vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-08 04:30:43 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
674d188153aee9547fa964bf961355b01ad786eb
openclaw/src/security
History
zhang-guiping c1f423f845 fix(secrets): harden Windows ACL fallback and strip BOM (#70662) 
Fail closed when Windows ACL checks cannot be verified for file and exec secret providers unless the provider explicitly opts into allowInsecurePath. Strip UTF-8 BOMs from file-backed secrets and document the trusted-path override.\n\nThanks @zhanggpcsu.
2026-04-23 19:32:15 +01:00
..
audit-channel-account-metadata.test.ts
test(core): guard security audit boundaries
2026-04-20 17:38:20 +01:00
audit-channel-dm-policy.test.ts
perf(test): shorten security audit hotspot tests
2026-04-20 16:22:36 +01:00
audit-channel-readonly-resolution.test.ts
perf(test): shorten security audit hotspot tests
2026-04-20 16:22:36 +01:00
audit-channel-security.test-helpers.ts
perf(test): split audit channel security coverage
2026-04-06 08:18:40 +01:00
audit-channel-source-config-discord.test.ts
test: share channel audit plugin fixtures
2026-04-23 18:29:32 +01:00
audit-channel-source-config-slack.test.ts
test: share channel audit plugin fixtures
2026-04-23 18:29:32 +01:00
audit-channel-test-helpers.ts
test: share channel audit plugin fixtures
2026-04-23 18:29:32 +01:00
audit-channel.collect.runtime.ts
audit-channel.ts
perf(test): shorten security audit hotspot tests
2026-04-20 16:22:36 +01:00
audit-config-basics.test.ts
perf(test): split security audit coverage
2026-04-06 13:05:39 +01:00
audit-config-include-perms.test.ts
perf(test): trim security audit wrapper coverage
2026-04-06 14:13:08 +01:00
audit-config-symlink.test.ts
test: share security audit temp fixtures
2026-04-23 18:29:32 +01:00
audit-deep-code-safety.ts
fix(cycles): bulk extract leaf type surfaces
2026-04-11 13:26:50 +01:00
audit-deep-probe-findings.ts
fix(cycles): reduce remaining static import seams
2026-04-11 02:46:41 +01:00
audit-exec-safe-bins.test.ts
perf(test): split security audit coverage
2026-04-06 13:05:39 +01:00
audit-exec-sandbox-host.test.ts
perf(test): split security audit coverage
2026-04-06 13:05:39 +01:00
audit-exec-surface.test.ts
perf(test): split security audit coverage
2026-04-06 13:05:39 +01:00
audit-extra.async.test.ts
perf(test): mock security code safety scans
2026-04-20 18:06:32 +01:00
audit-extra.async.ts
perf(test): split plugin trust audit seam
2026-04-20 18:25:25 +01:00
audit-extra.summary.ts
perf: defer unconfigured gateway hooks
2026-04-20 19:47:35 +01:00
audit-extra.sync.test.ts
perf: defer unconfigured gateway hooks
2026-04-20 19:47:35 +01:00
audit-extra.sync.ts
fix(cycles): bulk extract leaf type surfaces
2026-04-11 13:26:50 +01:00
audit-filesystem-windows.test.ts
test: share security audit temp fixtures
2026-04-23 18:29:32 +01:00
audit-fs.ts
audit-gateway-auth-selection.test.ts
perf(test): isolate deep probe finding helper
2026-04-06 13:29:35 +01:00
audit-gateway-config.ts
refactor: share core helper logic
2026-04-23 18:09:20 +01:00
audit-gateway-exposure.test.ts
perf(test): isolate gateway audit tests
2026-04-20 18:58:10 +01:00
audit-gateway-http-auth.test.ts
perf(test): split security audit coverage
2026-04-06 13:05:39 +01:00
audit-gateway-tools-http.test.ts
perf(test): isolate gateway audit tests
2026-04-20 18:58:10 +01:00
audit-gateway.test.ts
perf(test): isolate gateway audit tests
2026-04-20 18:58:10 +01:00
audit-hooks-routing.test.ts
perf(test): split security audit coverage
2026-04-06 13:05:39 +01:00
audit-loopback-logging.test.ts
perf(test): split security audit coverage
2026-04-06 13:05:39 +01:00
audit-model-hygiene.test.ts
perf(test): split security audit coverage
2026-04-06 13:05:39 +01:00
audit-node-command-findings.test.ts
fix(check): repair status report typing drift
2026-04-06 13:34:08 +01:00
audit-plugin-code-safety.test.ts
perf(test): trim security audit wrapper coverage
2026-04-06 14:13:08 +01:00
audit-plugin-readonly-scope.test.ts
perf(test): narrow security audit plugin scope test
2026-04-23 07:21:46 +01:00
audit-plugins-trust.test.ts
perf(test): mock audit plugin policy deps
2026-04-20 19:33:43 +01:00
audit-plugins-trust.ts
perf(test): mock plugin trust audit deps
2026-04-20 18:51:05 +01:00
audit-probe-failure.test.ts
perf(test): trim security audit wrapper coverage
2026-04-06 14:13:08 +01:00
audit-sandbox-browser.test.ts
fix(sandbox): enforce CDP source-range restriction by default (#61404)
2026-04-10 14:59:25 -06:00
audit-sandbox-docker-config.test.ts
perf(test): trim security audit wrapper coverage
2026-04-06 14:13:08 +01:00
audit-small-model-risk.test.ts
Tests: trim audit imports and fix reply typing
2026-04-07 13:23:59 +08:00
audit-summary.test.ts
Tests: trim audit imports and fix reply typing
2026-04-07 13:23:59 +08:00
audit-synced-folder.test.ts
perf(test): split security audit coverage
2026-04-06 13:05:39 +01:00
audit-tool-policy.ts
audit-trust-model.test.ts
perf(test): trim security audit wrapper coverage
2026-04-06 14:13:08 +01:00
audit-workspace-skill-escape.test.ts
test: share security audit temp fixtures
2026-04-23 18:29:32 +01:00
audit.deep.runtime.ts
audit.nondeep.runtime.ts
perf(test): split plugin trust audit seam
2026-04-20 18:25:25 +01:00
audit.runtime.ts
audit.test-helpers.ts
perf(test): split remaining security audit coverage
2026-04-06 13:14:52 +01:00
audit.ts
perf(test): narrow security audit plugin scope test
2026-04-23 07:21:46 +01:00
audit.types.ts
fix(cycles): continue shared seam extraction
2026-04-11 02:46:41 +01:00
channel-metadata.ts
config-regex.ts
context-visibility.test.ts
feat: add configurable context visibility
2026-04-03 04:34:57 +09:00
context-visibility.ts
feat: add configurable context visibility
2026-04-03 04:34:57 +09:00
core-dangerous-config-flags.ts
refactor: share core helper logic
2026-04-23 18:09:20 +01:00
dangerous-config-flags.test.ts
fix(gateway): tighten gateway config mutation guard (#69377)
2026-04-20 13:21:20 -06:00
dangerous-config-flags.ts
refactor: share core helper logic
2026-04-23 18:09:20 +01:00
dangerous-tools.ts
refactor: keep plugin login policy out of core
2026-04-22 06:39:48 +01:00
dm-policy-shared.test.ts
test: dedupe security utility suites
2026-03-28 01:38:12 +00:00
dm-policy-shared.ts
fix(cycles): bulk extract leaf type surfaces
2026-04-11 13:26:50 +01:00
external-content-source.ts
perf(cron): lazy-load external content runtime
2026-04-13 18:34:04 +01:00
external-content.test.ts
fix: sanitize LLM special tokens in external content
2026-04-21 20:29:02 +01:00
external-content.ts
fix: sanitize LLM special tokens in external content
2026-04-21 20:29:02 +01:00
fix.test.ts
Security: split permission target collection from apply
2026-04-07 12:59:00 +08:00
fix.ts
fix(cycles): bulk extract leaf type surfaces
2026-04-11 13:26:50 +01:00
safe-regex.test.ts
test: dedupe security utility suites
2026-03-28 01:38:12 +00:00
safe-regex.ts
scan-paths.test.ts
fix(security): 7 P1 hardening fixes — scan-paths, windows-acl, audit-extra (#67003)
2026-04-16 13:40:05 -04:00
scan-paths.ts
fix(security): 7 P1 hardening fixes — scan-paths, windows-acl, audit-extra (#67003)
2026-04-16 13:40:05 -04:00
secret-equal.ts
skill-scanner.test.ts
test: trim skill scanner branch coverage
2026-04-23 18:51:20 +01:00
skill-scanner.ts
chore: apply core lint cleanups
2026-04-23 05:30:49 +01:00
test-temp-cases.ts
test: share security audit temp fixtures
2026-04-23 18:29:32 +01:00
windows-acl.test.ts
fix(secrets): harden Windows ACL fallback and strip BOM (#70662)
2026-04-23 19:32:15 +01:00
windows-acl.ts
fix(secrets): harden Windows ACL fallback and strip BOM (#70662)
2026-04-23 19:32:15 +01:00