vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-03-16 12:30:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
18,333 Commits 758 Branches 80 Tags
fb40b09157d718e1dd67e30ac28e027eaeda8ca0
Commit Graph

1260 Commits

Author SHA1 Message Date
Peter Steinberger
fb40b09157 refactor: share feishu media client setup 2026-03-13 16:51:59 +00:00
Peter Steinberger
6b04ab1e35 refactor: share teams drive upload flow 2026-03-13 16:51:59 +00:00
Peter Steinberger
a4525b721e refactor: deduplicate nextcloud send context 2026-03-13 16:51:59 +00:00
Peter Steinberger
6b07604d64 refactor: share nextcloud target normalization 2026-03-13 16:51:59 +00:00
Peter Steinberger
ef8cc3d0fb refactor: share tlon inline text rendering 2026-03-13 16:51:59 +00:00
Peter Steinberger
261a40dae1 fix: narrow acpx health failure handling 2026-03-13 16:30:27 +00:00
Peter Steinberger
3f37afd18c refactor: extract acpx event builders 2026-03-13 16:30:27 +00:00
Peter Steinberger
f4ed317083 refactor: deduplicate acpx availability checks 2026-03-13 16:30:27 +00:00
Peter Steinberger
16ececf0a6 chore: bump version to 2026.3.13 2026-03-13 04:38:32 +00:00
Peter Steinberger
496ca3a637 fix(feishu): fail closed on webhook signature checks 2026-03-13 03:13:56 +00:00
Peter Steinberger
de3e6a8c5b fix(routing): require ids for slack and msteams allowlists 2026-03-13 01:44:42 +00:00
Peter Steinberger
88244c0942 refactor(zalouser): reuse shared name matching helper 2026-03-13 01:44:42 +00:00
Peter Steinberger
c25e46a433 chore: prepare 2026.3.12 release 2026-03-13 01:38:20 +00:00
Peter Steinberger
b14a5c6713 fix(zalouser): require ids for group allowlist auth 2026-03-13 01:31:17 +00:00
Peter Steinberger
87ad1ce9b1 refactor: add non-interactive provider plugin setup 2026-03-13 01:19:35 +00:00
Vincent Koc
fed24a1311 build: sync bundled plugin versions 2026-03-12 21:06:12 -04:00
Peter Steinberger
4dd4e36450 build: update deps and fix vitest 4 regressions 2026-03-13 01:02:00 +00:00
Peter Steinberger
86a3149b2e fix: harden windows npm runtime path 2026-03-12 23:03:19 +00:00
Vincent Koc
92191fcd68 deps: bump openclaw to 2026.3.11 
Raise internal OpenClaw constraints to 2026.3.11 and regenerate pnpm lockfile to remove the vulnerable 2026.3.8 resolution.
 2026-03-12 19:00:49 -04:00
Peter Steinberger
212afb6950 refactor: clarify pairing setup auth labels 2026-03-12 22:46:28 +00:00
Peter Steinberger
1c7ca391a8 refactor: trim bootstrap token metadata 2026-03-12 22:46:28 +00:00
Peter Steinberger
d83491e751 feat: modularize provider plugin architecture 2026-03-12 22:24:35 +00:00
Peter Steinberger
bf89947a8e fix: switch pairing setup codes to bootstrap tokens 2026-03-12 22:23:07 +00:00
Vincent Koc
f96ba87f03 Zalo: rate limit invalid webhook secret guesses before auth (#44173) 
* Zalo: rate limit webhook guesses before auth

* Tests: cover pre-auth Zalo webhook rate limiting

* Changelog: note Zalo pre-auth rate limiting

* Zalo: preserve auth-before-content-type response ordering

* Tests: cover auth-before-content-type webhook ordering

* Zalo: split auth and unauth webhook rate-limit buckets

* Tests: cover auth bucket split for Zalo webhook rate limiting

* Zalo: use trusted proxy client IP for webhook rate limiting

* Tests: cover trusted proxy client IP rate limiting for Zalo
 2026-03-12 12:30:50 -04:00
Vincent Koc
7844bc89a1 Security: require Feishu webhook encrypt key (#44087) 
* Feishu: require webhook encrypt key in schema

* Feishu: cover encrypt key webhook validation

* Feishu: enforce encrypt key at startup

* Feishu: add webhook forgery regression test

* Feishu: collect encrypt key during onboarding

* Docs: require Feishu webhook encrypt key

* Changelog: note Feishu webhook hardening

* Docs: clarify Feishu encrypt key screenshot

* Feishu: treat webhook encrypt key as secret input

* Feishu: resolve encrypt key only in webhook mode
 2026-03-12 11:01:00 -04:00
Vincent Koc
3e730c0332 Security: preserve Feishu reaction chat type (#44088) 
* Feishu: preserve looked-up chat type

* Feishu: fail closed on ambiguous reaction chats

* Feishu: cover reaction chat type fallback

* Changelog: note Feishu reaction hardening

* Feishu: fail closed without resolved chat type

* Feishu: normalize reaction chat type at runtime
 2026-03-12 10:53:40 -04:00
Lyle
c965049dc6 fix(mattermost): pass mediaLocalRoots through reply delivery (#44021) 
Merged via squash.

Prepared head SHA: 856f11f129
Co-authored-by: LyleLiu666 <31182860+LyleLiu666@users.noreply.github.com>
Co-authored-by: mukhtharcm <56378562+mukhtharcm@users.noreply.github.com>
Reviewed-by: @mukhtharcm
 2026-03-12 20:13:51 +05:30
Teconomix
171d2df9e0 feat(mattermost): add replyToMode support (off | first | all) (#29587) 
Merged via squash.

Prepared head SHA: 4a67791f53
Co-authored-by: teconomix <6959299+teconomix@users.noreply.github.com>
Co-authored-by: mukhtharcm <56378562+mukhtharcm@users.noreply.github.com>
Reviewed-by: @mukhtharcm
 2026-03-12 18:03:12 +05:30
Nimrod Gutman
4f620bebe5 fix(doctor): canonicalize gateway service entrypoint paths (#43882) 
Merged via squash.

Prepared head SHA: 9f530d2a86
Co-authored-by: ngutman <1540134+ngutman@users.noreply.github.com>
Co-authored-by: ngutman <1540134+ngutman@users.noreply.github.com>
Reviewed-by: @ngutman
 2026-03-12 12:39:22 +02:00
Ayaan Zaidi
783a0d540f fix: add zalouser outbound chunker 2026-03-12 15:47:12 +05:30
darkamenosa
a6711afdc2 feat(zalouser): add markdown-to-Zalo text style parsing (#43324) 
* feat(zalouser): add markdown-to-Zalo text style parsing

Parse markdown formatting (bold, italic, strikethrough, headings, lists,
code blocks, blockquotes, custom color/style tags) into Zalo native
TextStyle ranges so outbound messages render with rich formatting.

- Add text-styles.ts with parseZalouserTextStyles() converter
- Wire markdown mode into send pipeline (sendMessageZalouser)
- Export TextStyle enum and Style type from zca-client
- Add textMode/textStyles to ZaloSendOptions
- Pass textStyles through sendZaloTextMessage to zca-js API
- Enable textMode:"markdown" in outbound sendText/sendMedia and monitor
- Add comprehensive tests for parsing, send, and channel integration

* fix(zalouser): harden markdown text parsing

* fix(zalouser): mirror zca-js text style types

* fix(zalouser): support tilde fenced code blocks

* fix(zalouser): handle quoted fenced code blocks

* fix(zalouser): preserve literal quote lines in code fences

* fix(zalouser): support indented quoted fences

* fix(zalouser): preserve quoted markdown blocks

* fix(zalouser): rechunk formatted messages

* fix(zalouser): preserve markdown structure across chunks

* fix(zalouser): honor chunk limits and CRLF fences
 2026-03-12 16:24:15 +07:00
Xaden Ryan
658bd54ecf feat(llm-task): add thinking override 
Co-authored-by: Xaden Ryan <165437834+xadenryan@users.noreply.github.com>
 2026-03-12 19:21:35 +11:00
Vincent Koc
4dfd8eea90 BlueBubbles: require confirmed outbound for self-chat cache 2026-03-12 03:22:57 -04:00
Mathias Nagler
e8a162d3d8 fix(mattermost): prevent duplicate messages when block streaming + threading are active (#41362) 
* fix(mattermost): prevent duplicate messages when block streaming + threading are active

Remove replyToId from createBlockReplyPayloadKey so identical content is
deduplicated regardless of threading target. Add explicit threading dock
to the Mattermost plugin with resolveReplyToMode reading from config
(default "all"), and add replyToMode to the Mattermost config schema.

Fixes #41219

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix(mattermost): address PR review — per-account replyToMode and test clarity

Read replyToMode from the merged per-account config via
resolveMattermostAccount so account-level overrides are honored in
multi-account setups. Add replyToMode to MattermostAccountConfig type.
Rename misleading test to clarify it exercises shouldDropFinalPayloads
short-circuit, not payload key dedup.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* Replies: keep block-pipeline reply targets distinct

* Tests: cover block reply target-aware dedupe

* Update CHANGELOG.md

---------

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
 2026-03-12 03:15:17 -04:00
Vincent Koc
241e8cc553 fix(bluebubbles): dedupe reflected self-chat duplicates (#38442) 
* BlueBubbles: drop reflected self-chat duplicates

* Changelog: add BlueBubbles self-chat echo dedupe entry

* BlueBubbles: gate self-chat cache and expand coverage

* BlueBubbles: require explicit sender ids for self-chat dedupe

* BlueBubbles: harden self-chat cache

* BlueBubbles: move self-chat cache identity into cache

* BlueBubbles: gate self-chat cache to confirmed outbound sends

* Update CHANGELOG.md

* BlueBubbles: bound self-chat cache input work

* Tests: cover BlueBubbles cache cap under cleanup throttle

* BlueBubbles: canonicalize self-chat DM scope

* Tests: cover BlueBubbles mixed self-chat scope aliases
 2026-03-12 03:11:43 -04:00
Peter Steinberger
ce5dd742f8 build: sync versions to 2026.3.11 2026-03-12 04:01:57 +00:00
Peter Steinberger
0e397e62b7 chore: bump version to 2026.3.10 2026-03-11 23:29:53 +00:00
Peter Steinberger
9c81c31232 chore: refresh dependencies except carbon 2026-03-11 20:10:33 +00:00
ademczuk
8618a711ff fix(voice-call): add speed and instructions to OpenAI TTS config schema (#39226) 
Merged via squash.

Prepared head SHA: 775e3063b5
Co-authored-by: ademczuk <5212682+ademczuk@users.noreply.github.com>
Co-authored-by: obviyus <22031114+obviyus@users.noreply.github.com>
Reviewed-by: @obviyus
 2026-03-11 23:15:48 +05:30
Ayaan Zaidi
bf70a333fa fix: clear pnpm prod audit vulnerabilities 2026-03-11 09:33:45 +05:30
Peter Steinberger
f4a4b50cd5 refactor: compile allowlist matchers 2026-03-11 00:07:47 +00:00
Josh Avant
36d2ae2a22 SecretRef: harden custom/provider secret persistence and reuse (#42554) 
* Models: gate custom provider keys by usable secret semantics

* Config: project runtime writes onto source snapshot

* Models: prevent stale apiKey preservation for marker-managed providers

* Runner: strip SecretRef marker headers from resolved models

* Secrets: scan active agent models.json path in audit

* Config: guard runtime-source projection for unrelated configs

* Extensions: fix onboarding type errors in CI

* Tests: align setup helper account-enabled expectation

* Secrets audit: harden models.json file reads

* fix: harden SecretRef custom/provider secret persistence (#42554) (thanks @joshavant)
 2026-03-10 23:55:10 +00:00
Peter Steinberger
201420a7ee fix: harden secret-file readers 2026-03-10 23:40:10 +00:00
Peter Steinberger
bc1cc2e50f refactor: share telegram payload send flow 2026-03-10 22:18:04 +00:00
Peter Steinberger
a455c0cc3d refactor: share passive account lifecycle helpers 2026-03-10 22:18:04 +00:00
Peter Steinberger
50ded5052f refactor: share channel config schema fragments 2026-03-10 22:18:04 +00:00
Peter Steinberger
4a8e039a5f refactor: share channel config security scaffolding 2026-03-10 22:18:04 +00:00
Peter Steinberger
725958c66f refactor: share onboarding secret prompt flows 2026-03-10 22:18:03 +00:00
Peter Steinberger
00170f8e1a refactor: share scoped account config patching 2026-03-10 22:18:03 +00:00
Rodrigo Uroz
ff2e7a2945 fix(acp): strip provider auth env for child ACP processes (openclaw#42250) 
Verified:
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: rodrigouroz <384037+rodrigouroz@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-03-10 16:50:10 -05:00