vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-06-22 18:28:14 +00:00
Code Issues Packages Projects Releases Wiki Activity
59,105 Commits 1,843 Branches 149 Tags
e71cf0ffcbe69f69bb0aaecb5eb08459cbe8f0bb
Commit Graph

1100 Commits

Author SHA1 Message Date
Gio Della-Libera
55263b3dfa feat(policy): cover exec approvals artifact (#90003) 
Add exec approvals artifact evidence to Policy.

- add the execApprovals policy namespace and check IDs for required artifact presence, default/per-agent security posture, autoAllowSkills, and allowlist drift
- read the active exec-approvals.json artifact only when execApprovals policy rules are configured, honoring OPENCLAW_STATE_DIR before the default ~/.openclaw path
- emit redacted posture evidence and stable oc:// references without socket tokens, command text, resolved paths, timestamps, or approval-session details
- document the public policy surface and add focused scanner, doctor, conformance, and CLI coverage

Validation:
- GitHub Actions for head b82eefe492 are green, including Real behavior proof.
- ClawSweeper re-review completed for the same head with proof: sufficient and status: ready for maintainer look.
- Maintainer artifact-boundary acceptance is recorded in the PR discussion and body.

Co-authored-by: Gio Della-Libera <235387111+giodl73-repo@users.noreply.github.com>
 2026-06-15 17:30:48 -07:00
ly-wang19
0888debcd3 fix(cron): add cron edit --clear-model 
Completes the CLI half of #91298.
 2026-06-15 23:54:00 +08:00
Mason Huang
3ce3ed668d fix(status): correct pinned model clear hint (#93231) 
Summary:
- This PR changes pinned-session `/status` guidance, model-selection docs, and status tests to recommend `/model default` instead of `/model <configured>` or `/reset` for clearing a session model pin.
- PR surface: Source 0, Tests 0, Docs +4. Total +4 across 7 files.
- Reproducibility: yes. from source inspection. Current main and v2026.6.6 emit the old `/reset` hint, while `/model default` clears persisted model overrides and `/reset` intentionally preserves user-selected overrides.

Automerge notes:
- PR branch already contained follow-up commit before automerge: docs: align model clear hint docs
- PR branch already contained follow-up commit before automerge: fix(status): correct pinned model clear hint

Validation:
- ClawSweeper review passed for head 1181624daa.
- Required merge gates passed before the squash merge.

Prepared head SHA: 1181624daa
Review: https://github.com/openclaw/openclaw/pull/93231#issuecomment-4706327717

Co-authored-by: masonxhuang <masonxhuang@tencent.com>
Co-authored-by: Mason Huang <masonxhuang@tencent.com>
Co-authored-by: clawsweeper <274271284+clawsweeper[bot]@users.noreply.github.com>
Co-authored-by: clawsweeper[bot] <274271284+clawsweeper[bot]@users.noreply.github.com>
Approved-by: hxy91819
Co-authored-by: hxy91819 <8814856+hxy91819@users.noreply.github.com>
 2026-06-15 10:15:54 +00:00
clawsweeper[bot]
24e729fc4e feat(browser): extend --labels overlay to full-page and element captures (#92834) 
Summary:
- The replacement PR extends Browser plugin labeled screenshots to honor Playwright full-page/ref/element scope, returns annotation bounding boxes, and updates docs, tests, and skill guidance.
- PR surface: Source +415, Tests +550, Docs +24. Total +989 across 12 files.
- Reproducibility: yes. Current main source shows the labeled Playwright helper ignores fullPage/ref/element and omits annotations, and the source PR supplies live before/after commands for the Browser plugin path.

Automerge notes:
- PR branch already contained follow-up commit before automerge: docs(browser): correct raw-CDP labels caveat in automation skill
- PR branch already contained follow-up commit before automerge: fix(browser): preserve labelsSkipped semantics for off-viewport refs
- PR branch already contained follow-up commit before automerge: docs(browser): scope labels docs by driver
- PR branch already contained follow-up commit before automerge: docs(browser): fix labels annotation indent and document scope fix
- PR branch already contained follow-up commit before automerge: docs(browser): indent annotations box schema under --labels bullet
- PR branch already contained follow-up commit before automerge: docs(browser): indent labels annotation schema

Validation:
- ClawSweeper review passed for head 70aca6c506.
- Required merge gates passed before the squash merge.

Prepared head SHA: 70aca6c506
Review: https://github.com/openclaw/openclaw/pull/92834#issuecomment-4700431344

Co-authored-by: FMLS <kfliuyang@gmail.com>
Co-authored-by: Cursor <cursoragent@cursor.com>
Co-authored-by: Mason Huang <masonxhuang@tencent.com>
Co-authored-by: clawsweeper <274271284+clawsweeper[bot]@users.noreply.github.com>
Co-authored-by: clawsweeper[bot] <274271284+clawsweeper[bot]@users.noreply.github.com>
Approved-by: hxy91819
Co-authored-by: hxy91819 <8814856+hxy91819@users.noreply.github.com>
 2026-06-14 02:21:23 +00:00
Peter Steinberger
735f59af73 feat(providers): add GLM-5.2 support (#92796) 
* feat(providers): add GLM-5.2 support

* ci(live): add GLM-5.2 provider shard
 2026-06-13 14:33:28 -07:00
Sally O'Malley
e6ffcf7362 docs: clarify before_install hook scope (#92766) 
Signed-off-by: sallyom <somalley@redhat.com>
 2026-06-13 16:54:04 -04:00
Vincent Koc
4cf4e54179 feat(memory-wiki): import OKF bundles 2026-06-13 19:27:52 +08:00
Shakker
6b3bcc986f fix: require service identity for update handoffs 2026-06-11 02:18:47 +01:00
Shakker
3394a4ad2c fix: refresh update status sentinel 2026-06-11 02:18:47 +01:00
abnershang
a98c158414 docs: align supervised git update handoff docs 2026-06-11 02:18:47 +01:00
abnershang
48ed8f3e81 fix(update): hand off supervised git updates 2026-06-11 02:18:47 +01:00
Vincent Koc
adad27d744 fix(exec): honor state dir approvals (#92056) 2026-06-11 09:30:56 +09:00
Devin Robison
49737a50af Fail closed on exec approval timeout (#89938) 
* Fail closed on exec approval timeout

* Align exec approval fallback default docs
 2026-06-10 10:32:54 -06:00
lifuyue
ac21e89c13 Support existing-session browser CDP endpoints (#91736) 
* Support existing-session browser CDP endpoints

* Fix browser existing-session test fixture type

---------

Co-authored-by: OpenAI Codex <codex@openai.com>
 2026-06-10 10:44:35 -04:00
FullerStackDev
800f4dcb62 fix(update): expose plugin convergence repair 2026-06-10 14:43:46 +05:30
brokemac79
de4b8d8ebf feat(plugins): allow installed trusted policy contracts 
Allow explicitly enabled installed plugins to register declared trusted tool policies and agent tool result middleware, with trusted policy ids scoped by plugin owner.\n\nVerification covered targeted plugin/agent tests, typecheck, build, lint, local autoreview, and a Blacksmith Testbox runtime proof (tbx_01ktr1nq0rhq47fjkwrepm7fd3).
 2026-06-10 16:18:23 +10:00
Shakker
d48778994f fix: gate tui host footer behind config 2026-06-09 17:35:03 +01:00
Pavan Kumar Gondhi
9f413acc18 fix: expand unsafe host env denylist (#91618) 
* fix: expand unsafe host env denylist

* test: annotate host env security fixtures

* test: align opengrep fixture suppressions

* test: keep opengrep suppressions inline

* test: avoid opengrep fixture call patterns
 2026-06-09 19:44:54 +05:30
Vincent Koc
b0998f7d15 fix(browser): accept statement evaluate bodies 2026-06-09 05:07:44 +09:00
Mariano
b8adc11977 feat(cron): support command jobs 
Add command-backed cron jobs with timeout-safe process-tree cleanup for shell wrappers. Ensures POSIX command jobs run in a killable process group, adds Windows tree cleanup fallback handling, and covers timeout cleanup behind sh -lc.
 2026-06-08 12:06:16 +09:00
Peter Steinberger
ce015cef57 refactor: store sandbox registry in sqlite 
Move sandbox registry runtime state to SQLite and migrate legacy JSON registry files/directories via doctor.
 2026-06-07 02:05:28 -07:00
Gio Della-Libera
b3eba2ff38 fix(gateway): dedupe probe warnings by gateway identity (#85791) 
Merged via squash.

Prepared head SHA: 13e3c00f56
Co-authored-by: giodl73-repo <235387111+giodl73-repo@users.noreply.github.com>
Co-authored-by: giodl_microsoft <115749436+giodl_microsoft@users.noreply.github.com>
Reviewed-by: @giodl_microsoft
 2026-06-05 10:23:12 -07:00
Kevin Lin
fce002ad03 revert(codex): revert first-party marketplace allowlist 
Reverts openclaw/openclaw#82219.
 2026-06-03 15:35:35 -07:00
Josh Avant
154f439c81 Add operator install policy and remove dangerous-code install scanners (#89516) 
* feat: add operator install policy

* test: cover plain-file plugin install code

* fix: preserve locationless install policy findings

* refactor: remove install-time plugin scanner

* test: remove stale plugin install helper

* fix: preserve before-install builtin scan type

* fix: preserve plugin dependency denylist

---------

Co-authored-by: Mainframe <mainframe@MainfraacStudio.localdomain>
 2026-06-03 14:17:29 -07:00
Gio Della-Libera
646974b7d8 fix(policy): reject unsupported policy keys (#87074) 
Merged via squash.

Prepared head SHA: 3ab4ff1d8f
Co-authored-by: giodl73-repo <235387111+giodl73-repo@users.noreply.github.com>
Co-authored-by: giodl73-repo <235387111+giodl73-repo@users.noreply.github.com>
Reviewed-by: @giodl73-repo
 2026-06-02 15:01:57 -07:00
Gio Della-Libera
1d3cfc4b01 Policy: add data handling conformance checks (#87056) 
Merged via squash.

Prepared head SHA: 6a0e9730aa
Co-authored-by: giodl73-repo <
>
Co-authored-by: giodl73-repo <235387111+giodl73-repo@users.noreply.github.com>
Reviewed-by: @giodl73-repo
 2026-06-02 10:48:07 -07:00
Coy Geek
3509f7613e fix: audit and repair hooks token reuse with Gateway auth 
Keep startup non-breaking for existing installs when hooks.token reuses Gateway auth, but surface a startup warning, critical security audit finding, and doctor --fix repair that rotates persisted hooks.token.

Closes #87376.

Co-authored-by: Coy Geek <65363919+coygeek@users.noreply.github.com>
 2026-06-02 08:58:40 -04:00
Peter Steinberger
9ead0ae921 fix: repair live model inference edge cases 
Fix live model inference edge cases across provider streaming, model switching, outbound delivery, and gateway tool resolution.

Includes live/provider issue fixes and leaves #89100 explicitly partial for the remaining FM-2 group routing case.
 2026-06-01 23:03:27 -04:00
Mason Huang
004835f4c7 fix(plugins): block untrusted workspace setup-only channel loads (#86953) 
Summary:
- This PR blocks disabled workspace-origin channel plugins from setup-only scoped imports, rejects their channel registrations at registry assembly, documents the trust rule, and adds regression coverage.
- PR surface: Source +46, Tests +610, Docs +13. Total +669 across 22 files.
- Reproducibility: yes. source inspection gives a high-confidence reproduction path: current main's setup-only ... ce channel plugin can be imported before this PR. I did not run the repro locally in this read-only review.

Automerge notes:
- PR branch already contained follow-up commit before automerge: test(plugins): cover workspace channel registry guard
- PR branch already contained follow-up commit before automerge: fix(plugins): isolate setup channel registration errors
- PR branch already contained follow-up commit before automerge: fix(channels): mark raw catalog listing internal
- PR branch already contained follow-up commit before automerge: test(channels): cover trusted catalog filtering
- PR branch already contained follow-up commit before automerge: test(channels): mock raw catalog helper
- PR branch already contained follow-up commit before automerge: docs(changelog): credit setup channel hardening

Validation:
- ClawSweeper review passed for head 11438bc1a0.
- Required merge gates passed before the squash merge.

Prepared head SHA: 11438bc1a0
Review: https://github.com/openclaw/openclaw/pull/86953#issuecomment-4545730044

Co-authored-by: masonxhuang <masonxhuang@tencent.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Mason Huang <masonxhuang@tencent.com>
Co-authored-by: Sebastien Tardif <sebtardif@ncf.ca>
Co-authored-by: clawsweeper <274271284+clawsweeper[bot]@users.noreply.github.com>
Co-authored-by: clawsweeper[bot] <274271284+clawsweeper[bot]@users.noreply.github.com>
Approved-by: hxy91819
Co-authored-by: hxy91819 <8814856+hxy91819@users.noreply.github.com>
 2026-06-01 09:25:56 +00:00
Peter Steinberger
5b79e81569 fix: harden CLI and plugin edge cases (#88896) 
* fix: harden CLI and plugin edge cases

* fix: preserve explicit TTS provider credentials

* fix: preserve direct TTS credentials

* fix: type TTS credential hydration config

* fix: preserve scoped TTS channel credentials

* fix: pin hydrated TTS runtime config

* fix: satisfy TTS hydration lint

* fix: preserve inherited TTS provider keys

* fix: read resolved TTS provider keys
 2026-06-01 00:30:12 -04:00
Peter Steinberger
5443baa852 Persist plugin install index in SQLite (#88794) 
* refactor: persist plugin install index in sqlite

* fix: merge legacy plugin index records into sqlite

* test: update plugin index sqlite fixtures

* fix: migrate custom plugin install indexes

* test: update plugin index sentinel

* fix: exclude migrated plugin index archives

* fix: read post-upgrade plugin index from sqlite

* fix: migrate legacy plugin index before agent runs

* fix: respect disabled persisted plugin registry reads

* test: type plugin install record fixtures

* fix: simplify plugin index record reader type

* test: fix sqlite plugin index CI fallout

* test: mock provider normalization in agent command tests

# Conflicts:
#	src/commands/agent-command.test-mocks.ts

* build: remove unused ui three dependency
 2026-05-31 20:51:33 -04:00
Vincent Koc
82d24b26ea fix(workboard): wire task-backed board runs 
Summary:
- remove the leftover Workboard mini-game/prototype surface
- wire autonomous Workboard card starts through Gateway task-backed agent runs
- reconcile card task/session lifecycle for starts, stops, stale tasks, reassignment, and default-agent sessions
- clarify dispatch summary copy and admin-only model override behavior

Verification:
- autoreview clean: no accepted/actionable findings
- targeted Workboard/UI Vitest: 72 tests passed
- Workboard extension Vitest: 9 tests passed
- UI build, docs list, docs format, diff check, and focused oxlint passed
- PR CI checks: 50 ok, 0 attention
- Testbox tbx_01kt07mk5sjyj2whjq2sc967hg: pnpm verify check phase passed; broad test phase exposed unrelated latest-main failures/stalls in memory, Codex app-server, provider timeout, command daemon env, Telegram worker OOM, and gateway-client timeout suites
 2026-06-01 01:41:21 +01:00
Peter Steinberger
8383e2e4d9 fix(doctor): keep post-upgrade JSON stable 2026-05-31 22:12:38 +01:00
Arnab Saha
6ed6120977 docs(doctor): document --post-upgrade and --json flags 2026-05-31 22:12:38 +01:00
Jason
e74931778c fix: preserve workspaces during state-only uninstall 
Preserve workspace directories when `openclaw uninstall --state` removes local state, including configured workspaces and implicit per-agent workspaces resolved by the runtime. State-only uninstall now uses a cleanup plan that keeps those workspace roots unless `--workspace` is selected.

Fixes #75052.

Proof:
- `git diff --check origin/main...HEAD`
- `pnpm exec oxfmt --check --threads=1 src/commands/cleanup-utils.ts src/commands/cleanup-utils.test.ts src/commands/uninstall.ts src/commands/uninstall.test.ts docs/cli/uninstall.md docs/install/uninstall.md`
- `node scripts/run-vitest.mjs src/commands/uninstall.test.ts src/commands/cleanup-utils.test.ts src/commands/reset.test.ts src/commands/agents.delete.test.ts`
- `node scripts/run-tsgo.mjs -p test/tsconfig/tsconfig.core.test.json --incremental --tsBuildInfoFile /tmp/openclaw-pr75061-core-test-final-rebase2.tsbuildinfo`
- `pnpm docs:list`
- `node scripts/check-docs-mdx.mjs docs/cli/uninstall.md docs/install/uninstall.md`
- `.agents/skills/autoreview/scripts/autoreview --mode branch --base origin/main`
- CI: https://github.com/openclaw/openclaw/actions/runs/26721260691

Co-authored-by: Jason-Bai <boybai.work@gmail.com>
 2026-05-31 19:54:34 +01:00
Peter Steinberger
a84819a639 refactor(cron): keep runtime on canonical sqlite rows 2026-05-31 16:02:06 +01:00
Peter Steinberger
729712d194 docs(codex): clarify first-party plugin marketplaces 2026-05-31 13:22:00 +01:00
FMLS
3a88142ddd fix(browser): document stable tab references (#88393) 
Summary:
- The branch documents friendly browser tab references across docs, the browser skill, CLI help, and tool schema descriptions, and adds tests for target reference resolution and tab alias behavior.
- PR surface: Source +24, Tests +328, Docs +9. Total +361 across 21 files.
- Reproducibility: yes. for the documentation mismatch by source inspection: current main supports friendly ta ... schema/help surfaces still emphasize raw CDP target ids. Runtime behavior itself is not a new failing path.

Automerge notes:
- PR branch already contained follow-up commit before automerge: refactor(browser): share tab reference CLI help

Validation:
- ClawSweeper review passed for head 118af80b0b.
- Required merge gates passed before the squash merge.

Prepared head SHA: 118af80b0b
Review: https://github.com/openclaw/openclaw/pull/88393#issuecomment-4583558133

Co-authored-by: FMLS <kfliuyang@gmail.com>
Co-authored-by: clawsweeper[bot] <274271284+clawsweeper[bot]@users.noreply.github.com>
Approved-by: hxy91819
Co-authored-by: hxy91819 <8814856+hxy91819@users.noreply.github.com>
 2026-05-31 12:09:50 +00:00
Peter Steinberger
2bd07eead7 Refactor cron SQLite runtime paths (#88582) 
* refactor: clean cron sqlite runtime paths

* fix: preserve legacy cron sqlite delivery migration

* fix: keep legacy cron notify fallback for invalid webhooks

* test: handle packaged lint suppression files

* fix: keep invalid cron notify migrations retryable

* test: fix ui timer lint
 2026-05-31 12:14:48 +01:00
Soham Patankar
4f3d8a57dd fix(codex): accept first-party OpenAI plugin marketplaces 
Allow Codex native plugin config to target first-party OpenAI marketplaces, including openai-curated, openai-bundled, and openai-primary-runtime.

Fixes #82216.
Thanks @yaanfpv for the contribution.

Verification:
- node scripts/run-vitest.mjs test/scripts/lint-suppressions.test.ts
- pnpm build:ci-artifacts
- OPENCLAW_VITEST_MAX_WORKERS=2 node scripts/run-vitest.mjs run --config test/vitest/vitest.full-core-support-boundary.config.ts test/scripts/lint-suppressions.test.ts
- node scripts/run-vitest.mjs extensions/codex/src/app-server/config.test.ts extensions/codex/src/app-server/plugin-activation.test.ts extensions/codex/src/app-server/session-binding.test.ts extensions/codex/src/migration/provider.test.ts extensions/sms/src/channel.test.ts extensions/sms/src/inbound.test.ts
- git diff --check
- ./.agents/skills/autoreview/scripts/autoreview --mode local
- GitHub PR CI on head 896640060b, including build-artifacts run 26709647050
 2026-05-31 11:08:42 +01:00
Peter Steinberger
ed46e62bcc feat(workboard): add worker dispatch CLI 
* feat(workboard): add worker dispatch CLI

* fix(workboard): avoid new unsafe assertions

* fix(workboard): keep remote dispatch failures remote
 2026-05-31 10:31:56 +01:00
Peter Steinberger
7606e1dd3d docs: expand MCP operator guide 2026-05-31 10:12:44 +01:00
Peter Steinberger
617c658498 feat: improve MCP operator controls (#88536) 
* feat: improve MCP operator controls

* test: stabilize draft stream loop background errors

* fix: prune empty MCP server enablement stubs

* fix: ignore disabled MCP overrides in doctor

* fix: keep MCP doctor saved-config warnings

* fix: redact malformed MCP URLs in UI

* fix: harden MCP UI command actions

* fix: allow MCP logout after auth removal
 2026-05-31 10:06:55 +01:00
Shakker
5a8bb1a7d2 docs: add Skill Workshop guide 2026-05-31 09:05:03 +01:00
Peter Steinberger
4c33aaa86c refactor: unify OpenAI provider identity (#88451) 
* refactor: unify OpenAI provider identity

* refactor: move legacy oauth sidecar doctor helpers

* test: align OpenAI fixtures after rebase

* test: clean OpenAI provider unification

* fix: finish OpenAI provider cleanup

* fix: finish OpenAI cleanup follow-through

* fix: finish OpenAI CI cleanup
 2026-05-31 00:29:44 +01:00
Peter Steinberger
38d3d11cbc feat: improve MCP operator workflows 
Add MCP server add/configure/login/reload flows plus config/runtime support for enablement, filters, timeouts, OAuth, TLS, and parallel execution hints. Update docs and tests for the expanded MCP operator surface.
 2026-05-30 23:51:40 +01:00
Zee Zheng
8be581cbf8 fix(browser): allow inbound media uploads 
Allow the browser upload tool to resolve OpenClaw-managed inbound media refs such as `media://inbound/<id>` and sandbox-relative `media/inbound/<id>` while preserving the existing upload-root path contract.

Keep upload-root files ahead of sandbox-relative inbound fallback, reject nested absolute inbound media files, and validate raw `media://` paths before URL normalization so traversal-shaped refs cannot resolve to direct media ids.

Verification:
- `OPENCLAW_VITEST_MAX_WORKERS=1 node scripts/run-vitest.mjs extensions/browser/src/browser/paths.test.ts --reporter=verbose`
- `OPENCLAW_VITEST_MAX_WORKERS=1 node scripts/run-vitest.mjs extensions/browser/src/browser/paths.test.ts --reporter=dot`
- `OPENCLAW_HEAVY_CHECK_LOCK_SCOPE=worktree node scripts/run-tsgo.mjs -p test/tsconfig/tsconfig.extensions.test.json --incremental --tsBuildInfoFile .artifacts/tsgo-cache/extensions-test.tsbuildinfo`
- `pnpm lint --threads=8`
- `.agents/skills/autoreview/scripts/autoreview --mode branch --base origin/main`
- `git diff --check`
- GitHub PR checks on be08e6c8a8: dependency-guard, check-lint, check-test-types, check-additional-extension-bundled, checks-fast-contracts-plugins-a, checks-fast-contracts-plugins-b all passed.

Fixes #83544.

Co-authored-by: Zee Zheng <zheng.zuo0@gmail.com>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
 2026-05-30 23:49:07 +01:00
Zee Zheng
c80ec43325 feat(cli): add sessions tail progress view 
Adds `openclaw sessions tail` as an operator-facing progress view over session trajectory events, with conservative redaction for prompt text, tool arguments, and tool result bodies. The command supports explicit session keys, store/agent scope, follow mode, relocated trajectory pointer files, and cursor-safe follow across bounded trajectory window rewrites.

Documents the new sessions tail CLI surface in `docs/cli/sessions.md`.

Fixes #83441.

Co-authored-by: zhengzuo0-ai <zheng.zuo0@gmail.com>
 2026-05-30 21:29:39 +01:00
Peter Steinberger
005da57957 Move cron persistence to SQLite (#88285) 
* refactor: move cron persistence to sqlite

* fix: repair sqlite cron migration regressions

* fix: move cron legacy migration to doctor

* test: align cron sqlite migration fixtures

* test: fix cron sqlite rebase gates

* test: align cron sqlite runtime tests

* test: fix doctor e2e migration mock

* test: fix doctor shard e2e isolation

* test: fix infra child-process mocks
 2026-05-30 21:03:41 +01:00
Shakker
43e4b9dc1c fix: keep autonomous skill capture opt-in 2026-05-30 20:04:52 +01:00