vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-04-23 23:22:32 +00:00
Code Issues Packages Projects Releases Wiki Activity
24,245 Commits 1,444 Branches 119 Tags
f425ea06bfe15e50e9f8d042713cdfaedf146a75
Commit Graph

754 Commits

Author SHA1 Message Date
Peter Steinberger
418fa12dfa fix: make overload failover configurable 2026-03-31 21:34:35 +01:00
Peter Steinberger
62a39381da fix: land codex native search follow-ups (#46579) (thanks @Evizero) 2026-04-01 03:30:06 +09:00
Christof Salis
797a70fd95 Codex: add native web search for embedded Pi runs 2026-04-01 03:30:06 +09:00
Peter Steinberger
ae730d9a86 fix: cover Azure disabled reasoning omission (#58208) (thanks @jalehman) 2026-04-01 02:47:29 +09:00
Josh Lehman
a1cb2bdc57 OpenAI: omit disabled reasoning payloads 
Strip `reasoning.effort: "none"` from OpenAI-compatible payloads so GPT-5 models do not receive the unsupported value when thinking is off. Cover both the shared payload wrapper path and the websocket `response.create` builder with regression tests.

Regeneration-Prompt: |
  Fix the OpenAI request-building bug where thinking set to off still forwards
  a reasoning payload with effort "none". GPT-5 mini rejects that value with a
  400, so disabled reasoning must be represented by omitting the reasoning
  parameter entirely. Keep the change additive: sanitize OpenAI-compatible
  payloads in OpenClaw’s wrapper layer, make the websocket request builder stop
  emitting a reasoning block for "none", and add focused regression tests for
  both code paths.
 2026-04-01 02:47:29 +09:00
openperf
56b5ba0dcb fix: address security and review feedback 
- Fix CWE-209: use static safe message instead of raw provider error text
- Fix CWE-117: sanitize provider/model in logs via sanitizeForLog
- Hide CLI hints from external channels via shouldSurfaceToControlUi
- Move overload cap check before advanceAuthProfile to save setup latency
- Export MAX_LIVE_SWITCH_RETRIES as module-level constant
- Use exact toBe() assertions in tests
- Correct failover decision label to fallback_model
 2026-03-31 20:25:09 +05:30
openperf
1fcd179d8c fix(gateway): prevent session death loop on overloaded fallback 
- Add MAX_LIVE_SWITCH_RETRIES=2 guard in agent-runner-execution.ts
- Add MAX_OVERLOAD_PROFILE_ROTATIONS=1 cap in run.ts for overloaded errors
- Return kind:final with user-visible error on retry exhaustion
- Escalate to cross-provider fallback instead of exhausting same-provider profiles

Fixes #58348
 2026-03-31 20:25:09 +05:30
Peter Steinberger
c1ea0ae9c8 build: update deps and align pi sdk usage 2026-03-31 22:56:20 +09:00
Sean
c6f2db1506 fix: prevent gateway attachment offload regressions (#55513) (thanks @Syysean) 
* feat(gateway): implement claim check pattern to prevent OOM on large attachments

* fix: sanitize mediaId, refine trimEnd, remove warn log, add threshold and absolute path

* fix: enforce maxBytes before decoding and use dynamic path from saveMediaBuffer

* fix: enforce absolute maxBytes limit before Buffer allocation and preserve file extensions

* fix: align saveMediaBuffer arguments and satisfy oxfmt linter

* chore: strictly enforce linting rules (curly braces, unused vars, and error typing)

* fix: restrict offload to mainstream mimes to avoid extension-loss bug in store.ts for BMP/TIFF

* fix: restrict offload to mainstream mimes to bypass store.ts extension-loss bug

* chore: document bmp/tiff exclusion from offload whitelist in MIME_TO_EXT

* feat: implement agent-side resolver for opaque media URIs and finalize contract

* fix: support unicode media URIs and allow consecutive dots in safe IDs based on Codex review

* fix(gateway): enforce strict fail-fast for oversized media to prevent OOM bypass

* refactor(gateway): harden media offload with performance and security optimizations

This update refines the Claim Check pattern with industrial-grade guards:

- Performance: Implemented sampled Base64 validation for large payloads (>4KB) to prevent event loop blocking.
- Security: Added null-byte (\u0000) detection and reinforced path traversal guards.
- I18n: Updated media-uri regex to a blacklist-based character class for Unicode/Chinese filename support, with oxlint bypass for intentional control regex.
- Robustness: Enhanced error diagnostics with JSON-serialized IDs.

* fix: add HEIC/HEIF to offload allowlist and pass maxBytes to saveMediaBuffer

* fix(gateway): clean up offloaded media files on attachment parse failure

Address Codex review feedback: track saved media IDs and implement best-effort cleanup via deleteMediaBuffer if subsequent attachments fail validation, preventing orphaned files on disk.

* fix(gateway): enforce full base64 validation to prevent whitespace padding bypass

Address Codex review feedback: remove early return in isValidBase64 so padded payloads cannot bypass offload thresholds and reintroduce memory pressure. Updated related comments.

* fix(gateway): preserve offloaded media metadata and fix validation error mapping

Address Codex review feedback:
- Add \offloadedRefs\ to \ParsedMessageWithImages\ to expose structured metadata for offloaded attachments, preventing transcript media loss.
- Move \erifyDecodedSize\ outside the storage try-catch block to correctly surface client base64 validation failures as 4xx errors instead of 5xx \MediaOffloadError\.
- Add JSDoc TODOs indicating that upstream callers (chat.ts, agent.ts, server-node-events.ts) must explicitly pass the \supportsImages\ flag.

* fix(agents): explicitly allow media store dir when loading offloaded images

Address Codex review feedback: Pass getMediaDir() to loadWebMedia's localRoots for media-uri refs to prevent legacy path resolution mismatches from silently dropping large attachments.

* fix(gateway): resolve attachment offload regressions and error mapping

Address Codex review feedback:
- Pass \supportsImages\ dynamically in \chat.ts\ and \gent.ts\ based on model catalog, and explicitly in \server-node-events.ts\.
- Persist \offloadedRefs\ into the transcript pipeline in \chat.ts\ to preserve media metadata for >2MB attachments.
- Correctly map \MediaOffloadError\ to 5xx (UNAVAILABLE) to differentiate server storage faults from 4xx client validation errors.

* fix(gateway): dynamically compute supportsImages for overrides and node events

Address follow-up Codex review feedback:

- Use effective model (including overrides) to compute \supportsImages\ in \gent.ts\.

- Move session load earlier in \server-node-events.ts\ to dynamically compute \supportsImages\ rather than hardcoding true.

* fix(gateway): resolve capability edge cases reported by codex

Address final Codex edge cases:
- Refactor \gent.ts\ to compute \supportsImages\ even when no session key is present, ensuring text-only override requests without sessions safely drop attachments.
- Update catalog lookups in \chat.ts\, \gent.ts\, and \server-node-events.ts\ to strictly match both \id\ and \provider\ to prevent cross-provider model collisions.

* fix(agents): restore before_install hook for skill installs

Restore the plugin scanner security hook that was accidentally dropped during merge conflict resolution.

* fix: resolve attachment pathing, defer parsing after auth gates, and clean up node-event mocks

* fix: resolve syntax errors in test-env, fix missing helper imports, and optimize parsing sequence in node events

* fix(gateway): re-enforce message length limit after attachment parsing

Adds a secondary check to ensure the 20,000-char cap remains effective even after media markers are appended during the offload flow.

* fix(gateway): prevent dropping valid small images and clean up orphaned media on size rejection

* fix(gateway): share attachment image capability checks

* fix(gateway): preserve mixed attachment order

* fix: fail closed on unknown image capability (#55513) (thanks @Syysean)

* fix: classify offloaded attachment refs explicitly (#55513) (thanks @Syysean)

---------

Co-authored-by: Ayaan Zaidi <hi@obviy.us>
 2026-03-30 20:54:40 +05:30
Kunal Karmakar
34b0a19a16 fix: use azure-openai-responses for Azure custom providers (#50851) (thanks @kunalk16) 
* Add azure-openai-responses

* Unit tests update for updated API

* Add entry for PR #50851

* Add comma to address PR comment

Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>

* Address PR comment on sanitization of output

* Address review comment

* Revert commits

* Revert commit

* Update changelog stating Azure OpenAI only

Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>

* Add references

* Address PR comment on sanitization of output

* Address review comment

* Revert commits

* Revert commit

* Address PR comment on sanitization of output

* Address review comment

* Revert commits

* Revert commit

* Fix generated file

* Add azure openai responses to OPENAI_RESPONSES_APIS

* Add azure openai responses to createParallelToolCallsWrapper

* Adding azure openai responses to attempt.ts

* Add azure openai responses to google.ts

* Address PR comment on sanitization of output

* Revert commit

* Address PR comment on sanitization of output

* Revert commit

* Address PR comment on sanitization of output

* Revert commit

* Fix changelog

* Fix linting

* fix: cover azure responses wrapper path (#50851) (thanks @kunalk16)

---------

Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
Co-authored-by: Ayaan Zaidi <hi@obviy.us>
 2026-03-30 16:17:03 +05:30
Frank Yang
43cd29c4af fix(agents): dispose bundled MCP runtime after local runs (#57520) 
* fix(agents): dispose bundled MCP runtime after local runs

* fix(agents): scope bundle MCP cleanup to local one-shots

* fix(agents): dispose bundle MCP after local runs

* docs(changelog): note local bundle MCP cleanup fix
 2026-03-30 17:12:59 +08:00
Kris Wu
6b255b4dec fix(agents): prevent unhandled rejection when compaction retry times out [AI] (#57451) 
* fix(agents): prevent unhandled rejection when compaction retry times out

* fix(agents): preserve compaction retry wait errors

* chore(changelog): add compaction retry timeout entry

---------

Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
 2026-03-30 13:30:13 +09:00
Yauheni Shauchenka
a6bc51f944 feat(openai): forward text verbosity (#47106) 
* feat(openai): forward text verbosity across responses transports

* fix(openai): remove stale verbosity rebase artifact

* chore(changelog): add openai text verbosity entry

---------

Co-authored-by: Ubuntu <ubuntu@vps-1c82b947.vps.ovh.net>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
 2026-03-30 12:04:35 +09:00
Ayaan Zaidi
6f09a68ae7 fix: finalize LLM idle timeout landing (#55072) (thanks @liuy) 2026-03-30 08:04:42 +05:30
Ayaan Zaidi
179f713c88 fix: unify idle timeout with runner abort path 2026-03-30 08:04:42 +05:30
Liu Yuan
84b72e66b9 feat: add LLM idle timeout for streaming responses 
Problem: When LLM stops responding, the agent hangs for ~5 minutes with no feedback.
Users had to use /stop to recover.

Solution: Add idle timeout detection for LLM streaming responses.
 2026-03-30 08:04:42 +05:30
Michel Belleau
26f34be20c fix(gateway): /v1/responses tool schema should use flat Responses API format (#57166) 
* gateway: fix /v1/responses tool schema to use flat Responses API format

* gateway: fix remaining stale wrapped-format tools in parity tests

* gateway: propagate strict flag through extractClientTools normalization

* fix(gateway): cover responses tool boundary

* Delete docs/internal/vincentkoc/2026-03-30-pr-57166-responses-tool-schema-followup.md

---------

Co-authored-by: Michel Belleau <mbelleau@Michels-MacBook-Pro.local>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
 2026-03-30 09:36:54 +09:00
Harold Hunt
8bf86b4cdf agents: remove xAI auth trace logging (#57342) 2026-03-29 20:29:51 -04:00
Peter Steinberger
63cbc097b5 refactor(channels): route core through registered plugin capabilities 2026-03-30 01:03:42 +01:00
Vincent Koc
475defdf82 Anthropic: wire explicit service tier params (#45453) 
* Anthropic: add explicit service tier wrapper

* Runner: wire explicit Anthropic service tiers

* Tests: cover explicit Anthropic service tiers

* Changelog: note Anthropic service tier follow-up

* fix(agents): make Anthropic service tiers override fast mode

* fix(config): drop duplicate healed sourceConfig

* docs(anthropic): update fast mode service tier guidance

* fix(agents): remove dead Anthropic Bedrock exports

* fix(agents): avoid cross-provider Anthropic tier warnings

* fix(agents): avoid cross-provider OpenAI tier warnings
 2026-03-30 08:54:56 +09:00
Cypher
924c264a74 fix: inject anthropic service_tier for OAuth auth (#55922) 
* fix: inject anthropic service_tier for OAuth auth

Remove the OAuth-token exclusion from createAnthropicFastModeWrapper
so that sk-ant-oat-* requests receive service_tier injection, matching
Claude Code CLI behavior and reducing avoidable 529 overload cascades.

isAnthropicOAuthApiKey remains in use in createAnthropicBetaHeadersWrapper
for beta header selection — it is not dead code after this change.

Fixes #55758

* docs(changelog): note anthropic oauth service tier fix

* Update CHANGELOG.md

---------

Co-authored-by: Cypherm <28184436+Cypherm@users.noreply.github.com>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
 2026-03-30 07:54:24 +09:00
Peter Steinberger
7043705ef3 refactor: split MCP runtime and transport seams 2026-03-29 23:36:37 +01:00
Peter Steinberger
004bffa1c3 fix: finalize safer MCP tool naming (#49505) (thanks @ziomancer) 2026-03-30 07:22:36 +09:00
Peter Steinberger
d82d6ba0c4 fix: align openai fast mode with priority processing 2026-03-29 23:14:52 +01:00
Vincent Koc
ace876b087 fix(gateway): keep startup model warmup static 2026-03-30 07:12:52 +09:00
Vincent Koc
bd89e07baa fix(agents): stop transient live-switch mismatches 2026-03-30 07:12:52 +09:00
无忌
6477d783e8 Agents: cache bundle MCP runtime per session 2026-03-30 05:10:32 +09:00
Peter Steinberger
3f5ed11266 fix: clear stalled model resolution lanes 2026-03-30 05:09:26 +09:00
Peter Steinberger
edc58a6864 refactor: generalize provider transport hooks 2026-03-29 23:05:58 +09:00
nanakotsai
571da81a35 fix: keep openai-codex on HTTP responses transport 2026-03-29 15:04:38 +05:30
Vincent Koc
af694def5b fix(agents): fail closed on silent turns (#52593) 
* fix(agents): fail closed on silent turns

* fix(agents): suppress all silent turn emissions

* fix(agents): pass silent turns into embedded subscribe
 2026-03-29 17:40:20 +09:00
Peter Steinberger
8e0ab35b0e refactor(plugins): decouple bundled plugin runtime loading 2026-03-29 09:10:38 +01:00
Peter Steinberger
c48e0f8e6a style: normalize import order and formatting 2026-03-29 16:33:22 +09:00
Peter Steinberger
c664b67796 fix: apply Mistral compat across proxy transports 2026-03-29 16:32:31 +09:00
yuanchao
ec7f19e2ef fix(kimi): preserve valid Anthropic-compatible toolCall arguments in malformed-args repair path (openclaw#54491) 
Verified:
- pnpm build
- pnpm check
- pnpm test -- src/agents/pi-embedded-runner/run/attempt.test.ts

Co-authored-by: yuanaichi <7549002+yuanaichi@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-03-28 22:37:50 -05:00
Vignesh Natarajan
a2e4707cfe fix(agents): recover prefixed malformed tool-call JSON 2026-03-28 20:22:22 -07:00
Peter Steinberger
f9b1079283 build: cut 2026.3.28 stable 2026-03-29 02:33:41 +01:00
Vignesh Natarajan
7f46b03de0 fix: keep memory flush daily files append-only (#53725) (thanks @HPluseven) 2026-03-28 18:22:11 -07:00
Vignesh Natarajan
9d1498b2c2 Agents: add memory flush append regression 2026-03-28 18:22:11 -07:00
HPluseven
60b7613156 Agents: forward memory flush append guard 2026-03-28 18:22:11 -07:00
Robin Waslander
468185d1b5 fix(agents): handle unhandled stop reasons gracefully instead of crashing (#56639) 
Wrap the embedded agent stream to catch 'Unhandled stop reason: ...'
errors from the provider adapter and convert them into structured
assistant error messages instead of crashing the agent run.

Covers all unknown stop reasons so future provider additions don't
crash the runner. The wrapper becomes a harmless no-op once the
upstream dependency handles them natively.

Fixes #43607
 2026-03-28 23:35:12 +01:00
Peter Steinberger
1e424990a2 fix(xai): restore config-backed auth discovery 2026-03-28 21:35:13 +00:00
huntharo
0391e455bf Lint: drop stale model compat imports 2026-03-28 21:35:13 +00:00
huntharo
09e2ef965b Tests: fix rebased auth and runner type coverage 2026-03-28 21:35:13 +00:00
huntharo
b918568b1e Rebase: reconcile xAI post-main conflicts 2026-03-28 21:35:13 +00:00
huntharo
8ca3710b90 xAI: strip unsupported payload fields 2026-03-28 21:35:13 +00:00
huntharo
fd748171b8 xAI: strip unsupported Responses reasoning params 2026-03-28 21:35:13 +00:00
huntharo
80a1ccc552 xAI: preserve session auth in embedded runs 2026-03-28 21:35:13 +00:00
huntharo
2765fdc2dd xAI: normalize stale Grok transport to Responses 2026-03-28 21:35:13 +00:00
huntharo
f0ce658fbb xAI: add auth resolution diagnostics 2026-03-28 21:35:13 +00:00