vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-03-12 23:40:45 +00:00
Code Issues Packages Projects Releases Wiki Activity
16,492 Commits 683 Branches 76 Tags
ef920f2f39b4caefa8e76280ecea18d126ad01e8
Commit Graph

68 Commits

Author SHA1 Message Date
Peter Steinberger
bb60687b89 refactor(nodes): dedupe camera payload and node resolve helpers 2026-03-02 23:32:41 +00:00
Peter Steinberger
b1c30f0ba9 refactor: dedupe cli config cron and install flows 2026-03-02 19:57:33 +00:00
Peter Steinberger
8768487aee refactor(shared): dedupe protocol schema typing and session/media helpers 2026-03-02 19:57:33 +00:00
Peter Steinberger
dcf8308c8f refactor(ui): share channel config extras and hint types 2026-03-02 15:21:19 +00:00
Peter Steinberger
693f61404d refactor(shared): centralize assistant identity and usage timeseries types 2026-03-02 14:36:41 +00:00
Peter Steinberger
d358b3ac88 refactor(core): extract shared usage, auth, and display helpers 2026-03-02 08:54:20 +00:00
Vincent Koc
5a2200b280 fix(sessions): harden recycled PID lock recovery follow-up (#31320) 
* fix: detect PID recycling in session write lock staleness check

The session lock uses isPidAlive() to determine if a lock holder is
still running. In containers, PID recycling can cause a different
process to inherit the same PID, making the lock appear valid when
the original holder is dead.

Record the process start time (field 22 of /proc/pid/stat) in the
lock file and compare it during staleness checks. If the PID is alive
but its start time differs from the recorded value, the lock is
treated as stale and reclaimed immediately.

Backward compatible: lock files without starttime are handled with
the existing PID-alive + age-based logic. Non-Linux platforms skip
the starttime check entirely (getProcessStartTime returns null).

* shared: harden pid starttime parsing

* sessions: validate lock pid/starttime payloads

* changelog: note recycled PID lock recovery fix

* changelog: credit hiroki and vincent on lock recovery fix

---------

Co-authored-by: HirokiKobayashi-R <hiroki@rhems-japan.co.jp>
 2026-03-01 21:42:22 -08:00
Vignesh Natarajan
e90429794a Web UI: strip relevant-memories scaffolding 2026-02-28 13:20:50 -08:00
Peter Steinberger
61b3246a7f fix(ssrf): unify ipv6 special-use blocking 2026-02-26 03:43:42 +01:00
Peter Steinberger
baf656bc6f fix: block IPv6 multicast SSRF bypass 2026-02-26 03:35:10 +01:00
Peter Steinberger
3af9d1f8e9 fix: scope Telegram RFC2544 SSRF exception to policy opt-in (#24982) (thanks @stakeswky) 2026-02-24 03:28:00 +00:00
User
9df80b73e2 fix: allow RFC2544 benchmark range (198.18.0.0/15) through SSRF filter 
Telegram's API and file servers resolve to IPs in the 198.18.0.0/15
range (RFC 2544 benchmarking range). The SSRF filter was blocking these
addresses because ipaddr.js classifies them as 'reserved', and the
filter also had an explicit RFC2544_BENCHMARK_PREFIX check that blocked
them unconditionally.

Fix: exempt 198.18.0.0/15 from the 'reserved' range block in
isBlockedSpecialUseIpv4Address(). Other 'reserved' ranges (TEST-NET-2,
TEST-NET-3, documentation prefixes) remain blocked. The explicit
RFC2544_BENCHMARK_PREFIX check is repurposed as the exemption guard.

Closes #24973
 2026-02-24 03:28:00 +00:00
Peter Steinberger
cd5f3fe0c1 test(config): consolidate env/include scenario coverage 2026-02-23 22:16:30 +00:00
Peter Steinberger
0183610db3 refactor: de-duplicate channel runtime and payload helpers 2026-02-23 21:25:28 +00:00
Peter Steinberger
8af19ddc5b refactor: extract shared dedupe helpers for runtime paths 2026-02-23 05:43:43 +00:00
Peter Steinberger
98427453ba fix(network): normalize SSRF IP parsing and monitor typing 2026-02-22 18:55:34 +01:00
Peter Steinberger
3286791316 refactor(agents): dedupe config and truncation guards 2026-02-22 17:54:51 +00:00
Peter Steinberger
333fbb8634 refactor(net): consolidate IP checks with ipaddr.js 2026-02-22 17:02:44 +01:00
Peter Steinberger
dd07c06d00 fix: tighten gateway restart loop handling (#23416) (thanks @jeffwnli) 2026-02-22 10:38:32 +01:00
jeffr
6eaf2baa57 fix: detect zombie processes in isPidAlive on Linux 
kill(pid, 0) succeeds for zombie processes, causing the gateway lock
to treat a zombie lock owner as alive. Read /proc/<pid>/status on
Linux to check for 'Z' (zombie) state before reporting the process
as alive. This prevents the lock from being held indefinitely by a
zombie process during gateway restart.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-22 10:38:32 +01:00
Peter Steinberger
a32edf423b refactor(text): share code-region parsing for reasoning tags 2026-02-22 07:44:57 +00:00
Peter Steinberger
e0db04a50d fix(security): harden avatar validation and size limits 2026-02-22 08:35:32 +01:00
Vignesh Natarajan
55d492b4cd Gateway: allow operator admin scope for pairing and approvals 2026-02-21 19:37:04 -08:00
vignesh07
426d97797d fix(pairing): treat operator.admin as satisfying operator.write 2026-02-21 18:25:13 -08:00
Peter Steinberger
cc2ff68947 test: optimize gateway infra memory and security coverage 2026-02-21 21:44:50 +00:00
Vincent Koc
35be87b09b fix(tui): strip inbound metadata blocks from user messages (clean rewrite) (#22345) 
* fix(tui): strip inbound metadata blocks from user text

* chore: clean up metadata-strip format and changelog credit

* chore: format tui metadata-strip tests

* test: align metadata-strip regression expectations

* refactor: reuse canonical inbound metadata stripper

* test: allow tmp media fixture paths in media-understanding tests

* refactor: reuse canonical inbound metadata stripper

* format: fix changelog blank line after headings

* test: fix unrelated check typing regressions

* test: align memory async mock embedding signatures

* test: avoid tsgo mock typing pitfall

* test: restore async search mock typings in merge tree

* test: trigger ci rerun without behavior change

* chore: dedupe todays changelog entries

* fix: dedupe sqlite mock keys in qmd manager test

* Update qmd-manager.test.ts

* test: align chat metadata sanitization expectation
 2026-02-20 23:52:43 -05:00
hcoj
5dae5e6ef2 fix(tools): forward senderIsOwner to embedded runner so owner-only tools work (#22296) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 0baca5ccc1
Co-authored-by: hcoj <1169805+hcoj@users.noreply.github.com>
Co-authored-by: obviyus <22031114+obviyus@users.noreply.github.com>
Reviewed-by: @obviyus
 2026-02-21 08:33:58 +05:30
Vincent Koc
9a6b26d427 fix(ui): strip inbound metadata blocks and guard reply-tag streaming (clean rewrite) (#22346) 
* fix(ui): strip inbound metadata blocks from user messages

* chore: clean up metadata-strip format and changelog credit

* Update src/shared/chat-envelope.ts

Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>

---------

Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
 2026-02-20 21:41:32 -05:00
Mariano
5828708343 iOS/Gateway: harden pairing resolution and settings-driven capability refresh (#22120) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 55b8a93a99
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
 2026-02-20 18:57:04 +00:00
Shakker
525d6e0671 Gateway: align pairing scope checks for read access 2026-02-20 05:12:05 +00:00
Peter Steinberger
26c9b37f5b fix(security): enforce strict IPv4 SSRF literal handling 2026-02-19 15:24:47 +01:00
Peter Steinberger
2f6b8663ff refactor(shared): reuse outbound text chunking core 2026-02-19 07:01:54 +00:00
Peter Steinberger
b2c2737452 refactor(shared): reuse runtime entry requirement evaluator 2026-02-19 00:17:24 +00:00
Peter Steinberger
136bd59ba5 refactor(shared): centralize @/# slug normalization 2026-02-18 23:34:15 +00:00
Peter Steinberger
b366279030 refactor(shared): reuse node list parsers across cli and tools 2026-02-18 23:34:15 +00:00
Peter Steinberger
8b48e0c615 refactor(shared): reuse requirement remote context type 2026-02-18 17:48:02 +00:00
Peter Steinberger
8a9fddedc9 refactor: extract shared install and embedding utilities 2026-02-18 04:49:22 +00:00
Peter Steinberger
91e9684e8c test: add normalization coverage for shared and slack allow-list 2026-02-18 03:17:54 +00:00
Peter Steinberger
8407eeb33c refactor: extract shared string normalization helpers 2026-02-18 03:17:54 +00:00
Peter Steinberger
f452a7a60b refactor(shared): reuse chat content extractor for assistant text 2026-02-17 00:53:44 +00:00
Peter Steinberger
7687f6cfcd refactor: reuse runtime requires evaluation 2026-02-17 00:45:02 +00:00
Peter Steinberger
7147cd9cc0 refactor: dedupe process-scoped lock maps 2026-02-17 00:45:02 +00:00
Peter Steinberger
04892ee230 refactor(core): dedupe shared config and runtime helpers 2026-02-16 14:59:30 +00:00
Peter Steinberger
ae1880acf6 refactor(frontmatter): share openclaw manifest parsing 2026-02-16 00:23:33 +00:00
Peter Steinberger
3a7b1b36b6 perf(test): consolidate shared utility suites 2026-02-16 00:18:27 +00:00
Peter Steinberger
5248b759fe refactor(shared): reuse isPidAlive 2026-02-15 19:06:54 +00:00
Peter Steinberger
137079fc21 refactor(shared): share entry requirements evaluation 2026-02-15 12:45:46 -06:00
Peter Steinberger
b74c3d80cc refactor(shared): dedupe chat content text extraction 2026-02-15 17:21:36 +00:00
Peter Steinberger
34b6c743f5 refactor(shared): share requirements eval for remote context 2026-02-15 14:26:10 +00:00
Peter Steinberger
b838429e2f refactor(status): share emoji/homepage resolver 2026-02-15 13:01:39 +00:00