vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-08 07:00:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
39,261 Commits 1,843 Branches 149 Tags
cbf4f0f87a28fbea4a10b4e457ad9d4142e9dbed
Commit Graph

327 Commits

Author SHA1 Message Date
Val Alexander
df0ee092f0 fix: harden gateway recovery diagnostics and media delivery 
Harden gateway recovery diagnostics and media delivery.\n\n- Accept gateway send asVoice and map it to outbound audioAsVoice.\n- Preserve generated Swift protocol models for the gateway send schema.\n- Keep the broader recovery hardening for install/update/status/vector/TTS paths in one reviewed PR.\n\nProof:\n- Focused local gateway/outbound/update/status/doctor/sqlite-vec tests passed.\n- oxfmt --check and git diff --check passed.\n- Testbox OPENCLAW_TESTBOX=1 pnpm check:changed passed at 2f5ef650e97763a61ff43c28e61707db84c50060.\n- GitHub required checks are green at the merge SHA; the qa-lab parity gate is optional/surface-only and was still pending.
 2026-04-30 21:46:22 -05:00
jesse-merhi
706eb8833f fix: filter launchd handoff environment 2026-04-29 13:51:42 +10:00
Sliverp
e0008268ad fix(onboarding): Improve the dynamic import UX. (#73419) 
* fix(onboarding): skip redundant install prompt when only one source exists

When the channel-setup flow asks 'Install <plugin>?' after the user has
already picked the channel in the previous menu, and the only real
install source available is npm (or local), the prompt degenerates into
'<that source> vs Skip'. The user already expressed intent by picking
the channel, so re-confirming adds friction without offering a
meaningful choice.

Resolve directly to the available source in that case. Keep the prompt
when both npm and local sources exist so the user can still pick which
to use, and keep it when no real source exists (the prompt then only
offers Skip, which is informative).

* fix ci

* fix ci

* fix(channel-setup): skip redundant install prompt when only one source exists

Add autoConfirmSingleSource opt-in parameter to promptInstallChoice /
ensureOnboardingPluginInstalled / ensureChannelSetupPluginInstalled.
When set and only one real install source (npm or local, not both)
exists, the 'Install <plugin>? / Skip' prompt is skipped and the
single source is used directly.

Only channel-setup.ts passes autoConfirmSingleSource: true — the user
already expressed intent by picking the channel in the previous menu,
so re-confirming adds friction without a meaningful choice. The
onboarding and quickstart entry points keep the existing prompt
behavior unchanged.

Also fix findBundledPluginSourceInMap mock type in
onboarding-plugin-install.test.ts to avoid TS2345.

* fix(tests): revert auto-confirm test expectations and fix mock leak

- Revert 'offers registry npm specs' test to expect the prompt
  (autoConfirmSingleSource not passed)
- Revert channel-setup 'does not default to bundled local path' test
  to expect the prompt
- Reset findBundledPluginSourceInMap and
  resolveBundledInstallPlanForCatalogEntry mocks after the bundled
  prompt test to prevent cross-test leakage

* fix ci

* docs(changelog): add #73419
 2026-04-29 10:41:42 +08:00
Pavan Kumar Gondhi
230f7122dd fix(security): prevent workspace PATH injection via service env and trash helpers (#73264) 
* fix: address issue

* fix: address PR review feedback

* fix: address review-pr skill feedback

* fix: address PR review feedback

* fix: address PR review feedback

* fix: address build feedback

* fix: address PR review feedback

* docs: add changelog entry for PR merge
 2026-04-28 21:30:51 +05:30
Jesse Merhi
2633b14914 feat(security): support operator-managed network proxy routing (#70044) 
* feat: support operator-managed proxy routing

* docs: add network proxy changelog entry

* fix(proxy): restrict gateway bypass to loopback IPs

* fix(cli): harden container proxy URL checks

* docs(proxy): clarify gateway bypass scope

* docs: remove proxy changelog entry

* fix(proxy): clear startup CI guard failures

* fix(proxy): harden gateway proxy policy parsing

* fix(proxy): honor update shorthand proxy policy

* fix(cli): redact proxy URL suffixes

* test(proxy): keep gateway help off proxy startup

* fix(proxy): keep overlapping lifecycle active

* docs: add proxy changelog entry

---------

Co-authored-by: joshavant <830519+joshavant@users.noreply.github.com>
 2026-04-28 00:20:47 -05:00
Peter Steinberger
a6141a5a41 fix: harden macOS gateway updates 2026-04-28 05:58:05 +01:00
Peter Steinberger
e1acb61317 refactor: expose SDK test helper subpaths 2026-04-28 03:28:17 +01:00
Peter Steinberger
dd0f5937d2 fix(doctor): avoid companion gateway service false positives 2026-04-27 23:30:29 +01:00
Peter Steinberger
0cc3c027a8 test: avoid slow home lookups in service audit tests 2026-04-27 23:23:15 +01:00
Peter Steinberger
abf5dea7dd fix(daemon): filter missing service path fallbacks 2026-04-27 23:16:04 +01:00
Peter Steinberger
ad0f600450 fix(gateway): avoid systemd service split-brain 2026-04-27 14:32:49 +01:00
Peter Steinberger
7dc9a367ef fix: avoid persisting proxy env in gateway services 2026-04-27 10:46:31 +01:00
Peter Steinberger
13f9deb619 fix: audit windows task managed env drift 2026-04-27 10:19:50 +01:00
Peter Steinberger
67f1266fe8 fix: repair managed service env install migration 2026-04-27 10:13:01 +01:00
Vincent Koc
56ca4e2269 fix(daemon): handle sudo user-systemd gateway install failures 
* fix(daemon): handle sudo user-systemd gateway install failures

* fix(daemon): harden sudo systemctl user scope

* fix(plugins): remove static type-cycle edges

* test(plugins): update bundle command config mock
 2026-04-27 01:34:57 -07:00
Vincent Koc
b246c06fa5 fix(daemon): surface systemd user-bus hints during gateway install (#72617) 2026-04-26 23:30:54 -07:00
Vincent Koc
60d4d5e1fa fix(daemon): reconcile macOS LaunchAgent supervision state (#72616) 2026-04-26 22:39:15 -07:00
Peter Steinberger
9f9bd41f40 fix: persist gateway service wrappers 2026-04-27 03:40:32 +01:00
Vincent Koc
d7c173b694 fix(gateway): harden macOS launchd service startup 2026-04-26 17:18:49 -07:00
Peter Steinberger
e4e69c5bc6 fix: retry systemd unit activation after reload 2026-04-26 06:47:29 +01:00
Peter Steinberger
eca9f46824 fix: honor node systemd unit activation 2026-04-26 06:35:01 +01:00
Peter Steinberger
a7382ec563 test: cover older-binary service guard 2026-04-26 06:18:37 +01:00
Peter Steinberger
edc3504c77 fix(gateway): accept fnm default path on Linux 2026-04-26 06:09:02 +01:00
Peter Steinberger
8c35e45c00 fix: guard gateway mutations from older binaries 2026-04-26 06:07:55 +01:00
Peter Steinberger
017252e4f8 test(daemon): remove duplicate launchd read mock 2026-04-25 07:12:17 +01:00
Jérôme Benoit
b8b270d5b8 fix(daemon): add Nix Home Manager PATH support 
Add Nix Home Manager profile bin directories to generated gateway service PATHs on macOS and Linux.

Includes ~/.nix-profile/bin fallback when NIX_PROFILES is absent, honors NIX_PROFILES right-to-left precedence when present, and covers the service PATH resolver with focused unit tests.

Closes #44402.
 2026-04-25 01:12:10 -05:00
Peter Steinberger
33d5ebbff7 test(daemon): read launchd fixture files 2026-04-25 07:11:33 +01:00
Peter Steinberger
07cf1dd65c test: remove duplicate launchd read mock 2026-04-25 07:10:32 +01:00
Peter Steinberger
85cab8b516 test: fix launchd restart mock state 2026-04-25 07:09:47 +01:00
Peter Steinberger
22aa402b64 test(daemon): mock launchd plist reads 2026-04-25 07:08:36 +01:00
Peter Steinberger
d957401c7e test(daemon): type launchd kickstart code fake 2026-04-25 07:08:36 +01:00
Vincent Koc
f5868ad1f8 fix(daemon): refresh launchd plist before restart bootstrap (#71421) 2026-04-24 22:59:21 -07:00
Vincent Koc
57f5b3b201 fix(daemon): harden launchd restart handoff (#71409) 2026-04-24 22:27:05 -07:00
Peter Steinberger
d4e93e791b fix: persist private ws opt-in for node services 2026-04-24 06:07:22 +01:00
Peter Steinberger
fccb2b8ace fix: launch Windows startup gateway directly 2026-04-21 08:03:34 +01:00
Peter Steinberger
6d409a6182 test: harden Parallels fresh install smoke 2026-04-21 05:34:25 +01:00
Peter Steinberger
bcf17447f0 test: share execFile builtin mock 2026-04-20 19:20:46 +01:00
Peter Steinberger
456bc8df65 test: share launchd integration helpers 2026-04-20 18:35:25 +01:00
Peter Steinberger
0fb9a3beac test: share schtasks startup fallback helpers 2026-04-20 18:34:05 +01:00
Peter Steinberger
29a48ab129 test: share systemd stage fixture 2026-04-20 18:32:11 +01:00
Peter Steinberger
cde7ae8809 test: share launchd test helpers 2026-04-20 18:30:53 +01:00
Peter Steinberger
800572e9c6 test: share schtasks install fixtures 2026-04-20 18:29:18 +01:00
Peter Steinberger
ed463f6de0 chore: remove unused flow and daemon helpers 2026-04-18 21:16:19 +01:00
Peter Steinberger
84aed919a9 fix: restore CI restart and provider compat 2026-04-18 19:24:08 +01:00
Peter Steinberger
438799e929 fix: log detached service restart attempts 2026-04-18 19:08:36 +01:00
Peter Steinberger
28be124cc1 refactor: centralize restart log conventions 2026-04-18 19:08:35 +01:00
Peter Steinberger
66385670e4 refactor: reduce unnecessary dynamic imports 2026-04-18 16:15:33 +01:00
Onur
900e291f31 CI: expand native release validation coverage (#67144) 
* Actions: grant reusable release checks actions read

* Actions: use read-all for reusable release checks

* CI: add native cross-OS release checks

* CI: wire Discord smoke secrets for cross-OS checks

* CI: fix native cross-OS installer compatibility

* CI: skip empty pnpm cache saves in matrix jobs

* CI: honor workflow runner override envs

* CI: finish native cross-OS update checks

* CI: fix native cross-OS workflow regressions

* Installer: capture Windows npm stderr safely

* CI: harden cross-OS release checks

* CI: resolve reusable workflow harness ref

* CI: stabilize cross-OS dev update lanes

* CI: tighten release-check workflow semantics

* CI: repoint repaired git CLI on POSIX

* CI: repair native dev-update shell handoff

* CI: preserve real updater semantics

* CI: harden supported release-check refs

* CI: harden release-check refs and fresh mode

* CI: skip dev-update for immutable tag refs

* CI: repair fresh installer release checks

* CI: fix native release check installer lanes

* CI: install release checks from candidate artifacts

* CI: use Windows cmd shims in release checks

* Installer: run Windows npm shim via PowerShell

* CI: pin dev update verification to candidate sha

* CI: pin reusable harness and published installers

* CI: isolate Windows dev-update PATH validation

* CI: align Windows dev-update bootstrap validation

* CI: avoid Windows installer gateway flake

* CI: run cross-OS release checks via TypeScript

* CI: bootstrap tsx for release-check workflow

* CI: fix native release-check follow-ups

* CI: tighten dev-update release checks

* CI: peel annotated workflow refs

* CI: harden native release checks

* CI: fix release-check verifier drift

* CI: fix release-check workflow drift

* CI: fix release-check ref resolution

* CI: harden Windows release-check gateway startup

* CI: fix release-check fallback validation

* CI: harden cross-os release checks

* CI: pin dev-update release checks to candidate SHA

* CI: resolve remote dev target refs

* CI: detect cloned dev-update checkouts

* CI: harden Windows release-check launcher

* Windows: harden task fallback and runner overrides

* Release checks: preserve Windows PATH and baseline version reads

* CI: add release validation live lanes

* CI: expand live and e2e release coverage

* CI: add branch dispatch for live and e2e checks
 2026-04-16 19:58:19 +02:00
Vincent Koc
d5b1329bf3 test(perf): speed up slow launchd and sessions specs 2026-04-14 23:34:09 +01:00
tmimmanuel
a2ab9e6a8e fix: avoid inline dotenv secrets in systemd unit during service repair (#66249) (thanks @tmimmanuel) 
* fix(daemon): avoid inline dotenv secrets in systemd unit during service repair

* fix(daemon): sanitize systemd envfile and dedupe state-dir resolution

* fix(daemon): fail on multiline dotenv values for systemd envfile

* test(daemon): cover systemd envfile staging

* fix: keep systemd envfile overrides intact (#66249) (thanks @tmimmanuel)

---------

Co-authored-by: Ayaan Zaidi <hi@obviy.us>
 2026-04-14 09:06:10 +05:30