 refactor(commands): dedupe model probe target test fixtures 2026-03-07 17:05:23 +00:00
Peter Steinberger
bffec0f5d5 refactor(discord): dedupe message preflight test runners 2026-03-07 17:05:23 +00:00
Peter Steinberger
9849ee8390 refactor(discord): share message handler test scaffolding 2026-03-07 17:05:23 +00:00
Peter Steinberger
3381efc5c1 refactor(discord): dedupe native command ACP routing test setup 2026-03-07 17:05:23 +00:00
Peter Steinberger
949beca0c2 refactor(slack): dedupe app mention in-flight race setup 2026-03-07 17:05:23 +00:00
Peter Steinberger
d33efeef10 refactor(slack): reuse shared prepare test scaffolding 2026-03-07 17:05:23 +00:00
Peter Steinberger
08aae60dc9 refactor(plugin-sdk): extract shared channel prelude exports 2026-03-07 17:05:23 +00:00
Peter Steinberger
969b9029c0 refactor(slack): dedupe app mention race test setup 2026-03-07 17:05:23 +00:00
Peter Steinberger
5d37139ee5 refactor(line): dedupe replay webhook test fixtures 2026-03-07 17:05:23 +00:00
Peter Steinberger
4575bbbb69 refactor(telegram): dedupe topic agent routing tests 2026-03-07 17:05:23 +00:00
Peter Steinberger
c1eb973e32 refactor(telegram): dedupe native command session-meta fixtures 2026-03-07 17:05:23 +00:00
Peter Steinberger
a82df52753 refactor(extensions): share secret input schema builder 2026-03-07 17:05:23 +00:00
Peter Steinberger
134c1e23d3 refactor(commands): dedupe ACP stream test scaffolding 2026-03-07 17:05:23 +00:00
Peter Steinberger
e51bad0c3a refactor(discord): dedupe preflight test builders 2026-03-07 17:05:23 +00:00
Peter Steinberger
b3fd537740 refactor(line): share command authorization gate logic 2026-03-07 17:05:23 +00:00
Peter Steinberger
f7fef07725 refactor(slack): share account surface field types 2026-03-07 17:05:23 +00:00
Peter Steinberger
d02ef9efc2 refactor(telegram): share account config helpers 2026-03-07 17:05:23 +00:00
Peter Steinberger
398bf51659 refactor(slack): reuse shared account merge helper 2026-03-07 17:05:23 +00:00
Peter Steinberger
d01cb7b65f refactor(cron): share cron schedule resolver 2026-03-07 17:05:23 +00:00
Peter Steinberger
4204c96105 refactor(gateway): share input allowlist normalizer 2026-03-07 17:05:23 +00:00
Vincent Koc
70da80bcb5 Auto-reply: scope allowlist store writes by account (#39015) 
* Auto-reply: scope allowlist store writes

* Tests: cover allowlist store account scoping

* Changelog: note allowlist store scoping hardening
 2026-03-07 08:51:20 -08:00
Peter Steinberger
74912037dc perf: harden chunking against quadratic scans 2026-03-07 16:50:35 +00:00
Peter Steinberger
b393b9e8ff refactor(synology-chat): thread command authorization from webhook gate 2026-03-07 16:48:42 +00:00
Peter Steinberger
44881b0222 fix(diffs): harden proxied local viewer detection 2026-03-07 16:46:02 +00:00
Peter Steinberger
3a50e46cbf fix(nostr): harden profile mutation proxy guards 2026-03-07 16:44:21 +00:00
Peter Steinberger
1dd4f92ea2 fix: default local onboarding tools profile to coding 2026-03-07 16:41:27 +00:00
Vincent Koc
f03f305ade Mattermost: fix interaction action lookup sentinel (#38992) 2026-03-07 08:20:13 -08:00
Muhammed Mukhthar CM
4f08dcccfd Mattermost: add interactive model picker (#38767) 
Merged via squash.

Prepared head SHA: 0883654e88
Co-authored-by: mukhtharcm <56378562+mukhtharcm@users.noreply.github.com>
Co-authored-by: mukhtharcm <56378562+mukhtharcm@users.noreply.github.com>
Reviewed-by: @mukhtharcm
 2026-03-07 21:45:29 +05:30
Florian Hines
33e7394861 fix(providers): make all models available in kilocode provider (#32352) 
* kilocode: dynamic model discovery, kilo/auto default, cooldown exemption

- Replace 9-model hardcoded catalog with dynamic discovery from
  GET /api/gateway/models (Venice-like pattern with static fallback)
- Default model changed from anthropic/claude-opus-4.6 to kilo/auto
  (smart routing model)
- Add createKilocodeWrapper for X-KILOCODE-FEATURE header injection
  and reasoning.effort handling (skip for kilo/auto)
- Add kilocode to cooldown-exempt providers (proxy like OpenRouter)
- Keep sync buildKilocodeProvider for onboarding, add async
  buildKilocodeProviderWithDiscovery for implicit provider resolution
- Per-token gateway pricing converted to per-1M-token for cost fields

* kilocode: skip reasoning injection for x-ai models, harden discovery loop

* fix(kilocode): keep valid discovered duplicates (openclaw#32352, thanks @pandemicsyn)

* refactor(proxy): normalize reasoning payload guards (openclaw#32352, thanks @pandemicsyn)

* chore(changelog): note kilocode hardening (openclaw#32352, thanks @pandemicsyn and @vincentkoc)

* chore(changelog): fix kilocode note format (openclaw#32352, thanks @pandemicsyn and @vincentkoc)

* test(kilocode): support auto-model override cases (openclaw#32352, thanks @pandemicsyn)

* Update CHANGELOG.md

---------

Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
 2026-03-07 08:14:06 -08:00
Jason
786ec21b5a docs(cli): improve memory command examples (#31803) 
Merged via squash.

Prepared head SHA: 15dcda3027
Co-authored-by: JasonOA888 <101583541+JasonOA888@users.noreply.github.com>
Co-authored-by: altaywtf <9790196+altaywtf@users.noreply.github.com>
Reviewed-by: @altaywtf
 2026-03-07 19:03:23 +03:00
Nimrod Gutman
1eb7198bad fix(ios): skip quick setup when a gateway is configured (#38964) 
* fix(ios): hide quick setup when gateway is configured

* fix: note ios quick setup gating for configured gateways (#38964) (thanks @ngutman)
 2026-03-07 17:46:16 +02:00
Nimrod Gutman
0bac6e4d67 fix: add changelog note for ios app store connect release prep (#38936) (thanks @ngutman) 2026-03-07 17:21:07 +02:00
Nimrod Gutman
43ab4f33ad feat(ios): prepare app store connect release assets 2026-03-07 17:21:07 +02:00
Rodrigo Uroz
4c0b873a4d Config/Compaction: expose safeguard preserve and quality settings (#25557) 
Merged via squash.

Prepared head SHA: ea9904039a
Co-authored-by: rodrigouroz <384037+rodrigouroz@users.noreply.github.com>
Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com>
Reviewed-by: @jalehman
 2026-03-07 07:13:13 -08:00
Ayaan Zaidi
bdd0f74188 docs: add changelog for markdown image hardening (#38895) 2026-03-07 19:46:41 +05:30
Ayaan Zaidi
d25b493c7f fix: address markdown image review feedback 2026-03-07 19:46:41 +05:30
Ayaan Zaidi
4bf902de58 fix: flatten remote markdown images 2026-03-07 19:46:41 +05:30
Peter Steinberger
53a7e3b6e5 docs(security): clarify trusted operator control surfaces 2026-03-07 13:52:22 +00:00
Ayaan Zaidi
9e1de97a69 fix(telegram): route native topic commands to the active session (#38871) 
* fix(telegram): resolve session entry for /stop in forum topics

Fixes #38675

- Export normalizeStoreSessionKey from store.ts for reuse
- Use it in resolveSessionEntryForKey so topic session keys (lowercase
  in store) are found when handling /stop
- Add test for forum topic session key lookup

* fix(telegram): share native topic routing with inbound messages

* fix: land telegram topic routing follow-up (#38871)

---------

Co-authored-by: xialonglee <li.xialong@xydigit.com>
 2026-03-07 19:01:16 +05:30