vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-03-29 10:50:58 +00:00
Code Issues Packages Projects Releases Wiki Activity
22,440 Commits 939 Branches 90 Tags
d81b5fc7922a2015fa5b4e028343041457f6a708
Commit Graph

140 Commits

Author SHA1 Message Date
Jacob Tomlinson
f92c92515b fix(extensions): route fetch calls through fetchWithSsrFGuard (#53929) 
* fix(extensions): route fetch calls through fetchWithSsrFGuard

Replace raw fetch() with fetchWithSsrFGuard in BlueBubbles, Mattermost,
Nextcloud Talk, and Thread Ownership extensions so outbound requests go
through the shared DNS-pinning and network-policy layer.

BlueBubbles: thread allowPrivateNetwork from account config through all
fetch call sites (send, chat, reactions, history, probe, attachments,
multipart). Add _setFetchGuardForTesting hook for test overrides.

Mattermost: add guardedFetchImpl wrapper in createMattermostClient that
buffers the response body before releasing the dispatcher. Handle
null-body status codes (204/304).

Nextcloud Talk: wrap both sendMessage and sendReaction with
fetchWithSsrFGuard and try/finally release.

Thread Ownership: add fetchWithSsrFGuard and ssrfPolicyFromAllowPrivateNetwork
to the plugin SDK surface; use allowPrivateNetwork:true for the
Docker-internal forwarder.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix(extensions): improve null-body handling and test harness cleanup

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix(bluebubbles): default to strict SSRF policy when allowPrivateNetwork is unset

Callers that omit allowPrivateNetwork previously got undefined policy,
which caused blueBubblesFetchWithTimeout to fall through to raw fetch
and bypass the SSRF guard entirely.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix(bluebubbles): thread allowPrivateNetwork through action and monitor call sites

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix(mattermost,nextcloud-talk): add allowPrivateNetwork config for self-hosted/LAN deployments

* fix: regenerate config docs baseline for new allowPrivateNetwork fields

---------

Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-26 02:04:54 -07:00
Peter Steinberger
efafbece17 test: collapse nextcloud-talk send and helper suites 2026-03-25 05:39:11 +00:00
Peter Steinberger
7467f304a7 test: collapse nextcloud-talk helper suites 2026-03-25 05:33:57 +00:00
Peter Steinberger
6e050808ef test: collapse channel setup test suites 2026-03-25 04:52:36 +00:00
Peter Steinberger
5c8ea0a175 refactor: share channel setup status helpers 2026-03-23 01:56:01 +00:00
Vincent Koc
9a07187339 style(format): fix extension test drift 2026-03-22 18:53:22 -07:00
Vincent Koc
a437f0417e test(nextcloud-talk): cover inbound behavior branches 2026-03-22 18:47:28 -07:00
Peter Steinberger
ecdf5d457a test: fix latest main test regressions 2026-03-22 18:28:13 -07:00
Vincent Koc
645c9210b3 style(format): fix provider test formatting drift 2026-03-22 18:25:55 -07:00
Vincent Koc
0a329b2c9f Revert "style(format): fix check drift in provider tests" 
This reverts commit 2619f5fe55.
 2026-03-22 18:25:07 -07:00
Vincent Koc
2619f5fe55 style(format): fix check drift in provider tests 2026-03-22 18:24:40 -07:00
Vincent Koc
71113ea0cb test(nextcloud-talk): cover setup adapter 2026-03-22 18:13:59 -07:00
Vincent Koc
cbf9cd0acb fix(ci): repair main checks 2026-03-22 18:13:14 -07:00
Vincent Koc
a61e5d17f0 deps: update fast-xml-parser and markdown-it (#52541) 
* style: format test files

* deps: bump fast-xml-parser override
 2026-03-22 17:55:47 -07:00
Vincent Koc
52538575c3 test(nextcloud-talk): cover room info and routing 2026-03-22 17:46:47 -07:00
Vincent Koc
dcef96e6d4 test(nextcloud-talk): cover signature and format helpers 2026-03-22 17:38:36 -07:00
Peter Steinberger
72bfaf6ee2 refactor: share computed channel status adapters 2026-03-22 23:37:12 +00:00
Peter Steinberger
4cc0d05cfb refactor: share channel runtime state defaults 2026-03-22 23:37:12 +00:00
Peter Steinberger
3a949646da refactor: simplify builder pairing adapters 2026-03-22 22:45:06 +00:00
Peter Steinberger
a6f918731f refactor: adopt chat plugin builder in nextcloud talk 2026-03-22 22:00:25 +00:00
Peter Steinberger
ff6e0bed5f refactor: finish remaining status helper dedupe 2026-03-22 21:07:19 +00:00
Peter Steinberger
87722d6327 refactor: extend shared account status snapshot helpers 2026-03-22 20:55:16 +00:00
Peter Steinberger
00b2f10dec refactor: share account snapshot descriptions 2026-03-22 20:55:16 +00:00
Peter Steinberger
fa13c2960e refactor: share scoped account accessor adapters 2026-03-22 20:30:21 +00:00
Peter Steinberger
ff941b0193 refactor: share nested account config merges 2026-03-22 19:53:51 +00:00
Peter Steinberger
d06413e335 refactor: share normalized account lookups 2026-03-22 19:01:52 +00:00
Peter Steinberger
017d295edb refactor: adopt shared account merge helpers 2026-03-22 19:01:52 +00:00
Peter Steinberger
b4656f193a test: strengthen regression coverage and trim low-value checks 2026-03-22 07:38:01 +00:00
Peter Steinberger
89bc66feef refactor(test): dedupe startup channel test helpers 2026-03-22 03:41:25 +00:00
Peter Steinberger
f1b2c5639a refactor(test): dedupe startup and nostr test fixtures 2026-03-22 01:12:31 +00:00
Peter Steinberger
62ddc9d9e0 refactor: consolidate plugin sdk surface 2026-03-20 19:24:10 +00:00
Tak Hoffman
5b7b5529f1 Plugins: remove shared extension boundary debt 2026-03-18 22:58:40 -05:00
Peter Steinberger
07d9f725b6 refactor: unify plugin sdk primitives 2026-03-18 23:58:56 +00:00
Peter Steinberger
46f49eb6eb refactor: shrink plugin sdk public surface 2026-03-18 23:31:08 +00:00
Peter Steinberger
8d73bc77fa refactor: deduplicate reply payload helpers 2026-03-18 17:30:25 +00:00
Peter Steinberger
27f655ed11 refactor: deduplicate channel runtime helpers 2026-03-18 16:37:27 +00:00
Peter Steinberger
05603e4e6c refactor: deduplicate channel config adapters 2026-03-18 04:51:29 +00:00
Gustavo Madeira Santana
6816c76738 Nextcloud Talk: move outbound session routing behind plugin boundary 2026-03-18 04:09:48 +00:00
Peter Steinberger
1a9114a169 refactor: deduplicate setup wizard helpers 2026-03-18 03:58:22 +00:00
Peter Steinberger
9350cb19dd refactor: deduplicate plugin setup and channel config helpers 2026-03-18 03:28:05 +00:00
Vincent Koc
af63b72901 Plugins: internalize nextcloud talk SDK imports 2026-03-17 15:58:00 -07:00
Peter Steinberger
f9588da3e0 refactor: split plugin testing seam from bundled extension helpers 2026-03-17 01:05:09 -07:00
Peter Steinberger
769332c1a7 refactor(nextcloud-tests): share inbound authz setup 2026-03-17 07:23:44 +00:00
Peter Steinberger
f2bd76cd1a refactor: finalize plugin sdk legacy boundary cleanup 2026-03-16 22:51:46 -07:00
Peter Steinberger
a1a8b74e9a refactor(nextcloud-talk): share dm policy prompt 2026-03-17 05:18:41 +00:00
Peter Steinberger
9ebe38b6e3 refactor: untangle remaining plugin sdk boundaries 2026-03-16 21:16:32 -07:00
Peter Steinberger
4ae71485e9 refactor(setup): share scoped config prelude 2026-03-17 04:10:03 +00:00
Peter Steinberger
c3571d982d refactor(nextcloud-talk): share setup allowlist prompt 2026-03-17 04:09:15 +00:00
Peter Steinberger
656848dcd7 refactor: rename setup wizard surfaces 2026-03-15 21:40:31 -07:00
Peter Steinberger
77d0ff629c refactor: rename channel setup flow seam 2026-03-15 20:44:25 -07:00