Peter Steinberger
f8dbd34ab8
feat(nodes): add computer use (computer.act) on macOS nodes via Peekaboo ( #102776 )
...
* feat(nodes): add computer use (computer.act) on macOS nodes via Peekaboo
* fix(nodes): release held computer.act input on node disconnect/stop/disable
* fix(nodes): release held computer.act input armed after a lifecycle release
* fix(nodes): scope computer.act lifecycle catch-up release to the arming action
* chore(nodes): register computer tool display metadata, sync native i18n, doc-comment constants
* fix(nodes): preserve caught-error cause in computer tool resolver; regen docs map
2026-07-09 15:28:09 +01:00
zw-xysk
cc961001f3
fix(security): keep channel-metadata and install-policy truncation surrogate-safe ( #102266 )
...
* fix(security): keep channel-metadata and install-policy truncation surrogate-safe
channel-metadata.ts and install-policy.ts both had private truncateText
functions using String.prototype.slice(0, N) on user-visible text.
channel-metadata is explicitly user-controlled untrusted content that gets
injected into LLM prompt context -- a dangling surrogate from unsafe
truncation would corrupt the prompt with invalid Unicode, affecting token
counting and potentially LLM response quality.
Replace .slice(0, ...) with truncateUtf16Safe(...) in both files so the
truncation point always falls on a complete code-point boundary.
Add test coverage for buildUntrustedChannelMetadata with emoji at both
the entry-level (400-char) and outer (800-char) truncation boundaries.
* test(security): prove UTF-16 truncation boundaries
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com >
2026-07-09 06:31:06 +01:00
Vincent Koc
f565138ddc
refactor(deadcode): localize core helpers ( #101869 )
2026-07-07 13:16:57 -07:00
Peter Steinberger
1a307be2e0
feat(skills): add lifecycle curator for workshop-created skills ( #101214 )
...
Tracks per-skill usage from the skill.used diagnostic event (trusted-only
delivery, file-scoped identity), sweeps workshop-created skills daily from
gateway maintenance (active -> stale 30d -> archived 90d, pinned bypass,
restore-only unarchive, files never touched), filters archived skills from
snapshots fail-open, reports workspace-scoped overlap candidates, and adds
openclaw skills curator CLI, additive gateway methods, and a warn-only
doctor finding. Zero new config keys; SQLite/Kysely state only.
2026-07-07 03:25:44 +01:00
Alba María Téllez Fernández
349d3547cc
fix(security): align browser audit with plugin policy ( #97732 )
...
* fix(security): respect plugin policy in browser audit summary
* fix(security): reuse browser plugin activation policy
Co-authored-by: Alba María Téllez Fernández <amtellezfernandez@gmail.com >
* fix(security): keep browser config behind plugin policy
Co-authored-by: Alba María Téllez Fernández <amtellezfernandez@gmail.com >
* chore(security): keep release notes in PR body
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com >
2026-07-07 02:27:05 +01:00
Peter Steinberger
aaf5ab910c
fix: land ten small reliability fixes ( #100483 )
...
* fix(agents): harden LSP process failures
Source: #100450
Co-authored-by: morluto <williamlin1327@gmail.com >
* fix(sandbox): report effective workspace layout
Sources: #100435 , #100439
Co-authored-by: Aniruddha Adak <aniruddhaadak80@users.noreply.github.com >
Co-authored-by: ZengWen-DT <ceng.wen@xydigit.com >
* fix(security): fail install checks on stream errors
Source: #100413
Co-authored-by: 陈宪彪0668000387 <chen.xianbiao@xydigit.com >
* fix(android): normalize all-day calendar events
Source: #100032
Co-authored-by: NianJiuZst <180004567+NianJiuZst@users.noreply.github.com >
* fix(ios): serialize push-to-talk lifecycle
Source: #99942
Co-authored-by: NianJiuZst <180004567+NianJiuZst@users.noreply.github.com >
* fix(talk): reject inherited provider names
Source: #99849
Co-authored-by: zenglingbiao <zeng.lingbiao@xydigit.com >
* fix(android): stop voice capture in background
Source: #99840
Co-authored-by: xialonglee <li.xialong@xydigit.com >
* fix(cron): preserve fallback result classification
Source: #99913
Co-authored-by: jincheng-xydt <xu.jincheng@xydigit.com >
* fix(google): bound Vertex response decompression
Source: #99812
Co-authored-by: 黄剑雄0668001315 <huang.jianxiong@xydigit.com >
* fix(plugins): report malformed discovery JSON
Source: #99892
Co-authored-by: 陈宪彪0668000387 <chen.xianbiao@xydigit.com >
* test(sandbox): configure non-default workspace fixture
* test: fix small-fix batch validation
---------
Co-authored-by: morluto <williamlin1327@gmail.com >
Co-authored-by: ZengWen-DT <ceng.wen@xydigit.com >
Co-authored-by: 陈宪彪0668000387 <chen.xianbiao@xydigit.com >
Co-authored-by: NianJiuZst <180004567+NianJiuZst@users.noreply.github.com >
Co-authored-by: zenglingbiao <zeng.lingbiao@xydigit.com >
Co-authored-by: xialonglee <li.xialong@xydigit.com >
Co-authored-by: jincheng-xydt <xu.jincheng@xydigit.com >
Co-authored-by: 黄剑雄0668001315 <huang.jianxiong@xydigit.com >
2026-07-06 00:08:51 +01:00
Peter Steinberger
c757675f34
improve: keep isolated tests under one second ( #100019 )
...
* test: speed up isolated test suite
* test: finish isolated latency cleanup
* test: eliminate remaining isolated latency spikes
* test: remove final isolated timing outliers
* test: bound full-suite tooling processes
* test: bound native test process lifetime
* test: warm isolated runtime suites
* test: eliminate final isolated timing outliers
* test: fix isolated timing fixture types
* test: make timeout cleanup timing deterministic
* test: pin media manifests to source checkout
* test: isolate provider manifest contracts
* test: eliminate residual isolated timing spikes
* test: restore final isolated timing fixes
* test: eliminate remaining isolated timing spikes
* test: warm Zalo lifecycle imports
* test: keep isolated suites below one second
* test: use readable browser response fixtures
2026-07-05 10:57:19 -07:00
Dallin Romney
194dd6fe50
refactor(security): consolidate secret primitives ( #99746 )
...
* refactor(security): consolidate secret primitives
* fix(plugin-sdk): align secret display metadata
* chore(plugin-sdk): refresh API baseline after rebase
* refactor(security): trim secret primitive consolidation
2026-07-04 16:38:13 -07:00
Peter Steinberger
bbb744269f
test: make the local pnpm test gate green on macOS hosts ( #100069 )
...
Fixes 21 macOS-only failing test cases across three classes: canonicalized fixture roots (macOS /var -> /private/var tmpdir symlink vs production realpathing), load-tolerant process-spawn tests (content-gated pid files, readiness-sequenced kill windows, bounded-window timer assertions), and cross-file worker leak guards (skip-channel env, gateway token env, imessage runtime singleton). Test-only; no production changes. Fixes #100025 .
2026-07-04 17:17:42 -04:00
Peter Steinberger
49cc59b1e8
refactor: consolidate markdown code fences, error coercion, and byte-identical helper pairs ( #99932 )
...
* refactor(shared): add markdown code span/fence helpers and migrate seven call sites
* refactor(normalization-core): add canonical toErrorObject and migrate six copies
* refactor: consolidate byte-identical helper pairs onto owner modules
* refactor: reuse canonical path and token helpers in session tools and credentials
* refactor(packages): dedupe compaction summarization tail and session dir parsing
* fix(security): keep missing extensions dir silent in shared plugin dir lister
* refactor: reuse media-core chunk reader and shared dreaming session key helper
* fix(plugins): register error-coercion subpath in sdk alias table
* chore(plugin-sdk): re-pin callable export count after rebase
* chore(plugin-sdk): re-pin callable export count after rebase
2026-07-04 08:40:41 -04:00
Peter Steinberger
1fef99962e
feat(nodes): add auto-discovered Ollama inference ( #99234 )
...
* feat(nodes): add local Ollama inference
* fix(gateway): preserve plugin node runtime for agent turns
* feat(ollama): add node inference opt-out
* test(security): preserve plugin runtime exports
* test(security): preserve plugin runtime exports
* test(security): preserve plugin runtime exports
* fix(ci): raise artifact build heap
2026-07-03 01:14:30 -07:00
Dallin Romney
5fa2082655
refactor(shared): consolidate core leaf lazy loaders ( #99278 )
2026-07-02 18:06:00 -07:00
Vincent Koc
7b313e4cc1
refactor(security): centralize safe-bin config normalization
2026-07-01 00:48:20 -07:00
Momo
f5d0c370d6
fix(security): warn on agent skill MCP boundary drift ( #98352 )
...
Summary:
- Merged fix(security): warn on agent skill MCP boundary drift after ClawSweeper review.
Automerge notes:
- No ClawSweeper repair was needed after automerge opt-in.
Validation:
- ClawSweeper review passed for head ab3c29ef4c .
- Required merge gates passed before the squash merge.
Prepared head SHA: ab3c29ef4c
Review: https://github.com/openclaw/openclaw/pull/98352#issuecomment-4850104358
Co-authored-by: momothemage <niuzhengnan@163.com >
Approved-by: momothemage
2026-07-01 03:56:28 +00:00
Vincent Koc
43f134ff55
refactor(security): share tool policy layering
2026-06-23 02:40:29 +08:00
Vincent Koc
8b78ae2855
fix(session-memory): sanitize model artifacts before saving memory ( #95791 )
...
* fix(session-memory): sanitize model artifacts before saving memory
Co-authored-by: Sophia <44297511+SweetSophia@users.noreply.github.com >
Co-authored-by: YBoy <231405196+YB0y@users.noreply.github.com >
* fix(sdk): update plugin surface budgets
---------
Co-authored-by: openclaw-clownfish[bot] <280122609+openclaw-clownfish[bot]@users.noreply.github.com>
Co-authored-by: YBoy <231405196+YB0y@users.noreply.github.com >
2026-06-22 22:48:03 +08:00
Shakker
05bed72a8d
test: restore plugin trust env
2026-06-20 19:34:22 +01:00
Vincent Koc
4651ffad4a
refactor(security): remove audit tool policy facade
2026-06-18 09:51:46 +08:00
Vincent Koc
39dc92efb7
fix(security): kill timed out exec process trees
2026-06-18 00:41:35 +02:00
Vincent Koc
7a880bcf29
feat(security): emit audit summary events
2026-06-17 16:11:32 +08:00
Vincent Koc
e51c0c8cea
fix(sqlite): include rollback journals in security paths
2026-06-16 09:22:48 +02:00
Stellar鱼
bbfea21a18
fix(security): audit open dm tool exposure ( #92883 )
...
* fix(security): audit open dm tool exposure
* fix(security): align open DM audit precedence
---------
Co-authored-by: Vincent Koc <25068+vincentkoc@users.noreply.github.com >
2026-06-16 14:38:39 +08:00
Agustin Rivera
b6a3f2988c
fix(gateway): restrict non-owner loopback tools ( #91749 )
...
* fix(gateway): restrict non-owner loopback tools
* fix(gateway): split loopback owner cache key
2026-06-09 13:15:48 -07:00
Pavan Kumar Gondhi
2a21de6322
fix: gate owner-only HTTP tools ( #90261 )
...
* fix: gate owner-only HTTP tools
* fix: inherit HTTP owner tool denies
* fix: use mutable HTTP owner deny policy
* fix: preserve RPC owner tool access
* docs: clarify owner-only gateway tool allowlist
---------
Co-authored-by: joshavant <830519+joshavant@users.noreply.github.com >
2026-06-07 17:26:12 -05:00
Vincent Koc
e2524e0438
fix(ci): break plugin import cycles
2026-06-07 19:03:38 +09:00
Shakker
e7bcbd3e7e
test: isolate windows acl system root
2026-06-05 02:14:03 +01:00
Shakker
5cf63f295b
test: snapshot exec audit home env
2026-06-05 01:57:47 +01:00
Shakker
a18c60e141
test: scope sandbox audit home env
2026-06-05 00:38:28 +01:00
Vincent Koc
52b07b4a46
test(ci): stabilize ARM changed-test guards
2026-06-04 08:18:15 -07:00
Vincent Koc
ecb30fece4
fix(ci): stabilize include permission checks
2026-06-04 07:35:25 -07:00
Peter Steinberger
4ed2fb75f2
docs: document tui runtime helpers
2026-06-04 04:10:14 -04:00
Peter Steinberger
bced79b63d
docs: document security policy helpers
2026-06-04 04:08:10 -04:00
Peter Steinberger
961759c08b
docs: document security finding helpers
2026-06-04 04:06:08 -04:00
Peter Steinberger
0e8c5fd85d
docs: document security audit helpers
2026-06-04 04:04:43 -04:00
Peter Steinberger
e16ac04330
refactor(auth): store auth profiles in sqlite ( #89102 )
2026-06-03 16:14:15 -07:00
Peter Steinberger
0b8aabe864
docs: document auth profile failure policy contract ( #89613 )
...
* docs: document markdown marker renderer
* docs: document rendered markdown chunking
* docs: document markdown text chunking
* docs: document shared text chunking
* docs: document plugin text chunking exports
* docs: document avatar policy constants
* docs: document node match candidates
* docs: document scoped expiring id cache
* docs: document runtime import normalization
* docs: document string sample summaries
* docs: document session usage timeseries types
* docs: document session usage response types
* docs: document manifest frontmatter shapes
* docs: document channel route input metadata
* docs: document pair loop guard settings
* docs: document migration config patch helpers
* docs: document api provider registry
* docs: document tool call repair payloads
* docs: document plugin tool payload helpers
* docs: document lazy promise loader
* docs: document store writer queue state
* docs: document thread binding lifecycle
* docs: document concurrency helper contract
* docs: document gateway client info contract
* docs: document delivery context contracts
* docs: document secret ref defaults contract
* docs: document command gating contract
* docs: document avatar policy contract
* docs: document node match policy
* docs: document message channel normalization
* docs: document boolean parsing contract
* docs: document zod parse helpers
* docs: document direct dm guard policy
* docs: document fixed window limiter contract
* docs: document node presence event contract
* docs: document secret normalization contract
* docs: document progress draft line removal
* docs: document usage formatting contracts
* docs: document agent run status contract
* docs: document runtime import helpers
* docs: document provider utility ownership
* docs: document invalid config helpers
* docs: document json compat parser
* docs: document channel config metadata ownership
* docs: document channel logging helpers
* docs: document sender identity validation ownership
* docs: document string sampling helper
* docs: document global singleton helpers
* docs: document transcript tool helpers
* docs: document exec safe-bin normalization
* docs: document reaction level resolver
* docs: document account snapshot redaction boundary
* docs: document messaging target helpers
* docs: document thread binding messages
* docs: document conversation binding context
* docs: document conversation resolution helper
* docs: document owner display secret retention
* docs: document provider request config types
* docs: document skills config types
* docs: document memory config types
* docs: document imessage config types
* docs: document crestodian config types
* docs: document tools config policies
* docs: document shared config base types
* docs: document channel config contracts
* docs: document openclaw config state types
* docs: document model config contracts
* docs: document shared agent config types
* docs: document agent defaults config types
* docs: document secret input contracts
* docs: document auth config contracts
* docs: document gateway config contracts
* docs: document tool call stream repair contracts
* docs: document memory host facades
* docs: document llm core contracts
* docs: document markdown core contracts
* docs: document gateway connect error contracts
* docs: document gateway protocol primitives
* docs: document gateway frame schemas
* docs: document gateway device schemas
* docs: document gateway environment schemas
* docs: document gateway push schemas
* docs: document gateway plugin schemas
* docs: document gateway artifact schemas
* docs: document gateway command schemas
* docs: document gateway task schemas
* docs: document gateway exec approval schemas
* docs: document gateway secret schemas
* docs: document gateway config schemas
* docs: document gateway snapshot schemas
* docs: document gateway chat schemas
* docs: document gateway wizard schemas
* docs: document gateway node schemas
* docs: document gateway plugin approval schemas
* docs: document gateway talk schemas
* docs: document gateway agent schemas
* docs: document gateway session schemas
* docs: document gateway cron schemas
* docs: document gateway agent model skill schemas
* docs: document gateway skill proposal tool schemas
* docs: document gateway protocol registry
* docs: document gateway channel status schemas
* docs: document gateway schema regression tests
* docs: document gateway schema barrel
* docs: document gateway validator tests
* docs: document gateway primitive push tests
* docs: document gateway contract tests
* docs: document native protocol guard
* docs: document channel schema tests
* docs: document gateway protocol smoke tests
* docs: document gateway protocol entrypoint
* docs: document gateway protocol type exports
* docs: document gateway error codes
* docs: document protocol schema registry
* docs: document talk audio codec
* docs: document talk activation names
* docs: document talk consult questions
* docs: document talk consult tool
* docs: document talk run control contracts
* docs: document talk run control adapter
* docs: document talkback consult queue
* docs: document talk consult transcript guard
* docs: document talk fast context runtime
* docs: document forced talk consult coordinator
* docs: document talk output activity tracker
* docs: document talk event metrics
* docs: document talk diagnostics
* docs: document talk observability hook
* docs: document talk provider resolver
* docs: document talk provider registry
* docs: document talk runtime primitives
* docs: document talk consult controller logs
* docs: document channel identity helpers
* docs: document channel account allowlist helpers
* docs: document channel metadata draft controls
* docs: document channel ingress policy
* docs: document channel sender access gates
* docs: document channel catalog message contracts
* docs: document channel account plugin helpers
* docs: document configured binding helpers
* docs: document channel acp approval config helpers
* docs: document channel bundled config write helpers
* docs: document channel plugin utility contracts
* docs: document channel config access helpers
* docs: document channel message action helpers
* docs: document channel outbound runtime helpers
* docs: document channel pairing promotion helpers
* docs: document channel registry helpers
* docs: document channel setup wizard helpers
* docs: document channel lifecycle status helpers
* docs: document channel target thread helpers
* docs: document channel session binding helpers
* docs: document channel package module probes
* docs: document channel setup wizard contracts
* docs: document channel plugin API barrels
* docs: document channel contract test helpers
* docs: document channel core helpers
* docs: document small core facades
* docs: document provider runtime helpers
* docs: document persistence and realtime helpers
* docs: document mcp and state helpers
* docs: document tool planner contracts
* docs: document music generation runtime
* docs: document crestodian command flow
* docs: document utility helpers
* docs: document node host helpers
* docs: document transcript contracts
* docs: document trajectory export contracts
* docs: document image generation contracts
* docs: document routing helper contracts
* docs: document session helper contracts
* docs: document video generation contracts
* docs: document model catalog contracts
* docs: document proxy capture contracts
* docs: document status rendering contracts
* docs: document test helper contracts
* docs: document wizard setup contracts
* docs: document process contracts
* docs: document memory host sdk contracts
* docs: document tts contracts
* docs: document secrets runtime contracts
* docs: document shared helper contracts
* docs: document hook runtime contracts
* docs: document security audit contracts
* docs: document flow contracts
* docs: document media understanding contracts
* docs: document tui contracts
* docs: document logging contracts
* docs: document llm contracts
* docs: document cron contracts
* docs: document daemon contracts
* docs: document task contracts
* docs: document acp contracts
* docs: document test utility contracts
* docs: document skill contracts
* docs: document config contracts
* docs: document outbound infra contracts
* docs: document command analysis contracts
* docs: document provider usage infra contracts
* docs: document file safety infra contracts
* docs: document exec approval infra contracts
* docs: document gateway runtime infra contracts
* docs: document infra utility contracts
* docs: document infra queue storage contracts
* docs: document heartbeat infra contracts
* docs: document remaining infra contracts
* docs: document gateway auth contracts
* docs: document gateway display helpers
* docs: document gateway http helpers
* docs: document gateway node helpers
* docs: document gateway mcp helpers
* docs: document gateway support helpers
* docs: document gateway server runtime helpers
* docs: document gateway runtime bootstrap helpers
* docs: document gateway session events
* docs: document gateway utility helpers
* docs: document gateway talk helpers
* docs: document gateway helper contracts
* docs: document gateway server method helpers
* docs: document gateway server auth helpers
* docs: document gateway server tests
* docs: document gateway test helpers
* docs: document gateway node tests
* docs: document gateway channel tests
* docs: document gateway session tests
* docs: document gateway server startup tests
* docs: document gateway tool test helpers
* docs: document gateway server test helpers
* docs: document gateway server method tests
* docs: document remaining gateway tests
* docs: document plugin sdk public subpaths
* docs: document plugin sdk runtime helpers
* docs: document plugin sdk memory provider helpers
* docs: document plugin sdk runtime facades
* docs: document plugin sdk command approval helpers
* docs: document plugin sdk runtime types
* docs: document plugin sdk browser account helpers
* docs: document plugin sdk media memory helpers
* docs: document plugin sdk core tests
* docs: document plugin sdk contract helpers
* docs: document plugin sdk test helpers
* docs: document remaining plugin sdk tests
* docs: document cli utility helpers
* docs: document cli runtime helpers
* docs: document cli command registration helpers
* docs: document node cli helpers
* docs: document cli program registration
* docs: document message cli registration
* docs: document daemon cli helpers
* docs: document cli route parsers
2026-06-03 15:20:39 -07:00
Josh Avant
154f439c81
Add operator install policy and remove dangerous-code install scanners ( #89516 )
...
* feat: add operator install policy
* test: cover plain-file plugin install code
* fix: preserve locationless install policy findings
* refactor: remove install-time plugin scanner
* test: remove stale plugin install helper
* fix: preserve before-install builtin scan type
* fix: preserve plugin dependency denylist
---------
Co-authored-by: Mainframe <mainframe@MainfraacStudio.localdomain >
2026-06-03 14:17:29 -07:00
Coy Geek
3509f7613e
fix: audit and repair hooks token reuse with Gateway auth
...
Keep startup non-breaking for existing installs when hooks.token reuses Gateway auth, but surface a startup warning, critical security audit finding, and doctor --fix repair that rotates persisted hooks.token.
Closes #87376 .
Co-authored-by: Coy Geek <65363919+coygeek@users.noreply.github.com >
2026-06-02 08:58:40 -04:00
Peter Steinberger
5443baa852
Persist plugin install index in SQLite ( #88794 )
...
* refactor: persist plugin install index in sqlite
* fix: merge legacy plugin index records into sqlite
* test: update plugin index sqlite fixtures
* fix: migrate custom plugin install indexes
* test: update plugin index sentinel
* fix: exclude migrated plugin index archives
* fix: read post-upgrade plugin index from sqlite
* fix: migrate legacy plugin index before agent runs
* fix: respect disabled persisted plugin registry reads
* test: type plugin install record fixtures
* fix: simplify plugin index record reader type
* test: fix sqlite plugin index CI fallout
* test: mock provider normalization in agent command tests
# Conflicts:
# src/commands/agent-command.test-mocks.ts
* build: remove unused ui three dependency
2026-05-31 20:51:33 -04:00
Peter Steinberger
27dde7a4d6
chore(lint): enable stricter error rules
2026-06-01 01:12:21 +01:00
Peter Steinberger
22cb7fb6b7
chore(lint): enable no-promise-executor-return
2026-05-31 23:06:13 +01:00
Peter Steinberger
304e2c83c0
chore(lint): enable stricter oxlint rules
2026-05-31 18:59:02 +01:00
Peter Steinberger
85beee613c
docs: clarify inline code comments
...
Comment-only follow-up documenting reusable gateway, auth, proxy, device, Talk, session, and agent helper contracts.\n\nVerification: git diff --check plus targeted tests recorded in PR body.
2026-05-31 14:37:41 +01:00
Peter Steinberger
3950605561
chore(lint): tighten lint exception coverage
2026-05-31 10:42:59 +01:00
Peter Steinberger
00d8d7ead0
refactor: extract normalization core package
...
Extract shared normalization/coercion helpers into private @openclaw/normalization-core workspace package while preserving existing plugin SDK helper subpaths.\n\nAlso keeps direct normalization-core imports internal, wires UI/build/loader resolution, and replaces the slow PR network CodeQL lane with a fast added-line boundary scan while retaining full CodeQL for scheduled/manual runs.\n\nVerification: local moved tests, plugin SDK boundary tests, extension loader tests, agents-support shard, UI build/test, build artifacts, lint, workflow guards, autoreview, and GitHub CI passed on PR head 963d893715 .
2026-05-31 01:33:00 +01:00
Peter Steinberger
4c33aaa86c
refactor: unify OpenAI provider identity ( #88451 )
...
* refactor: unify OpenAI provider identity
* refactor: move legacy oauth sidecar doctor helpers
* test: align OpenAI fixtures after rebase
* test: clean OpenAI provider unification
* fix: finish OpenAI provider cleanup
* fix: finish OpenAI cleanup follow-through
* fix: finish OpenAI CI cleanup
2026-05-31 00:29:44 +01:00
Peter Steinberger
8eeaa45729
refactor: route model catalog imports to core package
...
Route internal model catalog imports to the extracted @openclaw/model-catalog-core package and delete obsolete internal facades.
Keep public SDK declarations self-contained by wrapping core helpers at public boundaries instead of leaking private package imports.
Verification:
- pnpm test src/plugins/contracts/model-catalog-core-imports.test.ts src/plugins/sdk-alias.test.ts packages/model-catalog-core/src/configured-model-refs.test.ts packages/model-catalog-core/src/provider-model-id-normalize.test.ts packages/model-catalog-core/src/provider-model-id-normalization.test.ts src/config/config.model-ref-validation.test.ts src/agents/model-selection.test.ts src/plugin-sdk/provider-model-shared.test.ts -- --reporter=verbose
- pnpm check:test-types
- pnpm test:extensions:package-boundary:compile
- pnpm build
- rg "@openclaw/model-catalog-core" dist/plugin-sdk packages/plugin-sdk/dist -n --glob '*.d.ts' || true
- git diff --check
- autoreview clean after fix
CI note: merged with admin override because checks-node-agentic-commands-doctor and checks-node-core-runtime-infra-state failed twice with exit 143/no-output watchdog termination after prior passing test output, while relevant local proof and the rest of CI were green.
2026-05-30 17:48:18 +01:00
Josh Avant
584fa3215c
Fix restart sentinel internal continuations ( #88161 )
...
* fix restart sentinel internal continuations
* update gateway prompt snapshots
* stabilize sandbox browser audit timer tests
* drive sandbox audit timeouts deterministically
* drive gh-read timeout tests deterministically
* drive label-open-issues timeout tests deterministically
* document deterministic timeout test timers
* test: preserve deterministic timer setup after rebase
2026-05-29 19:06:54 -07:00
Peter Steinberger
acb0e9c155
fix(agents): extend terminal outcome projections ( #88162 )
...
* fix(agents): extend terminal outcome projections
* fix(agents): align terminal outcome follow-up checks
* fix(agents): satisfy terminal outcome mapper lint
* test(scripts): isolate websocket open timers
* test(security): drive sandbox browser timeout timers
* test(scripts): drive gh-read timeout timers
* test(agents): isolate code mode timers
* fix(agents): preserve hard timeouts on wait surfaces
* fix(agents): require timeout attribution for provider errors
* fix(sdk): require timeout attribution for provider errors
* fix(scripts): preserve changelog parse cause
2026-05-30 03:13:01 +02:00
Peter Steinberger
43658872d9
test: stabilize sandbox browser audit timers
2026-05-30 01:18:53 +01:00