vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-31 19:41:52 +00:00
Code Issues Packages Projects Releases Wiki Activity
53,315 Commits 1,843 Branches 149 Tags
d10d30c5faf60efb3562f1d2b87fa284debf0ac2
Commit Graph

3680 Commits

Author SHA1 Message Date
Vincent Koc
d10d30c5fa fix(test): harden startup benchmark harness 2026-05-28 06:53:58 +02:00
Vincent Koc
6ae4a00a66 fix(qa): reject loose openwebui probe timeouts 2026-05-28 06:27:04 +02:00
Dallin Romney
8d21ac3f6e refactor: share QA runtime helpers (#87412) 
* refactor: share QA runtime helpers

* refactor: keep QA helpers private

* refactor: keep QA helpers on private runtime seam

* chore: prune stale QA duplicate ignores

* fix: align qa runtime boundary alias

* fix: avoid startup memory lint conversion
 2026-05-27 21:16:24 -07:00
Vincent Koc
6adf2340fb fix(qa): parse kitchen sink rpc guardrails strictly 2026-05-28 06:05:24 +02:00
Vincent Koc
6a324f6400 fix(perf): keep abort leak thresholds active 2026-05-28 05:29:40 +02:00
Agustin Rivera
b860a0d4d0 fix: harden qqbot direct media uploads 
Harden QQBot direct media URL uploads by downloading through the local SSRF guard before QQ upload, disabling redirects, bounding fetch/setup and body reads, and routing downloaded buffers through the existing one-shot/chunked size gate.

Co-authored-by: Agustin Rivera <agustin@rivera-web.com>
 2026-05-28 04:21:46 +01:00
Vincent Koc
f5e48f767f fix(perf): keep startup memory budgets active 2026-05-28 05:07:34 +02:00
Vincent Koc
bf22893cb6 fix(perf): reject loose extension memory numeric flags 2026-05-28 04:57:51 +02:00
Vincent Koc
6fe7dddcf2 fix(qa): reject loose Docker scheduler numeric env 2026-05-28 04:48:56 +02:00
Vincent Koc
3ef34702c8 fix(qa): reject loose gateway CPU numeric flags 2026-05-28 04:38:41 +02:00
Peter Steinberger
2229122077 fix: keep private SDK declarations local 2026-05-28 03:28:27 +01:00
Vincent Koc
ac28c0611d fix(qa): reject loose gauntlet numeric flags 2026-05-28 04:24:13 +02:00
Dallin Romney
3005b62242 perf(plugins) refactor plugin SDK declarations for flat package types (#87165) 
* refactor: flatten plugin sdk declarations

* fix: align package inventory with flat sdk declarations

* refactor: move packed sdk smoke to fixture

* test: simplify packed sdk type smoke

* fix(canvas): use focused number runtime helpers

* fix(ci): stabilize sdk boundary checks

* test: guard private sdk declaration leaks

Co-authored-by: Peter Steinberger <steipete@gmail.com>

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
 2026-05-27 19:22:32 -07:00
Vincent Koc
d1577a2ff2 fix(perf): reject invalid startup bench counts 2026-05-28 03:48:55 +02:00
Peter Steinberger
cee2a50fe6 chore(release): prepare 2026.5.28 2026-05-28 01:48:07 +01:00
Peter Steinberger
c86667c5cf test(discord): use reply payload SDK test helper (#87454) 
* test(discord): use reply payload SDK test helper

* build(plugin-sdk): exclude reply payload test helper
 2026-05-28 00:57:22 +01:00
Edward Abrams
05db911775 fix(outbound): thread session keys into outbound hooks (#73706) 
Thread the canonical outbound session key into plugin message_sending and message_sent hook contexts, and align native command redirect routed delivery with the agent runtime session key. This lets plugins correlate agent_end with outbound delivery hooks without seeing missing or divergent session keys.

Verification:
- gh pr checks 73706 --repo openclaw/openclaw --watch=false
- Real behavior proof: https://github.com/openclaw/openclaw/actions/runs/26526635074/job/78131933497

Thanks @zeroaltitude.

Co-authored-by: Edward Abrams <zeroaltitude@gmail.com>
 2026-05-28 00:43:27 +01:00
Peter Steinberger
1f1cdd84ea chore: forward gateway profiling env 2026-05-28 00:35:35 +01:00
lukeboyett
b5bd6e8828 fix(sessions): preserve Matrix room-id case in session keys (#75670) (#87366) 
* fix(sessions): preserve Matrix room-id case in session keys (#75670)

Matrix room IDs (and thread event IDs) are opaque, case-sensitive per the
Matrix spec, but session-key canonicalization lowercased them. That forked
one room into duplicate sessions and produced 403 M_FORBIDDEN on recovery /
delivery paths that reconstruct the target from the (lowercased) session key,
even though deliveryContext.to stayed correct.

Introduce a generic, opt-in case-preservation registry (CASE_PRESERVING_PEERS)
consulted at all three lowercasing sites:
- construction: normalizeSessionPeerId
- store canonicalization: normalizeSessionKeyPreservingOpaquePeerIds
- gateway send: explicit request.sessionKey

Signal group preservation is encoded to match prior behavior exactly (segment
span, unscoped, thread suffix still lowercased). Matrix channel/group enrolls
the opaque tail (room id with embedded :server + any 🧵<event> suffix).
Exact mixed-case keys now win over folded legacy aliases in
resolveSessionStoreEntry and delivery-info lookup; existing lowercased rows
collapse on the next write. Matrix DM/MXID and non-enrolled channels keep the
default lowercase behavior.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

* fix(sessions): guard Matrix folded alias delivery proof

* test(agents): cover cold OpenAI gpt-5.5 fallback

* fix(sessions): preserve non-opaque alias freshness

* fix(sessions): prevent Matrix cross-room thread recovery

* build(protocol): refresh tools effective Swift models

* test(codex): include effective cwd in startup fixture

* test(codex): align startup failure cleanup expectation

* fix(sessions): keep Signal folded aliases fresh

* fix(sessions): preserve unscoped Matrix room keys

* fix(sessions): recover legacy Matrix thread aliases

* fix(sessions): preserve Matrix keys in state migrations

* fix(sessions): keep Matrix structural alias freshness

* fix(sessions): preserve unscoped Matrix migration keys

---------

Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
 2026-05-28 00:26:49 +01:00
samzong
316fd5b625 [Fix] Warm provider auth off main thread (#86281) 
* fix(agents): warm provider auth off main thread

Signed-off-by: samzong <samzong.lu@gmail.com>

* fix(agents): keep provider auth warm read-only

* fix(ci): unblock provider auth landing

* ci: serialize gateway watch artifact check

* fix(ci): stabilize diffs viewer asset generation

* fix(agents): avoid stale plugin auth warm results

* fix(agents): keep partial auth warm cache

---------

Signed-off-by: samzong <samzong.lu@gmail.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
 2026-05-27 23:24:55 +01:00
Vincent Koc
53ad531df9 fix(crabbox): preserve sparse run artifacts 2026-05-28 00:20:39 +02:00
Vincent Koc
f39f1a4712 fix(e2e): bound MCP channel harness buffers 2026-05-27 22:34:08 +02:00
Peter Steinberger
bb46b79d3c refactor: internalize OpenClaw agent runtime (#85341) 
* refactor: extract agent core package

Introduce packages/agent-core as the OpenClaw-owned home for reusable agent loop, harness, session, prompt, and runtime dependency contracts.

* refactor: extract shared llm runtime

Move provider model registries, stream wrappers, OAuth helpers, and LLM utilities into src/llm with plugin-sdk barrels instead of depending on the old embedded runtime layout.

* refactor: remove pi runtime internals

Rename remaining Pi-shaped agent surfaces to OpenClaw agent runtime names, delete obsolete Pi docs and package graph checks, and add the third-party notice for incorporated code.

* refactor: tighten agent session runtime

Make agent-core/runtime dependencies explicit, consolidate compaction and session transcript helpers, and move model/session helpers behind OpenClaw-owned contracts.

* refactor: remove static model and pi auth paths

Drop static model catalogs and Pi auth bridges, move model/provider facts to manifest-owned runtime contracts, and harden internal embedded-agent utilities.

* refactor: remove legacy provider compat paths

* docs: remove agent parity notes

* fix: skip provider wildcard metadata parsing

* refactor: share session extension sdk loading

* refactor: inline acpx proxy error formatter

* refactor: fold edit recovery into edit tool

* fix: accept extension batch separator

* test: align startup provider plugin expectations

* fix: restore provider-scoped release discovery

* test: align static asset packaging expectations

* fix: run static provider catalogs during scoped discovery

* fix: add provider entry catalogs for scoped live discovery

* fix: load lightweight provider catalog entries

* fix: refresh provider-scoped plugin metadata

* fix: keep provider catalog entries on release live path

* fix: keep static manifest models in release live checks

* fix: harden release model discovery

* fix: reduce OpenAI live cache probe reasoning

* fix: disable OpenAI cache probe reasoning

* ci: extend OpenAI gateway live timeout

* fix: extend live gateway model budget

* fix: stabilize release validation regressions

* fix: honor provider aliases in model rows

* fix: stabilize release validation lanes

* fix: stabilize release memory qa

* ci: stabilize release validation lanes

* ci: prefer ipv4 for live docker node calls

* fix: restore shared tool-call stream wrapper

* ci: remove legacy pi test shard alias

* fix: clean up embedded agent test drift

* fix: stabilize runtime alias status

* fix: clean up embedded agent ci drift

* fix: restore release ci invariants

* fix: clean up post-rebase runtime drift

* fix: restore release ci checks

* fix: restore release ci after rebase

* fix: remove stale pi runtime path

* test: align compaction runtime expectations

* test: update plugin prerelease expectations

* fix: handle claude live tool approvals

* fix: stabilize release validation gates

* fix: finish agent runtime import

* test: finish post-rebase agent runtime mocks

* fix: keep codex compaction native

* fix: stabilize codex app-server hook tests

* test: isolate codex diagnostic active run

* test: remove codex diagnostic completion race

# Conflicts:
#	extensions/codex/src/app-server/run-attempt.test.ts

* ci: fix full release manifest performance run id

* refactor: narrow llm plugin sdk boundary

* chore: drop generated google boundary stamps

* fix: repair rebase fallout

* fix: clean up rebased runtime references

* fix: decode codex jwt payloads as base64url

* fix: preserve shipped pi runtime alias

* fix: add scoped sdk virtual modules

* fix: decode llm codex oauth jwt as base64url

* fix: avoid stale vertex adc negative cache

* fix: harden tool arg decoding and codeql path

* fix: keep vertex adc negative checks live

* refactor: consolidate codex jwt and edit helpers

* fix: await codex oauth node runtime imports

* fix: preserve sdk tool and notice contracts

* fix: preserve shipped compat config boundaries

* fix: align codex oauth callback host

* fix: terminate agent-core loop streams on failure

* fix: keep codex oauth callback alive during fallback

* ci: include session tools in critical codeql scans

* fix: keep Cloudflare Anthropic provider auth header

* docs: redirect legacy pi runtime pages

* fix: honor bundled web provider compat discovery

* fix: protect session output spill files

* fix: keep legacy agent dir env blocked

* fix: contain auto-discovered skill symlinks

* fix: harden agent core sdk proxy surfaces

* fix: restore approval reaction sdk compat

* fix: keep live docker runs bounded

* fix: keep codex oauth redirect host aligned

* fix: resolve post-rebase agent runtime drift

* fix: redact anthropic oauth parse failures

* fix: preserve responses strict tool shaping

* fix: repair agent runtime rebase cleanup

* docs: redirect retired parity pages

* fix: bound auto-discovered resources to roots

* fix: repair post-rebase agent test drift

* fix: preserve bundled provider allowlist migration

* fix: preserve manifest-owned provider aliases

* fix: declare photon image dependency

* fix: keep provider headers out of proxy body

* fix: preserve shipped env aliases

* fix: refresh control ui i18n generated state

* fix: quote read fallback paths

* fix: preview edits through configured backend

* test: satisfy core test typecheck

* fix: preserve ZAI usage auth fallback

* test: repair codex diagnostic test

* fix: repair agent runtime rebase drift

* test: finish embedded runner import rename

* fix: repair agent runtime rebase integrations

* test: align compaction oauth fallback expectations

* fix: allow sdk-auth session models

* fix: update doctor tool schema import

* fix: preserve bedrock plugin region

* fix: stream harmony-like prose immediately

* ci: include session runtime in codeql shards

* fix: repair latest rebase integrations

* fix: honor explicit codex websocket transport

* fix: keep openai-compatible credentials provider-scoped

* fix: refresh sdk api baseline after rebase

* fix: route cli runtime aliases through openclaw harness

* test: rename stale harness mock expectation

* test: rename embedded agent overflow calls

* test: clean embedded auth test wording

* test: use openclaw stream types in deepinfra cache test

* fix: refresh sdk api baseline on latest main

* fix: honor bundled discovery compat allowlists

* fix: refresh sdk api baseline after latest rebase

* fix: remove stale rebase imports

* test: rename stale model catalog mock

* test: mock renamed doctor runtime modules

* fix: map canonical kimi env auth

* fix: use internal model registry in bench script

* fix: migrate deepinfra provider catalog entry

* fix: enforce builtin tool suppression

* fix: route compaction auth and proxy payloads safely

* refactor: prune unused llm registry leftovers

* test: update codex hooks session import

* test: fix model picker ci coverage

* test: align model picker auth mock types
 2026-05-27 19:24:04 +01:00
Dallin Romney
2c95752c1e fix(diffs): align language pack host floor (#87370) 2026-05-27 11:13:50 -07:00
Vincent Koc
11ca150a1b fix(testing): bound plugin gauntlet relay logs 2026-05-27 20:04:56 +02:00
Vincent Koc
8e8445905f fix(release): stream cross-os served artifacts 2026-05-27 19:51:51 +02:00
Vincent Koc
c571652487 fix(e2e): stream live plugin transcripts 2026-05-27 19:36:43 +02:00
Vincent Koc
b182b71d74 fix(e2e): align prerelease and google live guards 2026-05-27 19:30:27 +02:00
Peter Steinberger
04880ab250 fix(gateway): avoid viewer asset watch loops 2026-05-27 18:29:42 +01:00
Vincent Koc
e93cf52782 fix(e2e): stream release scenario log checks 2026-05-27 19:23:11 +02:00
Vincent Koc
1a34c4833e fix(e2e): stream OpenAI web search request logs 2026-05-27 19:09:32 +02:00
Dallin Romney
d638611684 feat: split diffs language pack 
Split the diffs viewer Shiki language pack into an external publishable plugin.

The diffs plugin keeps the default curated syntax set, while the new @openclaw/diffs-language-pack package carries the extended Shiki languages for npm and ClawHub distribution. The install metadata includes the external ClawHub spec, and the curated C# alias set keeps both c# and cs supported without the language pack.

Co-authored-by: Dallin Romney <dallinromney@gmail.com>
 2026-05-27 18:08:40 +01:00
Peter Steinberger
de5971eedc fix(onboard): preserve rerun config migrations 
Fix non-interactive and wizard onboarding reruns so existing agent lists and bindings are preserved unless the user explicitly resets config.

Isolate legacy `plugins.installs` migration into its own write so the config size-drop allowance cannot mask unrelated config loss, while preserving new or repaired install records for the final plugin-index commit. Also keep shrinkwrap generation pinned to pnpm-locked transitive patch versions only when the dependency edge still allows that version, and isolate the tooling Vitest shard that mutates process state.

Fixes #84692.
Replaces #84748.

Co-authored-by: yetval <yetvald@gmail.com>
 2026-05-27 18:05:07 +01:00
Vincent Koc
5c20ff93e0 fix(e2e): isolate kitchen sink log scans 2026-05-27 18:45:11 +02:00
Vincent Koc
c285766d62 fix(ci): merge nested shrinkwrap override pins 2026-05-27 18:37:00 +02:00
Vincent Koc
d2a1f62d23 fix(matrix): keep fallback tool warnings mention-inert 2026-05-27 18:07:24 +02:00
Vincent Koc
98a9a523e6 fix(ci): preserve forked shrinkwrap pins 2026-05-27 18:07:24 +02:00
Vincent Koc
162a79b170 fix(e2e): bound agent turn assertion logs 2026-05-27 18:04:43 +02:00
Vincent Koc
46f5905498 fix(e2e): zero log tail buffers 2026-05-27 17:48:56 +02:00
Vincent Koc
12dc398267 fix(e2e): harden kitchen sink log tailing 2026-05-27 17:35:51 +02:00
Vincent Koc
694907d01e fix(e2e): bound bundled runtime log scans 2026-05-27 17:22:46 +02:00
Vincent Koc
20eab65ff4 fix(e2e): relax kitchen sink plugin memory guard 2026-05-27 17:10:01 +02:00
Vincent Koc
a2f714cd44 fix(e2e): bound Telegram proof log polling 2026-05-27 16:59:35 +02:00
Vincent Koc
5eeaa5603f fix(e2e): bound Open WebUI control probes 2026-05-27 16:31:16 +02:00
Vincent Koc
5bf1f168d4 fix(e2e): bound ClawHub preflight waits 2026-05-27 16:14:51 +02:00
Vincent Koc
4d099c354b fix(e2e): bound kitchen sink log scans 2026-05-27 15:50:11 +02:00
Vincent Koc
4a8d89f8b5 fix(ci): bound real behavior proof API waits 2026-05-27 15:12:53 +02:00
Peter Steinberger
8e5183c60d refactor: move channel message sdk compat into core 2026-05-27 13:59:33 +01:00
Peter Steinberger
ef17bbaabf ci(release): harden postpublish verification 2026-05-27 13:58:14 +01:00
Vincent Koc
b12bd3fc98 fix(dev): bound issue labeler OpenAI waits 2026-05-27 14:56:10 +02:00