vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-06-24 04:49:33 +00:00
Code Issues Packages Projects Releases Wiki Activity
60,625 Commits 1,843 Branches 149 Tags
e0ec42e0e0e2ec5d6f15205802fcd2a0f2a8612e
Commit Graph

439 Commits

Author SHA1 Message Date
Vincent Koc
0f18e82932 fix(e2e): reject unsafe bounded response text lengths 
Reject unsafe decimal Content-Length values in the E2E bounded response text helper before streaming response bodies. Keep non-decimal values on the streaming byte-limit path and add regression coverage proving unsafe declared lengths cancel without starting a read.

Proof: direct patched repro rejects before reading with code ETOOBIG; origin/main comparison entered the reader first; node --check scripts/e2e/lib/bounded-response-text.mjs; git diff --check origin/main...HEAD; autoreview clean overall 0.86; exact-head release gate succeeded at https://github.com/openclaw/openclaw/actions/runs/27846197115.
 2026-06-20 04:20:02 +08:00
Vincent Koc
6cfb025143 fix(e2e): reject unsafe chat tools body lengths 
Reject unsafe numeric Content-Length values in the OpenAI chat tools E2E client before waiting on the response stream.

Also hardens Docker E2E heartbeat timing coverage after the exact-head release gate exposed a brittle zero-padded heartbeat assertion.

Verification: direct mock gateway repro, docker heartbeat shell proof, autoreview clean, and exact-head CI release gate https://github.com/openclaw/openclaw/actions/runs/27843455246.
 2026-06-20 03:09:51 +08:00
Vincent Koc
fc1bdecf08 fix(e2e): cancel ClickClack fixture bodies 2026-06-19 08:14:39 +02:00
Vincent Koc
a57e761f6b fix(e2e): cancel Open WebUI HTTP probe bodies 2026-06-19 08:11:11 +02:00
Vincent Koc
a37dd0210b fix(e2e): bound upgrade survivor probe retries 2026-06-19 07:52:44 +02:00
Vincent Koc
089f8c7fb5 fix(e2e): cancel plugin preflight body reads 2026-06-19 07:28:00 +02:00
Vincent Koc
712e69dd74 fix(e2e): honor gateway network client deadline 2026-06-19 07:23:24 +02:00
Vincent Koc
dc9b1d5159 fix(e2e): cancel chat-tools response reads on timeout 2026-06-19 07:11:07 +02:00
Vincent Koc
06b6f7055b fix(e2e): keep clickclack fixture body reads timed 2026-06-19 06:19:21 +02:00
Vincent Koc
d9c66b9c6d fix(e2e): bound upgrade survivor probe body reads 2026-06-19 06:02:31 +02:00
Vincent Koc
ca6d52e0e8 fix(e2e): bound bundled readyz diagnostics 2026-06-19 05:00:38 +02:00
Vincent Koc
10f0588ee3 fix(e2e): align codex live turn timeouts 2026-06-19 03:43:44 +02:00
Vincent Koc
239b4de6af fix(e2e): validate fixture log limits 2026-06-19 01:17:35 +02:00
Vincent Koc
84bcdaa983 fix(e2e): validate fixture cleanup interval 2026-06-19 00:29:25 +02:00
Vincent Koc
392f5b75bf fix(e2e): validate kitchen sink fixture wait attempts 2026-06-18 23:21:28 +02:00
Vincent Koc
34d402f53c fix(e2e): validate plugin fixture stop attempts 2026-06-18 23:17:00 +02:00
Vincent Koc
1faf8175e4 fix(e2e): validate onboard gateway wait attempts 2026-06-18 23:12:41 +02:00
Vincent Koc
cc3d346c15 fix(e2e): validate upgrade survivor budgets 2026-06-18 22:52:19 +02:00
Vincent Koc
61b116d597 fix(e2e): validate plugin update timeout seconds 2026-06-18 22:23:23 +02:00
Vincent Koc
7f1fa65399 fix(e2e): reject declared oversized probe bodies 2026-06-18 21:37:07 +02:00
Vincent Koc
4c9b4c32ef fix(scripts): ignore loose content length headers 2026-06-18 21:05:16 +02:00
Vincent Koc
f381dca15b fix(e2e): reject loose docker stats CPU samples 2026-06-18 20:57:55 +02:00
Vincent Koc
9ab9469d04 fix(e2e): reject unsafe bundled runtime limits 2026-06-18 20:54:56 +02:00
Vincent Koc
cebe5cb94a fix(e2e): reject invalid client gateway ports 2026-06-18 20:46:11 +02:00
Vincent Koc
53bb55e023 fix(e2e): reject invalid config writer ports 2026-06-18 20:33:31 +02:00
Vincent Koc
317919ec52 fix(e2e): reject invalid mock fixture ports 2026-06-18 20:28:20 +02:00
Vincent Koc
3125cdacb5 fix(e2e): bound bundled runtime smoke ports 2026-06-18 19:54:19 +02:00
Vincent Koc
de10eca7d6 refactor(scripts): dedupe release assertion readers 2026-06-18 12:17:32 +08:00
Vincent Koc
cb8daec729 refactor(scripts): dedupe mcp code-mode fixture 2026-06-18 12:14:01 +08:00
Vincent Koc
7430079cd7 fix(test): force-kill plugin fixture servers 2026-06-18 02:42:46 +02:00
Dallin Romney
0a6736af09 test: fold lifecycle and package proof into QA Lab (#93114) 
* test: fold script coverage into qa scenarios

* test: migrate script checks into qa e2e

* test: point qa code refs at migrated e2e

* test: fold plugin lifecycle probe into qa e2e

* test: use shared temp dirs in plugin lifecycle probe

* test: fold plugin lifecycle sweep into qa lab

* test: trim lifecycle docker text assertions

* test: keep followup script conversions split

* test: make lifecycle docker runner script-safe

* test: update changed helper routing expectation
 2026-06-17 14:22:04 -07:00
Vincent Koc
69abb2c090 fix(codex): send legacy dynamic tool start specs 2026-06-17 07:54:25 +02:00
Vincent Koc
2a6c0ab5bf fix(release): reject loose upgrade recipe baselines 2026-06-16 22:44:22 +02:00
Vincent Koc
e8022eb4a5 fix(qa): reject loose OpenWebUI probe statuses 2026-06-16 21:24:09 +02:00
Vincent Koc
49cc82e547 fix(qa): reject loose docker stats ceilings 2026-06-16 21:20:59 +02:00
Vincent Koc
ef5d6a66bd fix(qa): reject loose bundled plugin runtime indexes 2026-06-16 20:58:23 +02:00
Vincent Koc
ae9ae560e9 fix(qa): reject loose ClickClack wait timeouts 2026-06-16 20:41:12 +02:00
Vincent Koc
ae99ce729a fix(qa): reject loose mock OpenAI ports 2026-06-16 20:37:36 +02:00
Vincent Koc
1ae0eacf4b fix(scripts): avoid downgrade release upgrade baselines 2026-06-16 09:35:39 +02:00
Vincent Koc
484ee14273 fix(scripts): bound plugin install index artifacts 2026-06-16 06:43:01 +02:00
Vincent Koc
f9376b16d4 fix(scripts): bound npm onboard status artifacts 2026-06-16 06:19:32 +02:00
Vincent Koc
9eed9c5758 fix(e2e): derive lifecycle proc units 2026-06-16 02:56:41 +02:00
Dallin Romney
ded3a93058 fix(e2e): keep lifecycle timeout cleanup alive (#92566) 2026-06-12 18:52:34 -07:00
Shakker
a450ff036a fix: repair origin main CI failures 2026-06-10 23:49:41 +01:00
Vincent Koc
a7b0d325af fix(sessions): repair shipped stale transcript paths 2026-06-11 07:30:34 +09:00
Vincent Koc
0923ee251e fix(sessions): rewrite migrated transcript paths 2026-06-11 06:41:37 +09:00
Vincent Koc
2d404f1b86 fix(release): align survivor session migration assertion 2026-06-11 05:57:55 +09:00
Vincent Koc
e6b0a22f36 test(update): align corrupt plugin repair guidance 2026-06-11 04:33:25 +09:00
Vincent Koc
7f1d82ab25 revert(sessions): defer session metadata sqlite 
Reverts 538d36eaaa while preserving subsequent main changes. The beta-only SQLite downgrade rescue and reverse migration remain excluded.
 2026-06-10 16:34:06 +09:00
brokemac79
de4b8d8ebf feat(plugins): allow installed trusted policy contracts 
Allow explicitly enabled installed plugins to register declared trusted tool policies and agent tool result middleware, with trusted policy ids scoped by plugin owner.\n\nVerification covered targeted plugin/agent tests, typecheck, build, lint, local autoreview, and a Blacksmith Testbox runtime proof (tbx_01ktr1nq0rhq47fjkwrepm7fd3).
 2026-06-10 16:18:23 +10:00