mirror of
https://github.com/openclaw/openclaw.git
synced 2026-04-18 20:51:10 +00:00
42e3d8d693
* Secrets: add inline allowlist review set * Secrets: narrow detect-secrets file exclusions * Secrets: exclude Docker fingerprint false positive * Secrets: allowlist test and docs false positives * Secrets: refresh baseline after allowlist updates * Secrets: fix gateway chat fixture pragma * Secrets: format pre-commit config * Android: keep talk mode fixture JSON valid * Feishu: rely on client timeout injection * Secrets: allowlist provider auth test fixtures * Secrets: allowlist onboard search fixtures * Secrets: allowlist onboard mode fixture * Secrets: allowlist gateway auth mode fixture * Secrets: allowlist APNS wake test key * Secrets: allowlist gateway reload fixtures * Secrets: allowlist moonshot video fixture * Secrets: allowlist auto audio fixture * Secrets: allowlist tiny audio fixture * Secrets: allowlist embeddings fixtures * Secrets: allowlist resolve fixtures * Secrets: allowlist target registry pattern fixtures * Secrets: allowlist gateway chat env fixture * Secrets: refresh baseline after fixture allowlists * Secrets: reapply gateway chat env allowlist * Secrets: reapply gateway chat env allowlist * Secrets: stabilize gateway chat env allowlist * Secrets: allowlist runtime snapshot save fixture * Secrets: allowlist oauth profile fixtures * Secrets: allowlist compaction identifier fixture * Secrets: allowlist model auth fixture * Secrets: allowlist model status fixtures * Secrets: allowlist custom onboarding fixture * Secrets: allowlist mattermost token summary fixtures * Secrets: allowlist gateway auth suite fixtures * Secrets: allowlist channel summary fixture * Secrets: allowlist provider usage auth fixtures * Secrets: allowlist media proxy fixture * Secrets: allowlist secrets audit fixtures * Secrets: refresh baseline after final fixture allowlists * Feishu: prefer explicit client timeout * Feishu: test direct timeout precedence
43 lines
1.3 KiB
TypeScript
43 lines
1.3 KiB
TypeScript
export type SecretTargetConfigFile = "openclaw.json" | "auth-profiles.json"; // pragma: allowlist secret
|
|
export type SecretTargetShape = "secret_input" | "sibling_ref"; // pragma: allowlist secret
|
|
export type SecretTargetExpected = "string" | "string-or-object"; // pragma: allowlist secret
|
|
export type AuthProfileType = "api_key" | "token";
|
|
|
|
export type SecretTargetRegistryEntry = {
|
|
id: string;
|
|
targetType: string;
|
|
targetTypeAliases?: string[];
|
|
configFile: SecretTargetConfigFile;
|
|
pathPattern: string;
|
|
refPathPattern?: string;
|
|
secretShape: SecretTargetShape;
|
|
expectedResolvedValue: SecretTargetExpected;
|
|
includeInPlan: boolean;
|
|
includeInConfigure: boolean;
|
|
includeInAudit: boolean;
|
|
providerIdPathSegmentIndex?: number;
|
|
accountIdPathSegmentIndex?: number;
|
|
authProfileType?: AuthProfileType;
|
|
trackProviderShadowing?: boolean;
|
|
};
|
|
|
|
export type ResolvedPlanTarget = {
|
|
entry: SecretTargetRegistryEntry;
|
|
pathSegments: string[];
|
|
refPathSegments?: string[];
|
|
providerId?: string;
|
|
accountId?: string;
|
|
};
|
|
|
|
export type DiscoveredConfigSecretTarget = {
|
|
entry: SecretTargetRegistryEntry;
|
|
path: string;
|
|
pathSegments: string[];
|
|
refPath?: string;
|
|
refPathSegments?: string[];
|
|
value: unknown;
|
|
refValue?: unknown;
|
|
providerId?: string;
|
|
accountId?: string;
|
|
};
|