vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-06 08:20:43 +00:00
Code Issues Packages Projects Releases Wiki Activity
38,863 Commits 1,843 Branches 149 Tags
fd0ca5987bd5a9d65e7e48d84738d27d2774879a
Commit Graph

38863 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
gavyngong
fd0ca5987b fix(nextcloud-talk): replace manual XOR with crypto.timingSafeEqual and fix length leak (#58097) 
Merged via squash.

Prepared head SHA: 3cb82bce40
Co-authored-by: gavyngong <267269824+gavyngong@users.noreply.github.com>
Co-authored-by: hxy91819 <8814856+hxy91819@users.noreply.github.com>
Reviewed-by: @hxy91819
 2026-05-01 10:26:54 +08:00
Peter Steinberger
206b5f78a2 ci: tighten full release validation 2026-05-01 03:19:49 +01:00
Peter Steinberger
6bc3458222 perf(test): keep commitment runtime tests focused 2026-05-01 03:12:55 +01:00
Hani Koshaji
a853c5e8c2 fix(config-audit): redact CLI argv secrets before persisting to log (#75095) 
Merged via squash.

Prepared head SHA: 3dc54de1a8
Co-authored-by: koshaji <koshaji@users.noreply.github.com>
Co-authored-by: sallyom <11166065+sallyom@users.noreply.github.com>
Reviewed-by: @sallyom
 2026-04-30 22:08:14 -04:00
Peter Steinberger
e7dafaf2af ci: add crabbox hydrate workflow 2026-05-01 03:05:40 +01:00
Peter Steinberger
f110c153c2 ci: configure crabbox actions runner labels 2026-05-01 03:05:40 +01:00
Peter Steinberger
c709b17fef ci: add crabbox yaml config 2026-05-01 03:05:40 +01:00
Vignesh
38da2ac6f8 fix commitments extractor model selection (#75347) 2026-05-01 01:57:21 +00:00
Chunyue Wang
4b98f09529 fix(plugins): canonicalize packageRoot before hashing runtime-deps stage key (#75048) 
Merged via squash.

Prepared head SHA: 324859fc69
Co-authored-by: openperf <80630709+openperf@users.noreply.github.com>
Co-authored-by: openperf <80630709+openperf@users.noreply.github.com>
Reviewed-by: @openperf
 2026-05-01 09:56:13 +08:00
Peter Steinberger
bd20f8e07e fix(discord): harden rate limit retries (#75338) 
* fix(discord): harden rate limit retries

* fix(discord): guard voice upload fetches

* fix(discord): avoid stale rate limit requeues
 2026-05-01 01:49:02 +00:00
Peter Steinberger
3c4851037b perf: skip runtime-deps manifest scans when materialized (#75325) 
* perf: skip runtime-deps manifest scans when materialized

* fix: include manifest deps in runtime fast path

* fix: type runtime deps normalizer helper

* docs: credit runtime deps event-loop fix
 2026-05-01 01:25:46 +00:00
Vignesh
b277ae3f4c [codex] Fix commitments safety and coverage (#75302) 
* fix commitments safety and coverage

* Repair commitments safety PR review blockers

* fix(clawsweeper): address review for automerge-openclaw-openclaw-75302 (1)

* Repair commitments safety PR review blocker

---------

Co-authored-by: clawsweeper-repair <clawsweeper-repair@users.noreply.github.com>
 2026-05-01 01:14:07 +00:00
Val Alexander
a102f4dede fix(gateway): harden artifact RPCs 
Add Gateway artifact RPCs and SDK helpers for list/get/download, with transcript provenance checks, safer download source handling, task/run/session coverage, generated protocol models, docs, and the refreshed generated config schema baseline.

Closes #74706.
Refs #74898, #74769, #74804, #74786.
 2026-04-30 19:35:48 -05:00
clawsweeper[bot]
e47a7448e9 fix(ci): GitHub App active-PR-limit exemption regression (#75311) 
Co-authored-by: openclaw-clawsweeper[bot] <280122609+openclaw-clawsweeper[bot]@users.noreply.github.com>
 2026-04-30 17:10:20 -07:00
Peter Steinberger
1ad50a36ac chore(release): forward-port 2026.4.29 fixes and bump 2026.4.30 2026-05-01 01:06:13 +01:00
Peter Steinberger
52bf20b07d fix(ci): escape stale update import regex 2026-05-01 00:50:15 +01:00
Peter Steinberger
1e87f6bf70 fix(qa-lab): preserve gateway log offset order 2026-05-01 00:44:17 +01:00
Peter Steinberger
48794b9f88 test(parallels): recover stale windows update swap 2026-05-01 00:43:04 +01:00
Peter Steinberger
c0058fda2f test: add published upgrade survivor lane (#75221) 
* test: add published upgrade survivor lane

* test: keep published upgrade exit chunk
 2026-04-30 23:39:50 +00:00
Peter Steinberger
919a68c64d test(parallels): retry stale post-update cli imports 2026-05-01 00:37:12 +01:00
Shadow
ef799fd57a ci: exclude app PRs from active limit 2026-04-30 18:34:41 -05:00
Peter Steinberger
5a3b75de33 test(parallels): retry post-update cli readiness 2026-05-01 00:17:27 +01:00
Peter Steinberger
c67629fe0c docs: surface Codex harness quick config 2026-05-01 00:05:24 +01:00
Vincent Koc
148a34679f Update SECURITY.md 2026-04-30 16:04:53 -07:00
Peter Steinberger
359d871293 test(parallels): allow mac update script fallback user 2026-04-30 23:38:02 +01:00
Vincent Koc
e311ffdcb9 fix(plugins): stop runtime deps reinstall loops 2026-04-30 15:28:52 -07:00
Vincent Koc
f5e5256632 docs(changelog): credit TTS provider fallback report 2026-04-30 15:26:42 -07:00
Peter Steinberger
af5a1fbddb test(parallels): harden npm update smoke transport 2026-04-30 23:16:41 +01:00
Peter Steinberger
231e5c618f ci(release): allow public mac validation from main 2026-04-30 22:53:39 +01:00
Peter Steinberger
f48f31aac9 chore(release): update appcast for 2026.4.29 2026-04-30 22:50:16 +01:00
Vincent Koc
1d74ecd71f fix(plugins): restore disabled TTS provider fallback 2026-04-30 14:35:00 -07:00
Alex Knight
aa9db998f7 fix(gateway): show config recovery validation details (#75081) 
* fix(gateway): show config recovery validation details

* fix(cli): let gateway recovery run before proxy bootstrap
 2026-05-01 07:14:33 +10:00
Vincent Koc
4429ee7d2e docs(security): clarify disclosure policy 2026-04-30 13:41:51 -07:00
Peter Steinberger
90419df663 [codex] Make external CLI credential discovery explicit (#75209) 
* refactor(auth): make external CLI discovery explicit

* test(auth): update external cli discovery mocks

* test(auth): cover scoped external cli auth mocks

* [codex] Make external CLI credential discovery explicit

---------

Co-authored-by: clawsweeper-repair <clawsweeper-repair@users.noreply.github.com>
 2026-04-30 20:32:55 +00:00
Peter Steinberger
bb3a0c9545 fix: quiet Discord slash command deploy rate limits 2026-04-30 21:12:53 +01:00
pashpashpash
027ea5f08b Isolate Codex app-server state per agent (#74556) 
* fix(codex): isolate app-server home per agent

* fix(codex): isolate native Codex assets per agent

* fix(channels): mark inbound system events untrusted

* fix(doctor): warn on personal Codex agent skills

* test(doctor): cover personal Codex agent skills warning

* fix(codex): forward auth profiles to harness runs

* fix(codex): preserve auto auth for harness runs

* fix(codex): auto-select harness auth profiles

* test(codex): type harness auth mock

* feat(codex): select migrated skills

* fix(codex): satisfy migration selection lint

* docs: add codex isolation changelog
 2026-05-01 04:49:02 +09:00
Peter Steinberger
7d77680d9f fix(gateway): keep native approvals off stale pairing baselines (#74472) 
* fix(gateway): keep native approvals off stale pairing baselines

* fix(gateway): keep native approvals off stale pairing baselines

* docs: defer maintainer-only changelog credit

* docs: keep gateway approval changelog entry

---------

Co-authored-by: clawsweeper-repair <clawsweeper-repair@users.noreply.github.com>
 2026-04-30 19:45:51 +00:00
Peter Steinberger
581fbea1d6 fix(auth): scope external CLI credential discovery 2026-04-30 19:38:18 +01:00
Peter Steinberger
54e6e3d7da fix(codex): time out silent app-server turns 2026-04-30 19:22:33 +01:00
Peter Steinberger
126dcb0d9e docs: update plugin sdk api baseline hash 2026-04-30 19:06:33 +01:00
Peter Steinberger
f98068dac2 docs: update config baseline hash 2026-04-30 19:06:33 +01:00
Peter Steinberger
7beebc9afc test: add upgrade survivor package lane 2026-04-30 19:06:33 +01:00
Peter Steinberger
7969f1f07c docs(release): clarify unpublished beta tag reuse 2026-04-30 18:21:14 +01:00
keshavbotagent
388019f5b6 fix: preserve OpenAI Codex OAuth transport (#75111) 
Preserve the existing wrapped OpenAI Codex stream so PI OAuth bearer injection reaches ChatGPT/Codex Responses, and scope native Codex payload sanitization to the ChatGPT backend.\n\nThanks @keshavbotagent.
 2026-04-30 18:00:12 +01:00
Logan Ye
adc20fed0d fix: guard blank prompt submissions (#74168) 
Fixes #74137.\n\nThanks @yelog.
 2026-04-30 16:48:46 +01:00
Peter Steinberger
46888f5afb test(gateway): align lock conflict success expectation 2026-04-30 16:39:12 +01:00
Peter Steinberger
1a2228d291 fix: align tool-result guard budget 2026-04-30 16:36:55 +01:00
NVIDIAN
797d574dfd fix(deepseek): expose V4 max thinking levels (#73008) 
Merged via squash.

Prepared head SHA: ef561a59de
Co-authored-by: ai-hpc <183861985+ai-hpc@users.noreply.github.com>
Co-authored-by: hxy91819 <8814856+hxy91819@users.noreply.github.com>
Reviewed-by: @hxy91819
 2026-04-30 23:34:05 +08:00
konanok
0eb8f34000 refactor(usage): add precise token buckets for Usage Mosaic (#74337) 
Merged via squash.

Prepared head SHA: 15185354c4
Co-authored-by: konanok <30515586+konanok@users.noreply.github.com>
Co-authored-by: hxy91819 <8814856+hxy91819@users.noreply.github.com>
Reviewed-by: @hxy91819
 2026-04-30 23:32:34 +08:00
Peter Steinberger
9289a502bb fix(gateway): stop systemd EADDRINUSE restart loops 2026-04-30 16:30:56 +01:00