vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-06-24 13:29:34 +00:00
Code Issues Packages Projects Releases Wiki Activity
58,672 Commits 1,843 Branches 149 Tags
c9c19a1106699bb633b74dd67b89cb771cf4069e
Commit Graph

58 Commits

Author SHA1 Message Date
Peter Steinberger
dc23e924ef docs: document gateway runtime startup 2026-06-04 17:26:02 -04:00
Peter Steinberger
85beee613c docs: clarify inline code comments 
Comment-only follow-up documenting reusable gateway, auth, proxy, device, Talk, session, and agent helper contracts.\n\nVerification: git diff --check plus targeted tests recorded in PR body.
 2026-05-31 14:37:41 +01:00
Vincent Koc
3f2585424d perf(gateway): cache plugin HTTP imports 2026-05-30 13:00:30 +02:00
Coy Geek
516356835d fix: Admin HTTP RPC can execute against another live gateway instance (#83487) 
* fix(ar-gdn-cross-gateway-admin-rpc-context-confusion): apply security fix

Generated by staged fix workflow.

* fix(ar-gdn-cross-gateway-admin-rpc-context-confusion): apply security fix

Generated by staged fix workflow.

* fix(gateway): bind plugin HTTP dispatch to server context

* fix(gateway): scope dynamic plugin HTTP routes

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
 2026-05-18 15:59:28 +01:00
Peter Steinberger
4f4d108639 chore(lint): remove underscore-dangle allow list (#83542) 
* chore(lint): reduce underscore-dangle exceptions

* chore(lint): reduce more underscore exceptions

* chore(lint): remove underscore-dangle allow list

* fix(lint): repair underscore cleanup regressions

* test(lint): track version define suppression
 2026-05-18 14:56:06 +01:00
Peter Steinberger
bece8dcbb8 fix: harden generated surface pruning 2026-05-07 09:07:18 +01:00
Peter Steinberger
330ba1fa31 refactor: move canvas to plugin surfaces 2026-05-07 09:07:18 +01:00
Peter Steinberger
03ad3c0684 fix(gateway): log canvas host mount after bind 2026-05-04 09:05:35 +01:00
Peter Steinberger
928c70fb6b perf(gateway): trim startup watcher imports 2026-05-03 14:30:36 +01:00
Peter Steinberger
250376f885 fix: simplify bundled runtime dependency repair (#75183) 
Summary:
- Merged fix: simplify bundled runtime dependency repair after ClawSweeper review.

ClawSweeper fixups:
- Included follow-up commit: fix: verify cached bundled runtime roots
- Included follow-up commit: refactor: simplify plugin runtime startup paths
- Included follow-up commit: refactor: trim plugin startup policy helpers
- Included follow-up commit: refactor: trust package manager runtime deps materialization
- Included follow-up commit: fix: narrow channel runtime deps skip policy
- Included follow-up commit: refactor: defer startup plugin runtime deps
- Ran the ClawSweeper repair loop before final review.

Validation:
- ClawSweeper review passed for head 04dc566534.
- Required merge gates passed before the squash merge.

Prepared head SHA: 04dc566534
Review: https://github.com/openclaw/openclaw/pull/75183#issuecomment-4358383786

Co-authored-by: Peter Steinberger <steipete@gmail.com>
Co-authored-by: Shakker <shakkerdroid@gmail.com>
Co-authored-by: clawsweeper-repair <clawsweeper-repair@users.noreply.github.com>
 2026-05-01 07:49:02 +00:00
Vincent Koc
a494eea6d4 fix(gateway): defer hook request handler imports 2026-04-27 01:26:38 -07:00
Vincent Koc
8440f67935 fix(gateway): defer chat event imports 2026-04-26 23:07:05 -07:00
Vincent Koc
c7d77f8c7b fix(gateway): defer plugin HTTP dispatch 2026-04-26 22:55:26 -07:00
Dale Yarborough
7b5527a74e fix(gateway): prevent 1006 errors from race condition in WebSocket upgrade (#43392) 
Merged via squash.

Prepared head SHA: 0bca6d3512
Co-authored-by: dalefrieswthat <176454532+dalefrieswthat@users.noreply.github.com>
Co-authored-by: grp06 <1573959+grp06@users.noreply.github.com>
Reviewed-by: @grp06
 2026-04-20 16:29:14 -07:00
Michael Appel
acd4e0a32f fix(gateway): re-resolve HTTP auth per-request to honor credential rotation [AI] (#66651) 
* fix: address issue

* fix: address review feedback

* changelog: note HTTP auth per-request rotation honor (#66651)

---------

Co-authored-by: Devin Robison <drobison@nvidia.com>
 2026-04-14 11:00:28 -06:00
Vincent Koc
74e7b8d47b fix(cycles): bulk extract leaf type surfaces 2026-04-11 13:26:50 +01:00
Vincent Koc
7308e72fac fix(cycles): continue seam extraction 2026-04-11 10:43:22 +01:00
Jacob Tomlinson
cb5f7e201f gateway: cap concurrent pre-auth websocket upgrades (#55294) 
* gateway: cap concurrent pre-auth websocket upgrades

* gateway: release pre-auth budget on failed upgrades

* gateway: scope pre-auth budgets to trusted client ip

* gateway: reject upgrades before ws handlers attach

* gateway: cap preauth budget for unknown client ip
 2026-03-27 09:55:27 +00:00
Ayaan Zaidi
03dc287a29 fix: keep minimal gateway channel registry live (#53944) (thanks @affsantos) 2026-03-24 21:33:04 -07:00
affsantos
fae4492d92 fix: re-pin channel registry after deferred plugin reload 
When preferSetupRuntimeForChannelPlugins is active, gateway boot performs
two plugin loads: a setup-runtime pass and a full reload after listen.
The initial pin captured the setup-entry snapshot. The deferred reload now
re-pins so getChannelPlugin() resolves against the full implementations.
 2026-03-24 21:33:04 -07:00
affsantos
61d866838f fix: add inline comment clarifying dual-release scope 
Address Greptile review: releasePluginRouteRegistry now releases both
HTTP-route and channel registry pins. Added comment for clarity.
 2026-03-24 21:33:04 -07:00
affsantos
3a4c860798 fix(gateway): pin channel registry at startup to survive registry swaps 
Channel plugin resolution fails with 'Channel is unavailable: <channel>'
after the active plugin registry is replaced at runtime. The root cause is
that getChannelPlugin() resolves against the live registry snapshot, which
is replaced when non-primary registry loads (e.g., config-schema reads)
call loadOpenClawPlugins(). If the replacement registry does not carry the
same channel entries, outbound message delivery and subagent announce
silently break.

This mirrors the existing pinActivePluginHttpRouteRegistry pattern: the
channel registry is pinned at gateway startup and released on shutdown.
Subsequent setActivePluginRegistry calls no longer evict the channel
snapshot, so getChannelPlugin() always resolves against the registry that
was active when the gateway booted.
 2026-03-24 21:33:04 -07:00
Karan Uppal
550deb8c18 fix: sweep stale chatRunState buffers for stuck runs 
emitChatFinal frees buffers on clean run completion, and the
maintenance timer sweeps abortedRuns after ABORTED_RUN_TTL_MS. But
runs that get stuck (e.g. LLM timeout without triggering clean
lifecycle end) are never aborted and their string buffers persist
indefinitely. This is the direct trigger for the StringAdd_CheckNone
OOM crash reported in the issue.

Add a stale buffer sweep in the maintenance timer that cleans up
buffers, deltaSentAt, and deltaLastBroadcastLen for any run not
updated within ABORTED_RUN_TTL_MS, regardless of abort status.

Closes #51821
 2026-03-22 16:56:19 -07:00
Peter Steinberger
a69f6190ab fix(gateway): pin plugin webhook route registry (#47902) 2026-03-15 21:53:05 -07:00
Peter Steinberger
445ff0242e refactor(gateway): cache hook proxy config in runtime state 2026-03-12 21:43:36 +00:00
Vincent Koc
eff0d5a947 Hardening: tighten preauth WebSocket handshake limits (#44089) 
* Gateway: tighten preauth handshake limits

* Changelog: note WebSocket preauth hardening

* Gateway: count preauth frame bytes accurately

* Gateway: cap WebSocket payloads before auth
 2026-03-12 10:55:41 -04:00
Vincent Koc
ab5fcfcc01 feat(gateway): add channel-backed readiness probes (#38285) 
* Changelog: add channel-backed readiness probe entry

* Gateway: add channel-backed readiness probes

* Docs: describe readiness probe behavior

* Gateway: add readiness probe regression tests

* Changelog: dedupe gateway probe entries

* Docs: fix readiness startup grace description

* Changelog: remove stale readiness entry

* Gateway: cover readiness hardening

* Gateway: harden readiness probes
 2026-03-06 15:15:23 -05:00
Vincent Koc
9c86a9fd23 fix(gateway): support image_url in OpenAI chat completions (#34068) 
* fix(gateway): parse image_url in openai chat completions

* test(gateway): cover openai chat completions image_url flows

* docs(changelog): note openai image_url chat completions fix (#17685)

* fix(gateway): harden openai image_url parsing and limits

* test(gateway): add openai image_url regression coverage

* docs(changelog): expand #17685 openai chat completions note

* Gateway: make OpenAI image_url URL fetch opt-in and configurable

* Diagnostics: redact image base64 payload data in trace logs

* Changelog: note OpenAI image_url hardening follow-ups

* Gateway: enforce OpenAI image_url total budget incrementally

* Gateway: scope OpenAI image_url extraction to the active turn

* Update CHANGELOG.md
 2026-03-06 00:35:50 -05:00
Peter Steinberger
d5ae4b8337 fix(gateway): require local client for loopback origin fallback 2026-03-02 16:37:45 +00:00
Peter Steinberger
2fd8264ab0 refactor(gateway): hard-break plugin wildcard http handlers 2026-03-02 16:24:06 +00:00
Peter Steinberger
cef5fae0a2 refactor(gateway): dedupe origin seeding and plugin route auth matching 2026-03-02 00:42:22 +00:00
Peter Steinberger
53d10f8688 fix(gateway): land access/auth/config migration cluster 
Land #28960 by @Glucksberg (Tailscale origin auto-allowlist).
Land #29394 by @synchronic1 (allowedOrigins upgrade migration).
Land #29198 by @Mariana-Codebase (plugin HTTP auth guard + route precedence).
Land #30910 by @liuxiaopai-ai (tailscale bind/config.patch guard).

Co-authored-by: Glucksberg <markuscontasul@gmail.com>
Co-authored-by: synchronic1 <synchronic1@users.noreply.github.com>
Co-authored-by: Mariana Sinisterra <mariana.data@outlook.com>
Co-authored-by: liuxiaopai-ai <73659136+liuxiaopai-ai@users.noreply.github.com>
 2026-03-02 00:10:51 +00:00
Peter Steinberger
a288f3066f fix(gateway): warn on non-loopback bind at startup (land #25397, thanks @let5sne) 
Co-authored-by: let5sne <let5sne@users.noreply.github.com>
 2026-02-26 12:13:20 +00:00
Peter Steinberger
9af3ec92a5 fix(gateway): add HSTS header hardening and docs 2026-02-23 19:47:29 +00:00
Peter Steinberger
b8b43175c5 style: align formatting with oxfmt 0.33 2026-02-18 01:34:35 +00:00
Peter Steinberger
31f9be126c style: run oxfmt and fix gate failures 2026-02-18 01:29:02 +00:00
cpojer
d0cb8c19b2 chore: wtf. 2026-02-17 13:36:48 +09:00
Sebastian
ed11e93cf2 chore(format) 2026-02-16 23:20:16 -05:00
cpojer
90ef2d6bdf chore: Update formatting. 2026-02-17 09:18:40 +09:00
Peter Steinberger
c1cc28a4e1 refactor(gateway): share broadcast function types 2026-02-15 13:39:59 +00:00
Harald Buerbaumer
30b6eccae5 feat(gateway): add auth rate-limiting & brute-force protection (#15035) 
* feat(gateway): add auth rate-limiting & brute-force protection

Add a per-IP sliding-window rate limiter to Gateway authentication
endpoints (HTTP, WebSocket upgrade, and WS message-level auth).

When gateway.auth.rateLimit is configured, failed auth attempts are
tracked per client IP. Once the threshold is exceeded within the
sliding window, further attempts are blocked with HTTP 429 + Retry-After
until the lockout period expires. Loopback addresses are exempt by
default so local CLI sessions are never locked out.

The limiter is only created when explicitly configured (undefined
otherwise), keeping the feature fully opt-in and backward-compatible.

* fix(gateway): isolate auth rate-limit scopes and normalize 429 responses

---------

Co-authored-by: buerbaumer <buerbaumer@users.noreply.github.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
 2026-02-13 15:32:38 +01:00
George Pickett
a459e237e8 fix(gateway): require auth for canvas host and a2ui assets (#9518) (thanks @coygeek) 2026-02-05 16:37:58 -08:00
Coy Geek
47538bca4d fix: Gateway canvas host bypasses auth and serves files unauthenticated 2026-02-05 16:37:58 -08:00
Gustavo Madeira Santana
38e6da1fe0 TUI/Gateway: fix pi streaming + tool routing + model display + msg updating (#8432) 
* TUI/Gateway: fix pi streaming + tool routing

* Tests: clarify verbose tool output expectation

* fix: avoid seq gaps for targeted tool events (#8432) (thanks @gumadeiras)
 2026-02-04 17:12:16 -05:00
Gustavo Madeira Santana
5935c4d23d fix(ui): fix web UI after tsdown migration and typing changes 2026-02-03 13:56:20 -05:00
cpojer
f06dd8df06 chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts. 2026-02-01 10:03:47 +09:00
cpojer
5ceff756e1 chore: Enable "curly" rule to avoid single-statement if confusion/errors. 2026-01-31 16:19:20 +09:00
Peter Steinberger
9a7160786a refactor: rename to openclaw 2026-01-30 03:16:21 +01:00
Peter Steinberger
6d16a658e5 refactor: rename clawdbot to moltbot with legacy compat 2026-01-27 12:21:02 +00:00
Peter Steinberger
bac80f0886 fix: listen on ipv6 loopback for gateway 2026-01-25 05:49:48 +00:00