vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-04-19 21:21:10 +00:00
Code Issues Packages Projects Releases Wiki Activity
29,870 Commits 1,364 Branches 113 Tags
cb19451132759d34b0aa49239ce6643b5fd2010d
Commit Graph

18535 Commits

Author SHA1 Message Date
Peter Steinberger
84098a2267 fix: keep Codex harness opt-in by default 2026-04-10 21:22:16 +01:00
Peter Steinberger
106256d896 fix: address Codex harness review regressions 2026-04-10 21:22:16 +01:00
Peter Steinberger
bfc0889776 docs: document Codex harness plugin workflow 2026-04-10 21:22:16 +01:00
Peter Steinberger
44ec4d05de feat: add pluggable agent harness registry 2026-04-10 21:22:16 +01:00
Peter Steinberger
fa97004ee1 test: remove duplicate gateway server coverage 2026-04-10 21:15:57 +01:00
Agustin Rivera
851294126b Redact Gmail watcher startup args from log tail (#62661) 
* fix(logging): redact gmail watcher startup args

* fix(logging): normalize redaction formatting

* fix(logging): harden gmail watcher log redaction

* fix(logging): honor configured log tail redaction

* fix(logging): skip redact pattern resolution when off

* fix(logging): reuse compiled redact regexes

* chore: untrack USER.md (covered by .gitignore)

* chore: untrack USER.md (covered by .gitignore)

* fix(logging): avoid double-resolution in log-tail redaction

* fix(logging): redact across line boundaries for multiline patterns

* fix(logging): guard redactSensitiveLines against empty input

* chore(changelog): add Gmail watcher log redaction entry

---------

Co-authored-by: Devin Robison <drobison@nvidia.com>
 2026-04-10 14:07:28 -06:00
Peter Steinberger
733137615f test: trim agents shard waits 2026-04-10 21:07:12 +01:00
Agustin Rivera
eab6fcedaa Ensure ACPX plugin-tools bridge honors before_tool_call (#63886) 
* fix(acpx): honor tool hook on plugin bridge

Co-authored-by: smaeljaish771 <smaeljaish771@gmail.com>

* chore(changelog): add ACPX plugin-tools before_tool_call entry

---------

Co-authored-by: smaeljaish771 <smaeljaish771@gmail.com>
Co-authored-by: Devin Robison <drobison@nvidia.com>
 2026-04-10 14:05:34 -06:00
Extra Small
abb4736267 fix(skills): add missing opening --- to taskflow and taskflow-inbox-triage SKILL.md frontmatter (openclaw#64469) 
Verified:
- pnpm install --frozen-lockfile
- pnpm build
- pnpm check
- pnpm test src/agents/skills.bundled-frontmatter.test.ts

Co-authored-by: extrasmall0 <"258180677"+extrasmall0@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-04-10 14:59:55 -05:00
Peter Steinberger
0ebeee8b0d chore: enable consistent-return 2026-04-10 20:56:43 +01:00
Agustin Rivera
121c452d66 fix(browser): tighten strict browser hostname navigation (#64367) 
* fix(browser): tighten strict browser hostname navigation

* fix(browser): address review follow-ups

* chore(changelog): add strict browser hostname navigation entry

* fix(browser): remove stale state prop from SelectionDeps call site

The PR's SelectionDeps uses getSsrFPolicy instead of the full state
object; the state property was leftover from an earlier iteration.

---------

Co-authored-by: Devin Robison <drobison@nvidia.com>
 2026-04-10 13:18:53 -06:00
Peter Steinberger
4164d6fc4c test: narrow auto-reply command imports 2026-04-10 20:16:54 +01:00
Peter Steinberger
04c8026d03 chore: enable no-unnecessary-type-arguments 2026-04-10 20:14:49 +01:00
Peter Steinberger
dfe4c2d16d chore: enable no-floating-promises 2026-04-10 20:14:49 +01:00
Peter Steinberger
01113566fd chore: enable await-thenable 2026-04-10 20:14:49 +01:00
Peter Steinberger
cdb944ef0a chore: enable no-misused-spread 2026-04-10 20:14:49 +01:00
Peter Steinberger
1088904a47 test: skip provider runtime hints in config test 2026-04-10 20:12:16 +01:00
Agustin Rivera
c949af9fab fix(media): honor sender policy for host media reads (#64459) 
* fix(media): honor sender policy for host media reads

* fix(media): clarify host read group policy gating

* fix(media): forward sender identity for outbound reads

* fix(media): propagate non-id sender fields through outbound session for e164/username/name policy matching

* fix(media): preserve requester provider for host read policy

* fix(media): forward full sender identity through followup and core send paths

* fix(media): forward requester session/account context through core send fallback

* fix(media): preserve account policy fallback for requester-scoped host reads

* chore(changelog): add outbound media sender-policy entry

* fix(media): align test call shape with production — omit messageProvider when sessionKey is set

Addresses P2 review: production call sites pass messageProvider: undefined
when sessionKey is present; tests should mirror that so regressions in
the precedence order are caught.

---------

Co-authored-by: Devin Robison <drobison@nvidia.com>
 2026-04-10 13:07:56 -06:00
Peter Steinberger
5df7771d0c test: keep browser subpath test import-only 2026-04-10 20:06:00 +01:00
Peter Steinberger
a96b97979d test: align browser subpath ssrf default 2026-04-10 20:03:28 +01:00
Peter Steinberger
8640b89158 test: trim provider contract slow paths 2026-04-10 20:00:48 +01:00
Agustin Rivera
e3a845bde5 Normalize agent hook system event trust handling (#64372) 
* fix(hooks): sanitize agent hook system events

Co-authored-by: zsx <git@zsxsoft.com>

* chore(changelog): add agent hook trust normalization entry

---------

Co-authored-by: zsx <git@zsxsoft.com>
Co-authored-by: Devin Robison <drobison@nvidia.com>
 2026-04-10 12:56:00 -06:00
Peter Steinberger
a6edccad3d test: align plugin install denylist expectations 2026-04-10 19:42:38 +01:00
Agustin Rivera
905f19230a Align external marker span mapping (#63885) 
* fix(markers): align external marker spans

* fix(browser): ssrfPolicy defaults fail-closed for unconfigured installs (GHSA-53vx-pmqw-863c)

* fix(browser): enforce strict default SSRF policy

* chore(changelog): add browser SSRF default + marker alignment entry

---------

Co-authored-by: Devin Robison <drobison@nvidia.com>
 2026-04-10 12:35:20 -06:00
Peter Steinberger
a52d38275e test: remove duplicate agent reset e2e 2026-04-10 19:30:24 +01:00
Peter Steinberger
cbce38d78c style: format post-rebase files 2026-04-10 19:28:42 +01:00
Peter Steinberger
59925c1a74 chore: update dependencies and oxc tooling 2026-04-10 19:28:42 +01:00
Peter Steinberger
e7db987ce6 test: trim heavy imports and harden ci checks 2026-04-10 19:23:10 +01:00
Peter Steinberger
d9b33205dc test: move disabled compat routes to http harness 2026-04-10 19:21:55 +01:00
Peter Steinberger
15c6748c01 test: stabilize vitest full-suite runner 2026-04-10 19:17:39 +01:00
Peter Steinberger
f6ed276f51 style: apply updated formatter output 2026-04-10 19:17:39 +01:00
Peter Steinberger
ea8d0833c3 test: trim gateway auth slow paths 2026-04-10 19:16:55 +01:00
Peter Steinberger
56468cdb06 fix: align plugin install denylist scan tests 2026-04-10 18:57:52 +01:00
Peter Steinberger
d522dc637e test: trim embedded agents slow paths 2026-04-10 18:33:03 +01:00
Michael Appel
9f97ad857a fix(security): pin axios to 1.15.0 and add dependency denylist for plugin installs [AI-assisted] (#63891) 
* fix: address issue

* fix: address review feedback

* fix: address PR review feedback

* fix: address PR review feedback

* fix: address PR review feedback

* fix: address PR review feedback

* fix: address PR review feedback

* Plugins: fix install security CI regressions

* Plugins: make manifest traversal linear

* Plugins: bound manifest security traversal

* Plugins: block denied node_modules package dirs

* Plugins: match node_modules case-insensitively

* Plugins: block denied package symlink paths

* Tests: normalize blocked symlink assertion

* Plugins: fail closed on unreadable denied paths

* Plugins: block denied node_modules file aliases

* Plugins: inspect node_modules symlink targets

* Plugins: preserve symlink target package paths

* fix: address PR review feedback

* chore(changelog): add axios pin and dependency denylist entry

---------

Co-authored-by: Devin Robison <drobison@nvidia.com>
 2026-04-10 11:20:05 -06:00
Gustavo Madeira Santana
9b44929f28 fix(gateway): preserve restart sentinel account routing 2026-04-10 13:16:19 -04:00
Peter Steinberger
527601d7a5 fix: align channel owner context test types 2026-04-10 18:14:14 +01:00
Michael Appel
19a2e9ddb5 fix(infra): extend exec completion detection to cover local background exec formats [AI-assisted] (#64376) 
* fix: address issue

* fix: address PR review feedback

* fix: address PR review feedback

* fix: address PR review feedback

* chore(changelog): add exec completion owner-downgrade entry

---------

Co-authored-by: Devin Robison <drobison@nvidia.com>
 2026-04-10 11:07:14 -06:00
Peter Steinberger
e1a2a26ec9 test: isolate agent runtime mocks 2026-04-10 18:06:49 +01:00
Peter Steinberger
cbc4447d6b test: narrow doctor config matrix helper import 2026-04-10 18:05:02 +01:00
Agustin Rivera
8dfbf3268b fix(browser): gate sandbox noVNC helper auth 
Require bridge auth before /sandbox/novnc token redemption and keep the noVNC observer URL out of model-visible prompt context.

Local verification:
- pnpm test extensions/browser/src/browser/bridge-server.auth.test.ts src/agents/sanitize-for-prompt.test.ts src/agents/pi-embedded-runner.buildembeddedsandboxinfo.test.ts

Note: pnpm check currently fails on latest main in unrelated files (src/agents/tools/message-tool.ts and src/gateway/mcp-http.test.ts), outside this PR diff.

Thanks @eleqtrizit.

Co-authored-by: eleqtrizit <31522568+eleqtrizit@users.noreply.github.com>
 2026-04-10 18:01:26 +01:00
Michael Appel
979c6f09d6 fix: include image param in sandbox media normalization [AI-assisted] (#64377) 
* fix: address issue

* chore(changelog): add Discord event image sandbox entry

---------

Co-authored-by: Devin Robison <drobison@nvidia.com>
 2026-04-10 11:01:04 -06:00
Peter Steinberger
56d3f97e23 test: use lightweight channel status stubs 2026-04-10 18:00:45 +01:00
Peter Steinberger
710a19dd86 fix: repair latest main type drift 2026-04-10 18:00:45 +01:00
Peter Steinberger
b9981c8ee8 test: inject setup command side effects 2026-04-10 17:57:15 +01:00
Agustin Rivera
fe0f686c92 Gate Matrix profile updates for non-owner message tool runs (#62662) 
Merged via squash.

Prepared head SHA: 602b16a676
Co-authored-by: eleqtrizit <31522568+eleqtrizit@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-04-10 12:56:17 -04:00
Peter Steinberger
1c1fe8a405 test: remove duplicate workspace auth choice e2e 2026-04-10 17:52:44 +01:00
Peter Steinberger
9031a9b2cc test: narrow legacy doctor migration hot paths 2026-04-10 17:51:15 +01:00
Menglin Li
36c3a54b51 fix(gateway): plug long-running memory leaks 
Prune stale gateway control-plane rate-limit buckets, bound transcript-session lookup caching, clear agent event sequence state with run contexts, and clear node wake/nudge state on disconnect.\n\nVerified locally after rebasing onto main:\n\n- pnpm test src/gateway/control-plane-rate-limit.test.ts src/gateway/session-transcript-key.test.ts src/infra/agent-events.test.ts src/gateway/server-methods/nodes.invoke-wake.test.ts\n- pnpm check\n\nCo-authored-by: lml2468 <39320777+lml2468@users.noreply.github.com>
 2026-04-10 17:45:12 +01:00
Devin Robison
54ae138db7 fix: the cron isolated agent in openclaw unconditiona (#383) (#63878) 2026-04-10 10:44:22 -06:00