vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-03-12 07:20:45 +00:00
Code Issues Packages Projects Releases Wiki Activity
17,930 Commits 680 Branches 76 Tags
d30dc28b8c9a48bfd12e32d772dcaab8b63be3c1
Commit Graph

17930 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Josh Avant
d30dc28b8c Secrets: reject exec SecretRef traversal ids across schema/runtime/gateway (#42370) 
* Secrets: harden exec SecretRef validation and reload LKG coverage

* Tests: harden exec fast-exit stdin regression case

* Tests: align lifecycle daemon test formatting with oxfmt 0.36
 2026-03-10 13:45:37 -05:00
Josh Avant
0687e04760 fix: thread runtime config through Discord/Telegram sends (#42352) (thanks @joshavant) (#42352) 2026-03-10 13:30:57 -05:00
Yufeng He
c2d9386796 fix: log auth profile resolution failures instead of swallowing silently (#41271) 
Merged via squash.

Prepared head SHA: 049d1e119a
Co-authored-by: he-yufeng <40085740+he-yufeng@users.noreply.github.com>
Co-authored-by: altaywtf <9790196+altaywtf@users.noreply.github.com>
Reviewed-by: @altaywtf
 2026-03-10 20:38:49 +03:00
JiangNan
e9e8b81939 fix(failover): classify Gemini MALFORMED_RESPONSE as retryable timeout (#42292) 
Merged via squash.

Prepared head SHA: 68f106ff49
Co-authored-by: jnMetaCode <12096460+jnMetaCode@users.noreply.github.com>
Co-authored-by: altaywtf <9790196+altaywtf@users.noreply.github.com>
Reviewed-by: @altaywtf
 2026-03-10 20:34:32 +03:00
jiarung
bc9b35d6ce fix(logging): include model and provider in overload/error log (#41236) 
Merged via squash.

Prepared head SHA: bb16fecbf7
Co-authored-by: jiarung <16461359+jiarung@users.noreply.github.com>
Co-authored-by: altaywtf <9790196+altaywtf@users.noreply.github.com>
Reviewed-by: @altaywtf
 2026-03-10 20:32:14 +03:00
Ayaan Zaidi
3b582f1d54 fix(telegram): chunk long html outbound messages (#42240) 
Merged via squash.

Prepared head SHA: 4d79c41ddf
Co-authored-by: obviyus <22031114+obviyus@users.noreply.github.com>
Co-authored-by: obviyus <22031114+obviyus@users.noreply.github.com>
Reviewed-by: @obviyus
 2026-03-10 22:53:04 +05:30
CryUshio
8bf64f219a fix: recognize Poe 402 'used up your points' as billing for fallback (#42278) 
Merged via squash.

Prepared head SHA: f3cdfa76dd
Co-authored-by: CryUshio <30655354+CryUshio@users.noreply.github.com>
Co-authored-by: altaywtf <9790196+altaywtf@users.noreply.github.com>
Reviewed-by: @altaywtf
 2026-03-10 20:17:36 +03:00
Pejman Pour-Moezzi
466cc816a8 docs(acp): document resumeSessionId for session resume (#42280) 
* docs(acp): document resumeSessionId for session resume

* docs: clarify ACP resumeSessionId thread/mode behavior (#42280) (thanks @pejmanjohn)

---------

Co-authored-by: Onur <onur@textcortex.com>
 2026-03-10 18:06:09 +01:00
sline
bfeea5d23f fix(agents): prevent /v1beta duplication in Gemini PDF URL (#34369) 
Strip trailing /v1beta from baseUrl before appending the version
segment, so callers that already include /v1beta in their base URL
(e.g. subagent-registry) no longer produce /v1beta/v1beta/models/…
which results in a 404 from the Gemini API.

Closes #34312

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-10 12:52:49 -04:00
Ayaan Zaidi
936607ca22 ci: drop detect-secrets check 2026-03-10 20:35:23 +05:30
Ayaan Zaidi
ac88a39acc fix: align pi-ai 0.57.1 oauth imports and payload hooks 2026-03-10 20:29:03 +05:30
George Zhang
f50fc2966b docs: add #42173 to CHANGELOG — strip leaked model control tokens (#42216) 
Thanks @imwyvern.
 2026-03-10 07:19:13 -07:00
joshavant
59bc3c6630 Agents: align onPayload callback and OAuth imports 2026-03-10 08:50:30 -05:00
George Zhang
3508b4821b docs: add Tengji (George) Zhang to maintainer table (#42190) 2026-03-10 06:46:12 -07:00
George Zhang
309162f9a2 fix: strip leaked model control tokens from user-facing text (#42173) 
Models like GLM-5 and DeepSeek sometimes emit internal delimiter tokens in their responses. Uses generic pattern in the text extraction pipeline, following the same architecture as stripMinimaxToolCallXml.

Closes #40020
Supersedes #40573

Co-authored-by: imwyvern <100903837+imwyvern@users.noreply.github.com>
 2026-03-10 06:27:59 -07:00
Vincent Koc
208b636414 Changelog: add unreleased March 9 entries 2026-03-10 08:51:12 -04:00
smysle
d340ea92d1 chore: add .dev-state to .gitignore (#41848) 
Merged via squash.

Prepared head SHA: 85c4eb7d26
Co-authored-by: smysle <207193754+smysle@users.noreply.github.com>
Co-authored-by: hydro13 <6640526+hydro13@users.noreply.github.com>
Reviewed-by: @hydro13
 2026-03-10 13:35:04 +01:00
Charles Dusek
048e25c2b2 fix(agents): avoid duplicate same-provider cooldown probes in fallback runs (#41711) 
Merged via squash.

Prepared head SHA: 8be8967bcb
Co-authored-by: cgdusek <38732970+cgdusek@users.noreply.github.com>
Co-authored-by: altaywtf <9790196+altaywtf@users.noreply.github.com>
Reviewed-by: @altaywtf
 2026-03-10 15:26:47 +03:00
Echo
bda63c3c7f fix(mattermost): preserve markdown formatting and native tables (#18655) 
Merged via squash.

Prepared head SHA: d30fff1776
Co-authored-by: echo931 <259437483+echo931@users.noreply.github.com>
Co-authored-by: mukhtharcm <56378562+mukhtharcm@users.noreply.github.com>
Reviewed-by: @mukhtharcm
 2026-03-10 17:40:01 +05:30
Pejman Pour-Moezzi
aca216bfcf feat(acp): add resumeSessionId to sessions_spawn for ACP session resume (#41847) 
* feat(acp): add resumeSessionId to sessions_spawn for ACP session resume

Thread resumeSessionId through the ACP session spawn pipeline so agents
can resume existing sessions (e.g. a prior Codex conversation) instead
of starting fresh.

Flow: sessions_spawn tool → spawnAcpDirect → initializeSession →
ensureSession → acpx --resume-session flag → agent session/load

- Add resumeSessionId param to sessions-spawn-tool schema with
  description so agents can discover and use it
- Thread through SpawnAcpParams → AcpInitializeSessionInput →
  AcpRuntimeEnsureInput → acpx extension runtime
- Pass as --resume-session flag to acpx CLI
- Error hard (exit 4) on non-existent session, no silent fallback
- All new fields optional for backward compatibility

Depends on acpx >= 0.1.16 (openclaw/acpx#85, merged, pending release).

Tests: 26/26 pass (runtime + tool schema)
Verified e2e: Discord → sessions_spawn(resumeSessionId) → Codex
resumed session and recalled stored secret.

🤖 AI-assisted

* fix: guard resumeSessionId against non-ACP runtime

Add early-return error when resumeSessionId is passed without
runtime="acp" (mirrors existing streamTo guard). Without this,
the parameter is silently ignored and the agent gets a fresh
session instead of resuming.

Also update schema description to note the runtime=acp requirement.

Addresses Greptile review feedback.

* ACP: add changelog entry for session resume (#41847) (thanks @pejmanjohn)

---------

Co-authored-by: Pejman Pour-Moezzi <481729+pejmanjohn@users.noreply.github.com>
Co-authored-by: Onur <onur@textcortex.com>
 2026-03-10 10:36:13 +01:00
Bob
c2eb12bbc5 ACPX: bump bundled acpx to 0.1.16 (#41975) 
* ACPX: bump bundled acpx to 0.1.16

* fix: bump acpx pin to 0.1.16 (#41975) (thanks @dutifulbob)

---------

Co-authored-by: Onur <2453968+osolmaz@users.noreply.github.com>
 2026-03-10 10:18:09 +01:00
Teconomix
6d0547dc2e mattermost: fix DM media upload for unprefixed user IDs (#29925) 
Merged via squash.

Prepared head SHA: 5cffcb072c
Co-authored-by: teconomix <6959299+teconomix@users.noreply.github.com>
Co-authored-by: mukhtharcm <56378562+mukhtharcm@users.noreply.github.com>
Reviewed-by: @mukhtharcm
 2026-03-10 14:22:24 +05:30
Brad Groux
568b0a22bb fix(msteams): use General channel conversation ID as team key for Bot Framework compatibility (#41838) 
* fix(msteams): use General channel conversation ID as team key for Bot Framework compatibility

Bot Framework sends `activity.channelData.team.id` as the General channel's
conversation ID (e.g. `19:abc@thread.tacv2`), not the Graph API group GUID
(e.g. `fa101332-cf00-431b-b0ea-f701a85fde81`). The startup resolver was
storing the Graph GUID as the team config key, so runtime matching always
failed and every channel message was silently dropped.

Fix: always call `listChannelsForTeam` during resolution to find the General
channel, then use its conversation ID as the stored `teamId`. When a specific
channel is also configured, reuse the same channel list rather than issuing a
second API call. Falls back to the Graph GUID if the General channel cannot
be found (renamed/deleted edge case).

Fixes #41390

* fix(msteams): handle listChannelsForTeam failure gracefully

* fix(msteams): trim General channel ID and guard against empty string

* fix: document MS Teams allowlist team-key fix (#41838) (thanks @BradGroux)

---------

Co-authored-by: bradgroux <bradgroux@users.noreply.github.com>
Co-authored-by: Onur <onur@textcortex.com>
 2026-03-10 09:13:41 +01:00
Daniel Hnyk
450d49ea52 fix(mattermost): read replyTo param in plugin handleAction send (#41176) 
Merged via squash.

Prepared head SHA: 33cac4c33f
Co-authored-by: hnykda <2741256+hnykda@users.noreply.github.com>
Co-authored-by: mukhtharcm <56378562+mukhtharcm@users.noreply.github.com>
Reviewed-by: @mukhtharcm
 2026-03-10 13:19:54 +05:30
Daniel Reis
3495563cfe fix(sandbox): pass real workspace to sessions_spawn when workspaceAccess is ro (#40757) 
Merged via squash.

Prepared head SHA: 0e8b27bf80
Co-authored-by: dsantoreis <66363641+dsantoreis@users.noreply.github.com>
Co-authored-by: mcaxtr <7562095+mcaxtr@users.noreply.github.com>
Reviewed-by: @mcaxtr
 2026-03-10 04:12:50 -03:00
Austin
9d403fd415 fix(ui): replace Manual RPC text input with sorted method dropdown (#14967) 
Merged via squash.

Prepared head SHA: 1bb49b2e64
Co-authored-by: rixau <112558420+rixau@users.noreply.github.com>
Co-authored-by: BunsDev <68980965+BunsDev@users.noreply.github.com>
Reviewed-by: @BunsDev
 2026-03-10 01:30:31 -05:00
Val Alexander
5296147c20 CI: select Swift 6.2 toolchain for CodeQL (#41787) 
Merged via squash.

Prepared head SHA: 8abc6c1657
Co-authored-by: BunsDev <68980965+BunsDev@users.noreply.github.com>
Co-authored-by: BunsDev <68980965+BunsDev@users.noreply.github.com>
Reviewed-by: @BunsDev
 2026-03-10 01:22:41 -05:00
Frank Yang
8306eabf85 fix(agents): forward memory flush write path (#41761) 
Merged via squash.

Prepared head SHA: 0a8ebf8e5b
Co-authored-by: frankekn <4488090+frankekn@users.noreply.github.com>
Co-authored-by: frankekn <4488090+frankekn@users.noreply.github.com>
Reviewed-by: @frankekn
 2026-03-10 14:18:41 +08:00
Eugene
45b74fb56c fix(telegram): move network fallback to resolver-scoped dispatchers (#40740) 
Merged via squash.

Prepared head SHA: a4456d48b4
Co-authored-by: sircrumpet <4436535+sircrumpet@users.noreply.github.com>
Co-authored-by: obviyus <22031114+obviyus@users.noreply.github.com>
Reviewed-by: @obviyus
 2026-03-10 11:28:51 +05:30
Urian Paul Danut
d1a59557b5 fix(security): harden replaceMarkers() to catch space/underscore boundary marker variants (#35983) 
Merged via squash.

Prepared head SHA: ff07dc45a9
Co-authored-by: urianpaul94 <33277984+urianpaul94@users.noreply.github.com>
Co-authored-by: frankekn <4488090+frankekn@users.noreply.github.com>
Reviewed-by: @frankekn
 2026-03-10 13:54:23 +08:00
Laurie Luo
cf9db91b61 fix(web-search): recover OpenRouter Perplexity citations from message annotations (#40881) 
Merged via squash.

Prepared head SHA: 66c8bb2c6a
Co-authored-by: laurieluo <89195476+laurieluo@users.noreply.github.com>
Co-authored-by: obviyus <22031114+obviyus@users.noreply.github.com>
Reviewed-by: @obviyus
 2026-03-10 10:37:44 +05:30
futuremind2026
382287026b cron: record lastErrorReason in job state (#14382) 
Merged via squash.

Prepared head SHA: baa6b5d566
Co-authored-by: futuremind2026 <258860756+futuremind2026@users.noreply.github.com>
Co-authored-by: BunsDev <68980965+BunsDev@users.noreply.github.com>
Reviewed-by: @BunsDev
 2026-03-10 00:01:45 -05:00
Wayne
da4fec6641 fix(telegram): prevent duplicate messages when preview edit times out (#41662) 
Merged via squash.

Prepared head SHA: 2780e62d07
Co-authored-by: hougangdev <105773686+hougangdev@users.noreply.github.com>
Co-authored-by: obviyus <22031114+obviyus@users.noreply.github.com>
Reviewed-by: @obviyus
 2026-03-10 10:17:39 +05:30
Frank Yang
96e4975922 fix: protect bootstrap files during memory flush (#38574) 
Merged via squash.

Prepared head SHA: a0b9a02e2e
Co-authored-by: frankekn <4488090+frankekn@users.noreply.github.com>
Co-authored-by: frankekn <4488090+frankekn@users.noreply.github.com>
Reviewed-by: @frankekn
 2026-03-10 12:44:33 +08:00
Benji Peng
989ee21b24 ui: fix sessions table collapse on narrow widths (#12175) 
Merged via squash.

Prepared head SHA: b1fcfba868
Co-authored-by: benjipeng <11394934+benjipeng@users.noreply.github.com>
Co-authored-by: BunsDev <68980965+BunsDev@users.noreply.github.com>
Reviewed-by: @BunsDev
 2026-03-09 23:14:07 -05:00
Tak Hoffman
705c6a422d Add provider routing details to bug report form (#41712) 2026-03-09 23:01:55 -05:00
Josh Avant
f0eb67923c fix(secrets): resolve web tool SecretRefs atomically at runtime 2026-03-09 22:57:03 -05:00
Ayaan Zaidi
93c44e3dad ci: drop gha cache from docker release (#41692) 2026-03-10 09:14:57 +05:30
Shadow
e42c4f4513 docs: harden PR review gates against unsubstantiated fixes 2026-03-09 22:43:56 -05:00
Ayane
391f9430ca fix(feishu): pass mediaLocalRoots in sendText local-image auto-convert shim (openclaw#40623) 
Verified:
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: ayanesakura <40628300+ayanesakura@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-03-09 22:26:06 -05:00
Ayaan Zaidi
e74666cd0a build: raise extension openclaw peer floor 2026-03-10 08:47:56 +05:30
Ayaan Zaidi
731f1aa906 test: avoid detect-secrets churn in observation fixtures 2026-03-10 08:43:19 +05:30
Harold Hunt
de49a8b72c Telegram: exec approvals for OpenCode/Codex (#37233) 
Merged via squash.

Prepared head SHA: f243379094
Co-authored-by: huntharo <5617868+huntharo@users.noreply.github.com>
Co-authored-by: huntharo <5617868+huntharo@users.noreply.github.com>
Reviewed-by: @huntharo
 2026-03-09 23:04:35 -04:00
Ayaan Zaidi
9432a8bb3f test: allowlist detect-secrets fixture strings 2026-03-10 08:14:35 +05:30
Zhe Liu
25c2facc2b fix(agents): fix Brave llm-context empty snippets (#41387) 
Merged via squash.

Prepared head SHA: 1e6f1d9d51
Co-authored-by: zheliu2 <15888718+zheliu2@users.noreply.github.com>
Co-authored-by: obviyus <22031114+obviyus@users.noreply.github.com>
Reviewed-by: @obviyus
 2026-03-10 08:09:57 +05:30
Shadow
1720174757 fix: auto-close no-ci PR label and document triage labels 2026-03-09 21:30:47 -05:00
Neerav Makwana
5decb00e9d fix(swiftformat): sync GatewayModels exclusions with OpenClawProtocol (#41242) 
Co-authored-by: Shadow <shadow@openclaw.ai>
 2026-03-09 20:42:54 -05:00
Val Alexander
6b87489890 Revert "feat(ui): add chat infrastructure modules (slice 1 of dashboard-v2)" 
This reverts commit 5a659b0b61.
 2026-03-09 18:47:44 -05:00
Val Alexander
9f0a64f855 Revert "Update ui/src/ui/chat/export.ts" 
This reverts commit d648dd7643.
 2026-03-09 18:47:40 -05:00
Val Alexander
8e412bad0e Revert "fix(ui): address review feedback on chat infra slice" 
This reverts commit 8a6cd808a1.
 2026-03-09 18:47:37 -05:00