Commit Graph

37782 Commits

Author SHA1 Message Date
Vincent Koc
ff4b4517d2 refactor(agents): remove stale testing aliases (#105293) 2026-07-12 12:47:30 +02:00
Peter Steinberger
feff4c7824 fix(plugin-sdk): isolate expect declaration surface 2026-07-12 11:23:43 +01:00
Peter Steinberger
0350b87f06 test(ci): repair plugin prerelease contracts (#105272)
* test(ci): repair plugin prerelease contracts

* docs(agents): clarify stale Testbox recovery

* docs(agents): require Bash for Testbox compounds
2026-07-12 11:13:08 +01:00
Peter Steinberger
a824078101 fix(channels): tombstone corrupt ingress rows (#105259)
* fix(infra): guard channel ingress queue parseJson against corrupted JSON

* fix(infra): fix type assertion in ingress queue test

* fix(infra): use tagged parse result and validate payload before claiming

* fix(infra): remove unnecessary non-null assertion in ingress queue test

* fix(infra): scan corrupt ingress rows in claimNext

* test(gateway): avoid typed empty mock call tuple access

* fix(infra): tombstone corrupt ingress rows on duplicate enqueue and stale recovery

Two P1 gaps: enqueue() threw on duplicate when the existing row had corrupt
payload_json, and recoverStaleClaims() silently skipped corrupt claimed rows,
leaving them invisible to recovery. Both paths now tombstone the unrecoverable
row as failed with reason "corrupt_payload" and return a proper result.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

* fix(infra): resolve lint shadow and await-thenable in recoverStaleClaims

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

* fix(channels): tombstone corrupt ingress rows

* test(channels): use explicit placeholder claim tokens

* refactor(channels): name claim token values

* refactor(channels): keep claim projection direct

* fix(channels): preserve active ingress claims

* fix(channels): make corrupt recovery policy-aware

* refactor(channels): name corrupt claim token

* fix(channels): bound corrupt ingress reconciliation

* fix(channels): paginate pending ingress by key

* refactor(telegram): return live owner check directly

* build(plugin-sdk): refresh public export budget

---------

Co-authored-by: Pick-cat <huang.ting3@xydigit.com>
Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com>
2026-07-12 11:09:52 +01:00
Vincent Koc
4c077df1b1 fix(sqlite): repair canonical unique index drift (#105260)
* fix(sqlite): repair canonical unique index drift

* chore(sqlite): allow schema repair DDL
2026-07-12 18:08:16 +08:00
Vincent Koc
34205aabf9 refactor(plugins): remove obsolete runtime helpers (#105273) 2026-07-12 18:05:22 +08:00
Peter Steinberger
1999935108 fix(config): restore canonical flat streaming-key resolution and preserve discord preview mode in doctor migration (#105054)
* fix(config): keep flat streaming keys resolving for canonical-flat channels and pin discord preview default in doctor migration

* fix(discord): pin inherited streaming mode for account alias migration and align core streaming test
2026-07-12 11:00:24 +01:00
Peter Steinberger
5b56a1f664 feat(gateway): land remaining durable-approvals stack and repair main gates (#104837)
* feat(gateway): propagate approvals to ancestor sessions with replay

Squash-rebased #103921 segment onto the native-clients tip on current main.
Session-scoped approval events publish sanitized pending/terminal
transitions to opted-in session audiences, with authoritative pending
replay on stream subscribe and durable-expiry reconciliation through the
owning manager. SessionApprovalEvent/Replay wire types export from the
approvals owner module; Swift models regenerated.

(cherry picked from commit 2d1dcf9747044710111d0c730fc46ba6013a165c)
(cherry picked from commit ccf88efd56b513d07599ffcee997bf0cddaf9adc)
(cherry picked from commit 8eb33f59f00ec9ee4625259b76bd7ae60d2cd480)
(cherry picked from commit c297cbc93c8401e9c79c20f242245a194f5dd236)
(cherry picked from commit 93d68f28601ff37d863da4db009504993a22533a)
(cherry picked from commit d285ccd8b2f212bb57e814107e7709c896e96b7d)
(cherry picked from commit 5c536982231402b1b58d1683794ea9948b32d077)
(cherry picked from commit 1646e5b6dc4dd20de54e10f110a5909be18d7d50)
(cherry picked from commit 35cf1b705b247fb282f4d56ffe74bd2fb238221f)
(cherry picked from commit 4f8ef3699d)
(cherry picked from commit 74fbdcc99d5fff062d67760a51dba4ee9e84479b)
(cherry picked from commit 222b285502681d2be14b1819798e9ee5555f431e)
(cherry picked from commit b9e744951f676b600e7c5322bfd04b0e99797c07)
(cherry picked from commit 9e904efde5)
(cherry picked from commit 678f2384fa)
(cherry picked from commit 72842e5cf6)
(cherry picked from commit be74c25e80e84a1f065053766f23efb84822e811)
(cherry picked from commit 93ba8c4b09)
(cherry picked from commit 8f23761372)

* feat(gateway): fail-closed plugin and tool approval gates

Squash-rebased #103932 segment onto the ancestor-propagation tip on
current main. Plugin node.invoke approvals claim a one-shot allow-once
decision before handing execution authority to the policy, so observation
or retry cannot replay a consumed approval; sibling tool gates bind
approval ids to their originating reviewer identity.

(cherry picked from commit 122df0d75281f572c012b6484ed5daf085d1d577)
(cherry picked from commit f23d8ac240a8dcf2a42c4daaae962263975a0ae8)
(cherry picked from commit 8632fb6436a224dac7a9a9ef0216884530de2c24)
(cherry picked from commit d9fe2dd5c53665e5732f5f3da5ed1907a686ade8)
(cherry picked from commit bb139f2c8aa36ddad70413e1ef79ff491a6f2ecd)
(cherry picked from commit 9b3e056b68ea515c7d4baef269289b6670570480)
(cherry picked from commit b11e66b59a7af1f3b08712de06864aed64d349e4)
(cherry picked from commit a12916ee592d03dfa35e86a2aaede4476a5d4e5d)
(cherry picked from commit d699de840fc8346892b9ae244fe3c3e8c4413032)
(cherry picked from commit 9b7e5a9608)
(cherry picked from commit 4b507593f1b2f10b4496984c84a2803b853e5c5e)
(cherry picked from commit 56408a186733c4eeb5aa76bd5907cde7b0cd3d5b)
(cherry picked from commit a4051d6d8353d39d6fa0b5d69c36e06c3cd3e796)
(cherry picked from commit 76829805a7)
(cherry picked from commit a8b493f934)
(cherry picked from commit aceb990597)
(cherry picked from commit a29b0e75482470c53a9fb4fe3f204e14cf71868f)
(cherry picked from commit 2e3be08653)
(cherry picked from commit c9ae3d7202)

* fix: main-gate repairs for the durable-approvals stack

- android: capture createdAtMs on the pending exec-approval write at
  registration; canonical readback after a refresh that already replaced
  the visible rows was dropping the approval instead of surfacing the
  still-pending reconciliation message (#104913 merged without this)
- android: generous CI timeout ceilings in GatewayExecApprovalRuntimeTest
- agents: hermetic model-discovery test via the plugins/provider-runtime
  boundary (lazy plugin-runtime resolution hangs vitest workers since #104770)
- cli: usage-cost settle-budget test asserts the budget bound on every call
  instead of pinning the poll count (fast hosts fit a second poll in 50ms)
- protocol coverage: allowlist session.approval for ios/android (native
  review rides exec.approval push/nudge delivery)
- docs map, native i18n inventory, plugin-sdk api baseline regenerated
2026-07-12 10:51:38 +01:00
Peter Steinberger
ce562c3511 test(openai): align prerelease contracts (#105256) 2026-07-12 10:49:48 +01:00
Peter Steinberger
c4b41c1e4a fix: clear transcript search data when sessions are deleted (#105249)
* fix: delete session transcript search state

* chore: keep release note in PR body
2026-07-12 10:43:53 +01:00
Peter Steinberger
1bea458124 test(plugins): align prerelease contracts (#105252) 2026-07-12 10:42:34 +01:00
Vincent Koc
a67b124f10 refactor(sessions): remove unused transcript helpers (#105245) 2026-07-12 17:40:54 +08:00
Peter Steinberger
48e7f76e3a fix(nodes): expose typed executable lookup to agents (#105182)
* fix(nodes): add typed executable lookup action

* test(nodes): refresh executable lookup snapshots
2026-07-12 10:36:33 +01:00
Peter Steinberger
cc3dfc9ded fix: preserve unmanaged gateway restart truth (#105241) 2026-07-12 10:32:17 +01:00
Vincent Koc
1592d422ee fix(sqlite): reject orphaned database state before mutation (#105222)
* fix(sqlite): detect foreign key corruption

* docs(sqlite): document foreign key compaction checks

* fix(sqlite): prevent pragma shadow bypass
2026-07-12 17:31:24 +08:00
Peter Steinberger
b4a0fc5c57 perf(agents): reduce repeated turn setup latency (#105220)
* perf(agents): reuse prepared auth route models

* chore: leave release notes to release automation
2026-07-12 10:21:31 +01:00
Peter Steinberger
9bdb2a5ac0 fix(cron): preserve successful run status after delivery failure (#105215)
* fix(cron): keep isolated run status ok when delivery fails

A successful isolated cron agentTurn whose post-run delivery phase returns
an error collapsed the execution status into the delivery error, so the
outer scheduled run persisted status=error even though the isolated session
ended successfully.

Decouple execution status from delivery outcome in finalizeCronRun: when the
agent payload is non-fatal and the run was not aborted, a delivery dispatch
error now keeps status=ok and records the failure separately via
delivered/deliveryAttempted plus delivery diagnostics, which drive the
already-decoupled run-log deliveryStatus (not-delivered). Aborted runs and
fatal agent payloads keep their error status.

Fixes #94058

* fix(cron): keep deliberate delivery-target refusals as error status

The #94058 fix kept isolated turn status=ok when post-run delivery
fails, but the broad `status === "error"` check also caught the
#91613 keyless implicit last-target refusal, which is a deliberate
delivery-target guard (errorKind "delivery-target") and must stay
status=error. Exclude that errorKind so genuine delivery dispatch
failures still become ok while target-guard refusals remain errors.

* fix(cron): surface successful run delivery errors to run logs

A successful isolated agent turn keeps status=ok when post-run delivery
fails (#94058), but the ok/not-delivered resolveRunOutcome branch only
forwarded delivery diagnostics and dropped the delivery dispatch error.
That left lastDeliveryError empty and the finished-event deliveryError
field blank, so CLI/UI/API run logs could not show why delivery did not
land for an otherwise successful run.

Thread the delivery error on a dedicated CronRunOutcome.deliveryError
field from resolveRunOutcome through executeDetachedCronJob and
applyJobResult into resolveDeliveryState, so it persists as
lastDeliveryError and reaches the finished event (and thus the run log)
without conflating it with a run-level error (lastError stays empty on a
successful run).

Add a service/run-log readback test proving the delivery error survives
the cron boundary into a persisted run-log entry, and extend the
isolated-turn regression to assert the dedicated deliveryError field.

* fix(cron): preserve successful delivery outcomes

* fix(cron): preserve startup delivery errors

* fix(cron): retain best-effort delivery errors

* fix(cron): preserve delivery errors on fallback paths

* fix(cron): preserve delivery errors on fallback paths

---------

Co-authored-by: Alix-007 <li.long15@xydigit.com>
2026-07-12 10:20:53 +01:00
Vincent Koc
25f00f9881 refactor(plugins): remove dead contribution owner wrappers (#105224) 2026-07-12 17:17:54 +08:00
Peter Steinberger
def7b51899 test(agents): keep model discovery assertions hermetic against bundled plugin runtime (#105050) 2026-07-12 10:15:05 +01:00
Peter Steinberger
55254c3a0b feat(nodes): route alerts to the active computer (#105083)
* feat(nodes): route alerts by active computer

* fix(ci): allowlist node presence mobile coverage

* test(prompts): refresh node presence snapshots

* fix(macos): await presence reporter actor hop

* fix(macos): type presence test delivery state

* docs(nodes): add active presence guide

* docs(nodes): format presence troubleshooting
2026-07-12 10:05:50 +01:00
wangyan2026
232de2315b fix(gateway): reject disallowed browser Origin before accepting auth.mode=none on HTTP (#102834) (#102881)
* fix(gateway): reject disallowed browser Origin before accepting auth.mode=none on HTTP (#102834)

* refactor(gateway): scope HTTP Origin checks to no-auth

* fix(gateway): preserve trusted-proxy scan boundary

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-12 10:02:21 +01:00
Vincent Koc
e7f9a430e3 refactor(plugins): remove obsolete plain-file installer (#105205) 2026-07-12 17:00:50 +08:00
Peter Steinberger
00cab8d42b fix(secrets): preserve partial gateway assignments (#105160)
Co-authored-by: SunnyShu <shu.zongyu@xydigit.com>
2026-07-12 09:58:33 +01:00
Vincent Koc
cf2af03d02 fix(sqlite): validate agent state before schema setup (#105179) 2026-07-12 16:57:18 +08:00
Peter Steinberger
ae14fc1e81 fix: harden Crestodian maintenance flows (#105153)
* fix: harden Crestodian maintenance flows

* fix: skip trajectories for ephemeral Crestodian plans

* test: satisfy Crestodian CI gates
2026-07-12 09:51:03 +01:00
Peter Steinberger
204d2b176a refactor(agents): compress model prompts and tool instructions (#105095)
* refactor(agents): compress model prompt instructions

* test(agents): align compact prompt assertions

* test(gateway): align compact message prompt assertion

* chore(plugin-sdk): refresh prompt overlay API baseline

* docs(changelog): note prompt instruction compaction

* test(agents): align compact prompt contracts

* test(agents): align CLI prompt contracts

* style(agents): format CLI prompt tests

* fix(qa): prioritize shadow trial workflow

* test(agents): refresh rebased prompt snapshots
2026-07-12 09:45:30 +01:00
Vincent Koc
55e599c7b6 fix(node): foreground pairing no longer exits early (#105038)
* fix(node): keep foreground pairing wait alive

* test(node): cover foreground pairing lifetime

* fix(node): retain keepalive through shutdown

* test(node): match deferred cleanup mock type
2026-07-12 16:41:17 +08:00
Peter Steinberger
91863a2ec5 fix: keep MCP Apps aligned with runtime tool policy (#105075)
* fix: harden MCP Apps runtime policy

* fix: preserve MCP App reserved tool names

* fix: restart gateway for whole MCP Apps changes
2026-07-12 09:41:07 +01:00
Peter Steinberger
9cf4f03afe feat(telegram): add rich outbound location and video notes (#105142)
* feat(telegram): add rich outbound sends

Co-authored-by: Paul Kondratov <paulislava@mail.ru>

* fix(telegram): reject unsupported outbound locations

* fix(telegram): preserve location send semantics

* fix(telegram): preserve cross-context location markers

* fix(outbound): validate standalone locations before decoration

* fix(telegram): project native locations into prompt context

* chore: defer Telegram changelog to release

* fix(telegram): align SDK surface and docs map

---------

Co-authored-by: Paul Kondratov <paulislava@mail.ru>
2026-07-12 09:36:22 +01:00
Peter Steinberger
7197eef3eb fix(gateway): queue agent runtime identity verification (#105143)
* fix(gateway): queue agent runtime identity verification

* chore: keep release changelog unchanged

* fix(gateway): recheck runtime context expiry after lock wait
2026-07-12 09:33:14 +01:00
Vincent Koc
e2f79a7614 refactor(channels): remove unused token prompt helper (#105159) 2026-07-12 16:32:43 +08:00
Peter Steinberger
218dcd815a feat(tooling): enforce noUncheckedIndexedAccess in the extensions lane (NUIA phase 4) (#105132)
* fix(extensions): make indexed access explicit across channel plugins

Transport-payload-safe burn-down: malformed Telegram/Discord/QQ/LINE
and sibling channel input keeps existing skip paths; no synthesized
fields, no new throws in delivery loops. Zalo escape sentinels preserve
literal matches instead of undefined replacements.

* fix(extensions): make indexed access explicit across provider and memory plugins

Stream and model iteration, tool-block guards, capture guards, and
sparse accumulators; singleton model reads carry named invariants.

* fix(extensions): make indexed access explicit across tooling plugins, flip the extensions lane

Remaining plugins (oc-path, qa-lab, browser, logbook, and siblings) plus
the tsconfig.extensions.json flag flip. Cleanup: logbook sampleFrames
NaN index at max=1, QA retry clamp at non-positive attempts, dead Canvas
probe and OpenShell no-op slice removed, twitch test setup leak excluded
from the prod lane.

* refactor(plugin-sdk): expose expectDefined via a focused SDK subpath

Extensions imported @openclaw/normalization-core directly, crossing the
external-plugin packaging boundary (it only worked because the runtime
builder bundles undeclared workspace helpers). expect-runtime joins the
canonical entrypoints JSON, generated exports, API baseline, docs, and
subpath contract test; all 78 extension imports now use the SDK seam.
Two scanner-shaped locals renamed for review-bundle hygiene.

* chore(plugin-sdk): raise surface budgets for the expect-runtime subpath

One new entrypoint with one callable export, added intentionally as the
packaging-honest seam for extension invariant helpers.
2026-07-12 09:17:31 +01:00
Vincent Koc
a381b50643 test(agents): skip region-blocked xAI models 2026-07-12 16:15:44 +08:00
Peter Steinberger
6fc564278d feat(agents): sessions_search full-text recall over past session transcripts (#105057)
Adds a core sessions_search agent tool backed by a SQLite FTS5 index that
lives next to the transcript rows in the per-agent database. Indexing is
transactional: user/assistant text is indexed inside the same write
transaction that persists the event, deletes drop index rows in the same
transaction, and branch rewinds mark the session dirty so the next search
rebuilds it from the same visible-path resolution sessions_history uses
(which also lazily backfills doctor-migrated databases). Search executes
gateway-side behind an additive sessions.search method with a bounded
session-key allowlist; visibility, sandbox restrictions, and snippet
redaction mirror sessions_history.

Closes #100978
2026-07-12 09:15:41 +01:00
Vincent Koc
d6d7c19c9d fix(tasks): fail closed when task-flow state cannot restore (#105088)
* fix(tasks): fail closed on task-flow restore errors

* fix(tasks): keep maintenance checks behind owner seam

* fix(tasks): gate runtime startup on flow restore

* test(tasks): prove runtime restore gate failures

* fix(tasks): gate cancellation on flow readiness
2026-07-12 16:08:29 +08:00
Vincent Koc
c293fef3a8 refactor(sessions): remove obsolete file projection path (#105136) 2026-07-12 16:08:04 +08:00
Peter Steinberger
10371ff475 fix(gateway): suspension waits for accepted node work (#105134)
* fix(gateway): retain node event work during suspension

* chore: leave gateway release note to release closeout
2026-07-12 09:07:23 +01:00
Peter Steinberger
6038480915 feat(ui): browse Gateway and node folders from one root (#105114)
* feat(ui): browse Gateway and node folders

* chore: keep changelog release-owned

* chore: refresh native i18n inventory

* refactor(macos): isolate node filesystem commands
2026-07-12 09:07:07 +01:00
Peter Steinberger
1c9a2f6a9d perf(gateway): skip completed startup migrations (#105099) 2026-07-12 09:03:45 +01:00
Peter Steinberger
d325b6c76b fix: preserve parent abort reasons through timeouts (#105071) 2026-07-12 09:02:12 +01:00
Peter Steinberger
b6c171901e fix(secrets): harden exec provider diagnostics (#105082) 2026-07-12 09:01:33 +01:00
Vincent Koc
55679d88c6 test(agents): budget Grok reasoning live probes 2026-07-12 15:55:29 +08:00
Vincent Koc
68f2874126 chore(ui): refresh locales and repair cron lifecycle fixtures (#105100)
* chore(ui): refresh control ui locales

* test(cron): keep lifecycle fixtures in memory

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-12 15:53:06 +08:00
Vincent Koc
8f3fe36e28 test(gateway): match current-bound cron probes 2026-07-12 15:52:21 +08:00
Peter Steinberger
e77cf7d44e fix(audit): correlate prefixed outbound conversations (#104816)
* fix(audit): normalize outbound conversation refs

* chore(audit): leave release notes to release tooling
2026-07-12 08:46:52 +01:00
Vincent Koc
b0455c9323 test(gateway): assert sqlite trajectory capture 2026-07-12 15:41:35 +08:00
Kushida
9b057036e3 fix(gateway): keep channels stopped during shutdown and reload (#104811)
* fix(gateway): stop retired health monitor restarts

* style(gateway): format health monitor regression

* fix(gateway): stop retired monitor account scans

* refactor(gateway): coordinate health monitor handoff

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-12 08:27:45 +01:00
Vincent Koc
5839c2e04b fix(plugins): avoid native ESM fallback races 2026-07-12 15:16:07 +08:00
Vincent Koc
ee17910f2a fix(cron): persist fast-mode session state (#105094) 2026-07-12 14:58:56 +08:00
chengzhichao-xydt
789e7e2e36 fix(security): preserve UTF-16 boundaries in secret mask (#104800)
Co-authored-by: chengzhichao-xydt <chengzhichao-xydt@users.noreply.github.com>
2026-07-12 07:50:46 +01:00