vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-06 11:10:45 +00:00
Code Issues Packages Projects Releases Wiki Activity
33,928 Commits 1,843 Branches 149 Tags
c8aec6b951acc9c46df4d370d56e5f5450bb2b04
Commit Graph

251 Commits

Author SHA1 Message Date
Peter Steinberger
6929fa764c test(browser): avoid flaky CDP SSRF timeout 2026-04-23 07:37:50 +01:00
Peter Steinberger
cc9dcd3d69 fix(gateway): prefer linux child OOM victims 
Raise eligible Linux child processes own oom_score_adj from a child-side /bin/sh exec shim so cgroup memory pressure prefers transient workers over the long-lived gateway. Cover supervisor children, PTY shells, MCP stdio servers, and OpenClaw-launched browser processes through the shared process runtime seam.

Harden the wrapper for distroless images, shell startup env, per-child and process-level opt-outs, dash-compatible exec, and leading-dash command names. Document Linux verification and OOM behavior.

Fixes #70404.

Co-authored-by: Neerav Makwana <261249544+neeravmakwana@users.noreply.github.com>
 2026-04-23 05:23:40 +01:00
Peter Steinberger
b2472d6560 build: migrate schema deps to typebox 2026-04-23 04:59:42 +01:00
Peter Steinberger
f88da75ed9 refactor(channels): centralize runtime binding routes 2026-04-22 23:16:57 +01:00
Peter Steinberger
b648830632 fix: clarify browser playwright-core install guidance 2026-04-22 21:47:58 +01:00
Peter Steinberger
fd93b7f2ab perf(test): avoid bundled setup in auto-enable tests 2026-04-22 17:13:42 +01:00
Peter Steinberger
8bfb4024f6 test: harden qa parity config cleanup 2026-04-22 08:52:55 +01:00
Peter Steinberger
00cdab99bf test: harden ci timing cleanup 2026-04-22 04:45:19 +01:00
Peter Steinberger
e92079be6b fix: finish browser click timeout recovery (#63524) 2026-04-22 03:08:36 +01:00
Dongseok Paeng
cd82b94333 fix(browser): propagate click aborts through agent act routes 
Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-openagent)

Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>
 2026-04-22 03:08:36 +01:00
Dongseok Paeng
adc05f090a fix(browser): time out stuck chrome mcp clicks 
Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-openagent)

Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>
 2026-04-22 03:08:36 +01:00
ayeshakhalid192007-dev
55c415a1da fix(browser): address review comments on Chrome MCP timeout handling 2026-04-22 03:02:49 +01:00
ayeshakhalid192007-dev
88268aa2cd fix(browser): make chrome.internal tests pass on Linux (existsSync mock) 2026-04-22 03:02:49 +01:00
ayeshakhalid192007-dev
dc9c46a8df fix(browser): reset Chrome MCP session after navigate_page timeout 
navigateChromeMcpPage() now always passes a timeout to the Chrome MCP
navigate_page tool (defaulting to CHROME_MCP_NAVIGATE_TIMEOUT_MS when
the caller omits timeoutMs), and callTool() grows an optional safety-net
that tears down a stuck session via Promise.race so the next caller gets
a fresh subprocess. The catch block gains a transport-identity guard to
avoid clobbering a concurrently-created replacement session.
 2026-04-22 03:02:49 +01:00
Patrick Erichsen
efb7d426cf fix(browser): reject ax<N> refs in act path instead of timing out (#69924) 2026-04-21 18:43:27 -07:00
Peter Steinberger
7b1871b99b fix(browser): clarify DevToolsActivePort attach failures 2026-04-21 08:11:41 +01:00
Peter Steinberger
5945d4145a fix(test): keep browser vitest mock out of runtime scan 2026-04-20 20:45:42 +01:00
Peter Steinberger
84d8cb0826 test: share browser security mock 2026-04-20 20:36:23 +01:00
Peter Steinberger
d033662145 test: share browser cdp fixtures 2026-04-20 20:33:22 +01:00
Peter Steinberger
28f7745a5e test: share browser route fixtures 2026-04-20 20:30:06 +01:00
Peter Steinberger
975b989de6 test: reduce module reload churn 2026-04-20 20:28:47 +01:00
Peter Steinberger
76052a4e01 refactor: share browser runtime helpers 2026-04-20 16:32:28 +01:00
Peter Steinberger
0010b246c0 test: share browser tab route fixtures 2026-04-20 16:29:20 +01:00
Peter Steinberger
74967abd51 refactor: share browser path helpers 2026-04-20 16:27:11 +01:00
Peter Steinberger
c067c16360 perf(test): shorten browser chrome timeout probes 2026-04-20 16:09:37 +01:00
Peter Steinberger
1148f245c8 build(deps): declare extension runtime dependencies 2026-04-20 16:07:14 +01:00
Peter Steinberger
3a99b8b9e1 perf(test): preload browser server harness 2026-04-20 15:22:42 +01:00
Peter Steinberger
795a8042a1 perf(test): tighten chrome internal timeouts 2026-04-20 15:12:20 +01:00
Peter Steinberger
8116e638f3 chore: release 2026.4.20 2026-04-20 13:16:40 +01:00
Mariano
8cb73844c8 browser: route existing-session user profile through browser nodes (#68891) 
* browser: route user profile through browser nodes

* browser: align existing-session node docs

* browser: preserve host fallback on node discovery errors

* browser: preserve configured node pin errors

* browser: widen config mock in node pin test
 2026-04-19 12:21:23 +02:00
Viz
4cfc8cd5be fix(browser): discover CDP websocket from bare ws:// URL before attach (#68715) 
* fix(browser): discover CDP websocket from bare ws:// URL before attach

When browser.cdpUrl is set to a bare ws://host:port (no /devtools/ path), ensureBrowserAvailable would call isChromeReachable -> canOpenWebSocket against the URL verbatim. Chrome only accepts WebSocket upgrades at the specific path returned by /json/version, so the handshake failed immediately with HTTP 400. With attachOnly: true, that surfaced as:

  Browser attachOnly is enabled and profile "openclaw" is not running.

even though the CDP endpoint was reachable and the profile was healthy. Reproduced by the new tests in chrome.test.ts and cdp.test.ts (#68027).

Fix: introduce isDirectCdpWebSocketEndpoint(url) — true only when a ws/wss URL has a /devtools/<kind>/<id> handshake path. Route any other ws/wss cdpUrl (including the bare ws://host:port shape) through HTTP /json/version discovery by normalising the scheme via the existing normalizeCdpHttpBaseForJsonEndpoints helper. Apply this in isChromeReachable, getChromeWebSocketUrl, and createTargetViaCdp. Direct WS endpoints with a /devtools/ path are still opened without an extra discovery round-trip.

Fixes #68027

* test(browser): add seeded fuzz coverage for CDP URL helpers

Adds property-based / seeded-fuzz tests for the URL helpers the
attachOnly CDP fix depends on (#68027):

  - isWebSocketUrl
  - isDirectCdpWebSocketEndpoint
  - normalizeCdpHttpBaseForJsonEndpoints
  - parseBrowserHttpUrl
  - redactCdpUrl
  - appendCdpPath
  - getHeadersWithAuth

Follows the existing repo convention (see
src/gateway/http-common.fuzz.test.ts): no fast-check dep, small
mulberry32 PRNG + hand-rolled generators, deterministic per-describe
seeds so failures are reproducible.

Lifts cdp.helpers.ts coverage from 77.77% -> 89.54% statements,
67.9% -> 80.24% branches, 78% -> 90% lines. Remaining uncovered
lines are inside the WS sender internals (createCdpSender,
withCdpSocket, fetchCdpChecked rate-limit branch), which require
integration-style mocks and are unrelated to the attachOnly fix.

* test(browser): drive cdp.helpers/cdp/chrome to 100% coverage

Lifts the three files touched by the #68027 attachOnly fix to 100% statements/branches/functions/lines across the extensions test suite. Adds cdp.helpers.internal.test.ts, cdp.internal.test.ts, and chrome.internal.test.ts covering error paths, branch matrices, CDP session helpers, Chrome spawn/launch/stop flows, and canRunCdpHealthCommand. Defensively unreachable guards are annotated with c8 ignore + inline justifications.

* fix(browser): restore WS fallback for non-/devtools ws:// CDP URLs

When /json/version discovery is unavailable (or returns no
webSocketDebuggerUrl), fall back to treating the original bare ws/wss
URL as a direct WebSocket endpoint. This preserves the #68027 fix for
Chrome's debug port while restoring compatibility with Browserless/
Browserbase-style providers that expose a direct WebSocket root without
a /json/version endpoint.

Priority order for bare ws/wss cdpUrl inputs:
  1. /devtools/<kind>/<id> URL \u2192 direct handshake, no discovery (unchanged)
  2. bare ws/wss root \u2192 try HTTP discovery first; if discovery returns a
     webSocketDebuggerUrl use it; otherwise fall back to the original URL
     as a direct WS endpoint
  3. HTTP/HTTPS URL \u2192 HTTP discovery only, no fallback (unchanged)

Affected call sites: isChromeReachable, getChromeWebSocketUrl,
createTargetViaCdp.

Also renames a misleading test ('still enforces SSRF policy for direct
WebSocket URLs') to accurately describe what it tests: SSRF enforcement
on the navigation target URL, not on the CDP endpoint.

New tests added for all three fallback paths. Coverage remains 100% on
all three touched files (238 tests).

* fix: browser attachOnly bare ws CDP follow-ups (#68715) (thanks @visionik)
 2026-04-19 05:43:39 -04:00
Peter Steinberger
ac8f0c9c0d chore: prepare 2026.4.19-beta.1 release 2026-04-19 02:09:43 +01:00
Peter Steinberger
58da2f5897 fix(browser): improve CDP startup diagnostics 2026-04-18 23:44:27 +01:00
Peter Steinberger
73728127b6 refactor(browser): share SSRF hostname allowlist helper 2026-04-18 23:28:37 +01:00
Peter Steinberger
1fd049e307 fix: scope remote CDP host allowlist (#68207) 2026-04-18 22:54:54 +01:00
HansY
e90c89cf8b fix(browser): auto-allowlist configured CDP hostnames in SSRF policy 2026-04-18 22:54:54 +01:00
Peter Steinberger
a5d6330f87 refactor: cache remaining runtime imports 2026-04-18 20:08:04 +01:00
Peter Steinberger
1f1ff0567a refactor(lint): reduce map spread patterns 2026-04-18 19:27:43 +01:00
Peter Steinberger
cc919db83b chore(lint): enable async endpoint handler rule 2026-04-18 19:27:43 +01:00
Peter Steinberger
df525b90f2 chore(lint): enable unnecessary type parameter rule 2026-04-18 18:31:13 +01:00
Peter Steinberger
66385670e4 refactor: reduce unnecessary dynamic imports 2026-04-18 16:15:33 +01:00
Peter Steinberger
3f2e73b723 chore(release): bump version to 2026.4.18 2026-04-18 15:46:33 +01:00
Ziy
4b5987829d fix: redact credentials in browser.cdpUrl config paths (#67679) 
Merged via squash.

Prepared head SHA: 77bc2c50ce
Co-authored-by: Ziy1-Tan <49604965+Ziy1-Tan@users.noreply.github.com>
Co-authored-by: hxy91819 <8814856+hxy91819@users.noreply.github.com>
Reviewed-by: @hxy91819
 2026-04-18 14:22:58 +08:00
Peter Steinberger
5817a76236 test: merge browser contract server suites 2026-04-17 07:15:27 +01:00
Peter Steinberger
daaebb8558 test: split browser snapshot target helper 2026-04-17 07:15:27 +01:00
Peter Steinberger
132d3c76a0 test: reuse browser server harness imports 2026-04-17 07:15:27 +01:00
Peter Steinberger
0dc4c4076c chore: bump version to 2026.4.16 2026-04-17 00:45:04 +01:00
Tak Hoffman
4f00b76925 fix(context-window): Tighten context limits and bound memory excerpts (#67277) 
* Tighten context limits and bound memory excerpts

* Align startup context defaults in config docs

* Align qmd memory_get bounds with shared limits

* Preserve qmd partial memory reads

* Fix shared memory read type import

* Add changelog entry for context bounds
 2026-04-15 13:06:02 -05:00
Peter Steinberger
b3fa5880dd build(extensions): bump bundled plugin versions to 2026.4.15-beta.1 2026-04-15 15:06:13 +01:00
Mason Huang
7eecfa411d fix(browser): unblock loopback CDP readiness under strict SSRF defaults (#66354) 
Merged via squash.

Prepared head SHA: d9030ff2f0
Co-authored-by: hxy91819 <8814856+hxy91819@users.noreply.github.com>
Co-authored-by: hxy91819 <8814856+hxy91819@users.noreply.github.com>
Reviewed-by: @hxy91819
 2026-04-14 16:30:43 +08:00