vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-04-14 18:51:04 +00:00
Code Issues Packages Projects Releases Wiki Activity
28,986 Commits 1,286 Branches 108 Tags
e0b4f3b995cc69920c19e67edbde13bcc3d4c105
Commit Graph

242 Commits

Author SHA1 Message Date
Peter Steinberger
3174c6919d refactor: dedupe gateway memory trimmed readers 2026-04-08 01:36:39 +01:00
Peter Steinberger
ae4f8da94f refactor: dedupe media and discord lowercase helpers 2026-04-07 13:44:41 +01:00
Peter Steinberger
74ea9de6f2 refactor: dedupe reply lowercase helpers 2026-04-07 10:37:39 +01:00
Peter Steinberger
f54a57b80a refactor: dedupe lowercase string helpers 2026-04-07 10:37:39 +01:00
Peter Steinberger
7087845f58 refactor: dedupe trim reader aliases 2026-04-07 09:44:53 +01:00
Peter Steinberger
870cc22cb0 refactor: dedupe media readers 2026-04-07 06:42:34 +01:00
Devin Robison
e420468ebd fix: openclaw allows normal reply text to carry media (#345) (#62136) 
* fix: openclaw allows normal reply text to carry media (#345)
 2026-04-06 16:08:33 -06:00
Vincent Koc
d8226037c3 fix(media): lazy load file-type sniffing 2026-04-06 13:52:18 +01:00
Vincent Koc
372df37df3 test(media): reuse suite temp root tracker in media redirect tests 2026-04-06 10:55:46 +01:00
Vincent Koc
62cc3a31ee test(media): reuse suite temp root tracker in web media tests 2026-04-06 10:55:25 +01:00
Vincent Koc
44c3572d40 test(media): reuse suite temp root tracker in outside-workspace media tests 2026-04-06 10:54:48 +01:00
Vincent Koc
ab93e9e30a test(media): reuse suite temp root tracker in media server tests 2026-04-06 10:53:31 +01:00
Peter Steinberger
41e39eb46f refactor: register channel bootstrap capabilities 2026-04-05 09:13:48 +01:00
Peter Steinberger
ab318de8b7 test(plugins): finish moving contract coverage 2026-04-04 00:11:39 +01:00
Peter Steinberger
e4b5027c5e refactor(plugins): move extension seams into extensions 2026-04-04 00:10:16 +01:00
Peter Steinberger
267b6f595c test: harden windows ci coverage 2026-04-03 22:09:34 +01:00
Peter Steinberger
13bc70397a test: trim test partial mocks 2026-04-03 19:10:56 +01:00
Vincent Koc
f575bc2bfe test(ci): harden proxy-sensitive and timeout unit tests 2026-04-04 02:12:00 +09:00
Peter Steinberger
ba7297ff21 test: narrow media fs-safe test seams 2026-04-03 14:22:12 +01:00
Peter Steinberger
b66197f932 test: reduce import wrapper reload churn 2026-04-03 07:14:58 +01:00
Peter Steinberger
e3674bcc04 test: streamline runtime wrapper test reloads 2026-04-03 04:41:38 +01:00
Neerav Makwana
7c7098fd1d fix: keep inbound images readable on upgraded installs (#59971) (thanks @neeravmakwana) 
* fix(telegram): allow inbound media from config dir

Made-with: Cursor

* test: simplify local roots regression

* fix: keep inbound images readable on upgraded installs (#59971) (thanks @neeravmakwana)

---------

Co-authored-by: Ayaan Zaidi <hi@obviy.us>
 2026-04-03 08:24:29 +05:30
bobbyt74
cae1d9bc6d fix(whatsapp): add HTML/XML/CSS to MIME map + fallback for unknown media types (#51562) 
Merged via squash.

Prepared head SHA: 83f2eabd49
Co-authored-by: bobbyt74 <262672147+bobbyt74@users.noreply.github.com>
Co-authored-by: mcaxtr <7562095+mcaxtr@users.noreply.github.com>
Reviewed-by: @mcaxtr
 2026-04-02 00:25:12 -03:00
ImLukeF
101c31f5e1 test: harden ci-sensitive unit suites 2026-04-01 20:53:16 +11:00
Kenny Xie
2650ce31fc fix(media): resolve relative MEDIA paths against agent workspace (#58624) 
* fix(media): resolve relative MEDIA: paths against agent workspace dir

* fix(agents): remove stale ollama compat import

* fix(media): preserve workspace dir in outbound access
 2026-03-31 21:09:28 -04:00
Peter Steinberger
43ef8a5a86 refactor(media): centralize outbound access plumbing 2026-04-01 00:32:53 +09:00
Peter Steinberger
fc5a2f9293 fix(media): add host media read helper 2026-04-01 00:08:20 +09:00
Peter Steinberger
3bb02d3338 fix(media): align outbound sends with fs read capability 2026-04-01 00:07:50 +09:00
Vincent Koc
0ed4f8a72b fix(media): reject oversized image inputs before decode (#58226) 
* fix(media): cap oversized image inputs

* chore(changelog): add media input guard note

* fix(media): address input guard review feedback

* fix(media): fail closed on unknown sips dimensions

* fix(media): avoid sips fallback in input guard
 2026-03-31 22:52:55 +09:00
Vincent Koc
e704323ff3 fix(media): drop auth headers on cross-origin redirects (#58224) 
* fix(media): drop auth headers on cross-origin redirects

* chore(changelog): sync unreleased context

* fix(media): keep fetch-guard redirect helper working
 2026-03-31 19:57:42 +09:00
Jacob Tomlinson
781775ec08 Media: secure image temp dirs (#58270) 2026-03-31 11:12:47 +01:00
pgondhi987
f865a5455e fix(media): drop sensitive headers on cross-origin redirects [AI] (#58156) 2026-03-31 09:22:11 +01:00
Peter Steinberger
6b6ddcd2a6 test: speed up core runtime suites 2026-03-31 02:25:02 +01:00
Shakker
1dda032531 style: format rebased main files 2026-03-31 01:40:55 +01:00
Jacob Tomlinson
1ca4261d7e fix(media): keep local roots configuration-derived (#57770) 
* fix(media): keep local roots configuration-derived

Co-authored-by: Jacob Tomlinson <jtomlinson@nvidia.com>

* fix(media): simplify local root lookup

* fix(media): keep legacy local roots export
 2026-03-30 17:15:03 +01:00
Sean
c6f2db1506 fix: prevent gateway attachment offload regressions (#55513) (thanks @Syysean) 
* feat(gateway): implement claim check pattern to prevent OOM on large attachments

* fix: sanitize mediaId, refine trimEnd, remove warn log, add threshold and absolute path

* fix: enforce maxBytes before decoding and use dynamic path from saveMediaBuffer

* fix: enforce absolute maxBytes limit before Buffer allocation and preserve file extensions

* fix: align saveMediaBuffer arguments and satisfy oxfmt linter

* chore: strictly enforce linting rules (curly braces, unused vars, and error typing)

* fix: restrict offload to mainstream mimes to avoid extension-loss bug in store.ts for BMP/TIFF

* fix: restrict offload to mainstream mimes to bypass store.ts extension-loss bug

* chore: document bmp/tiff exclusion from offload whitelist in MIME_TO_EXT

* feat: implement agent-side resolver for opaque media URIs and finalize contract

* fix: support unicode media URIs and allow consecutive dots in safe IDs based on Codex review

* fix(gateway): enforce strict fail-fast for oversized media to prevent OOM bypass

* refactor(gateway): harden media offload with performance and security optimizations

This update refines the Claim Check pattern with industrial-grade guards:

- Performance: Implemented sampled Base64 validation for large payloads (>4KB) to prevent event loop blocking.
- Security: Added null-byte (\u0000) detection and reinforced path traversal guards.
- I18n: Updated media-uri regex to a blacklist-based character class for Unicode/Chinese filename support, with oxlint bypass for intentional control regex.
- Robustness: Enhanced error diagnostics with JSON-serialized IDs.

* fix: add HEIC/HEIF to offload allowlist and pass maxBytes to saveMediaBuffer

* fix(gateway): clean up offloaded media files on attachment parse failure

Address Codex review feedback: track saved media IDs and implement best-effort cleanup via deleteMediaBuffer if subsequent attachments fail validation, preventing orphaned files on disk.

* fix(gateway): enforce full base64 validation to prevent whitespace padding bypass

Address Codex review feedback: remove early return in isValidBase64 so padded payloads cannot bypass offload thresholds and reintroduce memory pressure. Updated related comments.

* fix(gateway): preserve offloaded media metadata and fix validation error mapping

Address Codex review feedback:
- Add \offloadedRefs\ to \ParsedMessageWithImages\ to expose structured metadata for offloaded attachments, preventing transcript media loss.
- Move \erifyDecodedSize\ outside the storage try-catch block to correctly surface client base64 validation failures as 4xx errors instead of 5xx \MediaOffloadError\.
- Add JSDoc TODOs indicating that upstream callers (chat.ts, agent.ts, server-node-events.ts) must explicitly pass the \supportsImages\ flag.

* fix(agents): explicitly allow media store dir when loading offloaded images

Address Codex review feedback: Pass getMediaDir() to loadWebMedia's localRoots for media-uri refs to prevent legacy path resolution mismatches from silently dropping large attachments.

* fix(gateway): resolve attachment offload regressions and error mapping

Address Codex review feedback:
- Pass \supportsImages\ dynamically in \chat.ts\ and \gent.ts\ based on model catalog, and explicitly in \server-node-events.ts\.
- Persist \offloadedRefs\ into the transcript pipeline in \chat.ts\ to preserve media metadata for >2MB attachments.
- Correctly map \MediaOffloadError\ to 5xx (UNAVAILABLE) to differentiate server storage faults from 4xx client validation errors.

* fix(gateway): dynamically compute supportsImages for overrides and node events

Address follow-up Codex review feedback:

- Use effective model (including overrides) to compute \supportsImages\ in \gent.ts\.

- Move session load earlier in \server-node-events.ts\ to dynamically compute \supportsImages\ rather than hardcoding true.

* fix(gateway): resolve capability edge cases reported by codex

Address final Codex edge cases:
- Refactor \gent.ts\ to compute \supportsImages\ even when no session key is present, ensuring text-only override requests without sessions safely drop attachments.
- Update catalog lookups in \chat.ts\, \gent.ts\, and \server-node-events.ts\ to strictly match both \id\ and \provider\ to prevent cross-provider model collisions.

* fix(agents): restore before_install hook for skill installs

Restore the plugin scanner security hook that was accidentally dropped during merge conflict resolution.

* fix: resolve attachment pathing, defer parsing after auth gates, and clean up node-event mocks

* fix: resolve syntax errors in test-env, fix missing helper imports, and optimize parsing sequence in node events

* fix(gateway): re-enforce message length limit after attachment parsing

Adds a secondary check to ensure the 20,000-char cap remains effective even after media markers are appended during the offload flow.

* fix(gateway): prevent dropping valid small images and clean up orphaned media on size rejection

* fix(gateway): share attachment image capability checks

* fix(gateway): preserve mixed attachment order

* fix: fail closed on unknown image capability (#55513) (thanks @Syysean)

* fix: classify offloaded attachment refs explicitly (#55513) (thanks @Syysean)

---------

Co-authored-by: Ayaan Zaidi <hi@obviy.us>
 2026-03-30 20:54:40 +05:30
Peter Steinberger
8061b792b2 test: repair focused unit lane drift 2026-03-28 11:41:06 +00:00
Peter Steinberger
48b2eb2604 test: fix media and channel regression expectations 2026-03-28 08:10:47 +00:00
Ayaan Zaidi
0feeea0994 test: make media symlink fixture idempotent 2026-03-28 13:30:11 +05:30
Ayaan Zaidi
912bd1f5cc test: align media parse expectations 2026-03-28 13:29:14 +05:30
Peter Steinberger
e7c1fcba0c test: dedupe media utility suites 2026-03-28 07:31:40 +00:00
Peter Steinberger
b4fe0faf1b test: dedupe config and utility suites 2026-03-28 00:46:53 +00:00
Peter Steinberger
fef688fb7a test: dedupe utility and config suites 2026-03-28 00:26:55 +00:00
Jacob Tomlinson
824e16f9dd fix(media): require fs access for dynamic local roots (#55946) 
* fix(media): require fs access for dynamic local roots

* fix(media): tighten fs root expansion policy

* fix(media): align fs root expansion with effective policy
 2026-03-27 19:06:02 +00:00
Peter Steinberger
8ddeada97d test: move extension-owned coverage into plugins 2026-03-27 15:11:33 +00:00
Val Alexander
bb932beeac Media: respect umask and clean failed downloads 2026-03-27 08:55:06 -05:00
Val Alexander
206c29514c Media: enforce file mode after writes 2026-03-27 08:55:06 -05:00
Peter Steinberger
4019671331 refactor: add runtime-boundary plugin test seams 2026-03-27 13:46:17 +00:00
Anmol Ahuja
c40884d306 Prefer non-user writeable paths (#54346) 
* infra: trust system binary roots

* infra: isolate windows install root overrides

* infra: narrow windows reg lookup

* browser: restore windows executable comments

---------

Co-authored-by: Jacob Tomlinson <jtomlinson@nvidia.com>
 2026-03-27 11:29:32 +00:00
Peter Steinberger
5f9f08394a refactor: share matrix and telegram dedupe helpers 2026-03-26 15:08:45 +00:00