vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-09 18:00:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
31,929 Commits 1,843 Branches 149 Tags
f7422e1fbc72af1fc9c8a68a710e0556845eef18
Commit Graph

55 Commits

Author SHA1 Message Date
Peter Steinberger
310b5e4f6a test: reduce core command hotspots 2026-04-17 16:05:10 +01:00
Peter Steinberger
a861da41b5 test: trim CLI and doctor hotspots 2026-04-17 16:05:09 +01:00
Peter Steinberger
35dcd06764 test: trim agent test hotspots 2026-04-17 07:15:27 +01:00
Ayaan Zaidi
3a3fae0eac fix(agents): normalize cli transcript api field 2026-04-16 09:30:31 +05:30
Ayaan Zaidi
b8ef507cc0 fix(agents): persist cli transcript turns 2026-04-16 09:30:31 +05:30
Peter
70b67b0c68 fix(agents): preserve original prompt on model fallback retry (#65760) (#66029) 
Merged via squash.

Prepared head SHA: ba919d1934
Co-authored-by: WuKongAI-CMU <210765158+WuKongAI-CMU@users.noreply.github.com>
Co-authored-by: altaywtf <9790196+altaywtf@users.noreply.github.com>
Reviewed-by: @altaywtf
 2026-04-14 23:47:01 +03:00
Vincent Koc
a165f7b063 fix(ci): repair agent test mocks 2026-04-13 23:30:17 +01:00
Vincent Koc
ce1fffa97e perf(agents): narrow session helper imports 2026-04-13 21:09:44 +01:00
Vincent Koc
99755fcb2f perf(agents): lazy-load session store updates 2026-04-13 21:07:50 +01:00
Vincent Koc
dd27aa945e perf(agents): lazy-load delivery runtime 2026-04-13 21:05:30 +01:00
Vincent Koc
f126088761 perf(agents): keep attempt execution runtime cold 2026-04-13 21:03:52 +01:00
joshavant
c4764095f8 Outbound: centralize payload normalization plan 2026-04-12 19:52:24 -05:00
Peter Steinberger
5b2ae49107 perf: reduce agents test import overhead 2026-04-13 01:26:44 +01:00
Peter Steinberger
5d9a04d4c1 perf: lazy-load session store helpers 2026-04-12 20:17:42 +01:00
Vincent Koc
913d23c877 test(agents): share session store lookup fixtures 2026-04-12 10:45:56 +01:00
Vincent Koc
a88fbf0f64 fix(cycles): split reply payload and option contracts 2026-04-11 22:24:55 +01:00
Vincent Koc
74e7b8d47b fix(cycles): bulk extract leaf type surfaces 2026-04-11 13:26:50 +01:00
Agustin Rivera
fe0f686c92 Gate Matrix profile updates for non-owner message tool runs (#62662) 
Merged via squash.

Prepared head SHA: 602b16a676
Co-authored-by: eleqtrizit <31522568+eleqtrizit@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-04-10 12:56:17 -04:00
Peter Steinberger
89d7a24a35 fix(cli-runner): wire OpenClaw skills into Claude CLI 
Co-authored-by: Omar López <zomars@me.com>
 2026-04-10 13:45:02 +01:00
Vincent Koc
dbcc574e1f fix(agents): split embedded run shared types 2026-04-09 08:24:22 +01:00
Frank Yang
153e3add68 fix(auto-reply): strip leading NO_REPLY tokens to prevent silent-reply leak (#63068) 
* fix(auto-reply): strip leading NO_REPLY tokens to prevent silent-reply leak

* fix(auto-reply): preserve substantive NO_REPLY leading text

* fix(agents): preserve ACP silent-prefix cumulative deltas

* fix(auto-reply): harden silent-token streaming paths

* fix(auto-reply): normalize glued silent tokens consistently

---------

Co-authored-by: termtek <termtek@ubuntu.tail2b72cd.ts.net>
 2026-04-09 00:30:13 +08:00
Sam Padilla
f1b7dd6c0a fix: honor lightContext in spawned subagents (#62264) (thanks @theSamPadilla) 
* Add lightContext support for spawned subagents

* Clarify and guard lightContext usage in sessions_spawn

* test: guard sessions_spawn lightContext acp misuse

* fix: honor lightContext in spawned subagents (#62264) (thanks @theSamPadilla)

---------

Co-authored-by: Jaz <jaz@bycrux.com>
Co-authored-by: Ayaan Zaidi <hi@obviy.us>
 2026-04-07 11:05:45 +05:30
Peter Steinberger
134ff61754 test: stabilize agent auth and config suites 2026-04-06 19:52:42 +01:00
EVA
594ea6e1b9 fix(agents): backfill missing sessionKey in embedded PI runner — prevents undefined key in model selection and live-switch (#60555) 
Merged via squash.

Prepared head SHA: 8081345f1c
Co-authored-by: 100yenadmin <239388517+100yenadmin@users.noreply.github.com>
Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com>
Reviewed-by: @jalehman
 2026-04-06 09:51:05 -07:00
Peter Steinberger
ef923805f5 Revert "refactor(cli): remove custom cli backends" 
This reverts commit 6243806f7b.
 2026-04-06 13:40:42 +01:00
Peter Steinberger
c39f061003 Revert "refactor(cli): remove bundled cli text providers" 
This reverts commit 05d351c430.
 2026-04-06 13:40:41 +01:00
Peter Steinberger
85b3203421 fix(agents): carry async media wake attachments structurally 2026-04-06 03:03:53 +01:00
Peter Steinberger
6b627d4707 fix(discord): add batched reply mode 2026-04-05 21:15:29 +01:00
Peter Steinberger
84e76f7cce refactor(cli): remove stale cli provider leftovers 2026-04-05 19:11:34 +01:00
Peter Steinberger
1a47675e6c fix: restore check after CLI seam cleanup 2026-04-05 19:06:34 +01:00
Peter Steinberger
05d351c430 refactor(cli): remove bundled cli text providers 2026-04-05 18:46:36 +01:00
Peter Steinberger
6243806f7b refactor(cli): remove custom cli backends 2026-04-05 18:04:48 +01:00
Vincent Koc
84eb617a79 fix(agents): persist claude cli session ids 2026-04-05 14:35:34 +01:00
Peter Steinberger
ccd45bd9f0 fix(agents): refresh runtime tool and subagent coverage 2026-04-04 20:06:32 +01:00
Peter Steinberger
cd36ff7483 fix: resume explicit session-id agent runs 2026-04-04 17:48:43 +09:00
Peter Steinberger
3de09fbe74 fix: restore claude cli loopback mcp bridge (#35676) (thanks @mylukin) 2026-04-04 15:16:20 +09:00
Peter Steinberger
7e69c2f6a7 test: trim remaining mock drift 2026-04-04 04:04:12 +01:00
Peter Steinberger
e4b5027c5e refactor(plugins): move extension seams into extensions 2026-04-04 00:10:16 +01:00
Peter Steinberger
ab96520bba refactor(plugins): move channel behavior into plugins 2026-04-03 19:09:20 +01:00
Shakker
e26a590f7a refactor: drop heavy channel outbound test imports 2026-04-03 15:10:48 +01:00
Peter Steinberger
0d938748a5 refactor(sessions): clarify duplicate session resolution 2026-04-03 20:53:17 +09:00
Peter Steinberger
1dd88c6288 fix(sessions): harden session id resolution 2026-04-03 20:29:20 +09:00
Peter Steinberger
874a585d57 refactor(agent): share exec parser and runtime context codec 2026-04-03 00:15:43 +09:00
Sean
c6f2db1506 fix: prevent gateway attachment offload regressions (#55513) (thanks @Syysean) 
* feat(gateway): implement claim check pattern to prevent OOM on large attachments

* fix: sanitize mediaId, refine trimEnd, remove warn log, add threshold and absolute path

* fix: enforce maxBytes before decoding and use dynamic path from saveMediaBuffer

* fix: enforce absolute maxBytes limit before Buffer allocation and preserve file extensions

* fix: align saveMediaBuffer arguments and satisfy oxfmt linter

* chore: strictly enforce linting rules (curly braces, unused vars, and error typing)

* fix: restrict offload to mainstream mimes to avoid extension-loss bug in store.ts for BMP/TIFF

* fix: restrict offload to mainstream mimes to bypass store.ts extension-loss bug

* chore: document bmp/tiff exclusion from offload whitelist in MIME_TO_EXT

* feat: implement agent-side resolver for opaque media URIs and finalize contract

* fix: support unicode media URIs and allow consecutive dots in safe IDs based on Codex review

* fix(gateway): enforce strict fail-fast for oversized media to prevent OOM bypass

* refactor(gateway): harden media offload with performance and security optimizations

This update refines the Claim Check pattern with industrial-grade guards:

- Performance: Implemented sampled Base64 validation for large payloads (>4KB) to prevent event loop blocking.
- Security: Added null-byte (\u0000) detection and reinforced path traversal guards.
- I18n: Updated media-uri regex to a blacklist-based character class for Unicode/Chinese filename support, with oxlint bypass for intentional control regex.
- Robustness: Enhanced error diagnostics with JSON-serialized IDs.

* fix: add HEIC/HEIF to offload allowlist and pass maxBytes to saveMediaBuffer

* fix(gateway): clean up offloaded media files on attachment parse failure

Address Codex review feedback: track saved media IDs and implement best-effort cleanup via deleteMediaBuffer if subsequent attachments fail validation, preventing orphaned files on disk.

* fix(gateway): enforce full base64 validation to prevent whitespace padding bypass

Address Codex review feedback: remove early return in isValidBase64 so padded payloads cannot bypass offload thresholds and reintroduce memory pressure. Updated related comments.

* fix(gateway): preserve offloaded media metadata and fix validation error mapping

Address Codex review feedback:
- Add \offloadedRefs\ to \ParsedMessageWithImages\ to expose structured metadata for offloaded attachments, preventing transcript media loss.
- Move \erifyDecodedSize\ outside the storage try-catch block to correctly surface client base64 validation failures as 4xx errors instead of 5xx \MediaOffloadError\.
- Add JSDoc TODOs indicating that upstream callers (chat.ts, agent.ts, server-node-events.ts) must explicitly pass the \supportsImages\ flag.

* fix(agents): explicitly allow media store dir when loading offloaded images

Address Codex review feedback: Pass getMediaDir() to loadWebMedia's localRoots for media-uri refs to prevent legacy path resolution mismatches from silently dropping large attachments.

* fix(gateway): resolve attachment offload regressions and error mapping

Address Codex review feedback:
- Pass \supportsImages\ dynamically in \chat.ts\ and \gent.ts\ based on model catalog, and explicitly in \server-node-events.ts\.
- Persist \offloadedRefs\ into the transcript pipeline in \chat.ts\ to preserve media metadata for >2MB attachments.
- Correctly map \MediaOffloadError\ to 5xx (UNAVAILABLE) to differentiate server storage faults from 4xx client validation errors.

* fix(gateway): dynamically compute supportsImages for overrides and node events

Address follow-up Codex review feedback:

- Use effective model (including overrides) to compute \supportsImages\ in \gent.ts\.

- Move session load earlier in \server-node-events.ts\ to dynamically compute \supportsImages\ rather than hardcoding true.

* fix(gateway): resolve capability edge cases reported by codex

Address final Codex edge cases:
- Refactor \gent.ts\ to compute \supportsImages\ even when no session key is present, ensuring text-only override requests without sessions safely drop attachments.
- Update catalog lookups in \chat.ts\, \gent.ts\, and \server-node-events.ts\ to strictly match both \id\ and \provider\ to prevent cross-provider model collisions.

* fix(agents): restore before_install hook for skill installs

Restore the plugin scanner security hook that was accidentally dropped during merge conflict resolution.

* fix: resolve attachment pathing, defer parsing after auth gates, and clean up node-event mocks

* fix: resolve syntax errors in test-env, fix missing helper imports, and optimize parsing sequence in node events

* fix(gateway): re-enforce message length limit after attachment parsing

Adds a secondary check to ensure the 20,000-char cap remains effective even after media markers are appended during the offload flow.

* fix(gateway): prevent dropping valid small images and clean up orphaned media on size rejection

* fix(gateway): share attachment image capability checks

* fix(gateway): preserve mixed attachment order

* fix: fail closed on unknown image capability (#55513) (thanks @Syysean)

* fix: classify offloaded attachment refs explicitly (#55513) (thanks @Syysean)

---------

Co-authored-by: Ayaan Zaidi <hi@obviy.us>
 2026-03-30 20:54:40 +05:30
Frank Yang
43cd29c4af fix(agents): dispose bundled MCP runtime after local runs (#57520) 
* fix(agents): dispose bundled MCP runtime after local runs

* fix(agents): scope bundle MCP cleanup to local one-shots

* fix(agents): dispose bundle MCP after local runs

* docs(changelog): note local bundle MCP cleanup fix
 2026-03-30 17:12:59 +08:00
wangchunyue
2c8c4e45f1 fix: preserve fallback prompt on model fallback for new sessions (#55632) (thanks @openperf) 
* fix(agents): preserve original task prompt on model fallback for new sessions

* fix(agents): use dynamic transcript check for sessionHasHistory on fallback retry

Address Greptile review feedback: replace the static !isNewSession flag
with a dynamic sessionFileHasContent() check that reads the on-disk
transcript before each fallback retry. This correctly handles the edge
case where the primary model completes at least one assistant-response
turn (flushing the user message to disk) before failing - the fallback
now sends the recovery prompt instead of duplicating the original body.

The !isNewSession short-circuit is kept as a fast path so existing
sessions skip the file read entirely.

* fix(agents): address security vulnerabilities in session fallback logic

Fixes three medium-severity security issues identified by Aisle Security Analysis on PR #55632:
- CWE-400: Unbounded session transcript read in sessionFileHasContent()
- CWE-400: Symlink-following in sessionFileHasContent()
- CWE-201: Sensitive prompt replay to a different fallback provider

* fix(agents): use JSONL parsing for session history detection (CWE-703)

Replace bounded byte-prefix substring matching in sessionFileHasContent()
with line-by-line JSONL record parsing. The previous approach could miss
an assistant message when the preceding user content exceeded the 256KB
read limit, causing a false negative that blocks cross-provider fallback
entirely.

* fix(agents): preserve fallback prompt across providers

---------

Co-authored-by: Ayaan Zaidi <hi@obviy.us>
 2026-03-29 18:35:45 +05:30
Tak Hoffman
8e4115947b fix: use session origin provider for reset overrides 2026-03-26 22:42:45 -05:00
Peter Steinberger
046a950877 refactor: split agent command execution helpers 2026-03-27 01:02:40 +00:00
Peter Steinberger
12100719b8 fix: preserve cli sessions across model changes 2026-03-26 20:25:20 +00:00
Tak Hoffman
df58b4f5fb fix: prefer deterministic session id resume targets 2026-03-24 21:18:40 -05:00