vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-07 02:20:43 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
9040cda408bfc1f3141541a2593154ff2b5ea0e3
openclaw/extensions
History
Sanjay Santhanam 9040cda408 fix(codex): exclude codex-app-server synthetic apiKey from secrets audit (#69581) 
* fix(codex): exclude codex-app-server synthetic apiKey from secrets audit

The Codex extension uses the literal string "codex-app-server" as a
hardcoded placeholder apiKey in provider.ts, since the real
authentication is managed by the app-server transport itself.

The secrets audit currently reports this as a real plaintext leak
(PLAINTEXT_FOUND), producing a false positive for any user who has
configured the Codex harness.

Declare it as a plugin-owned non-secret marker in the Codex plugin
manifest, so it flows through the standard
`listKnownNonSecretApiKeyMarkers()` path alongside `ollama-local`,
`lmstudio-local`, `gcp-vertex-credentials`, and `minimax-oauth`.

Also extends the existing `model auth markers` unit tests to lock
in the behavior.

Fixes #69511

* ci: retrigger checks (no-op)

(cherry picked from commit 081da17090)
2026-04-21 16:39:35 +01:00
..
acpx
fix: stage ACP and Codex runtime deps
2026-04-21 08:47:24 +01:00
active-memory
fix: gate max thinking by model support
2026-04-21 07:02:43 +01:00
alibaba
chore: release 2026.4.20
2026-04-20 13:16:40 +01:00
amazon-bedrock
fix: hide adaptive think option for GPT models
2026-04-21 06:19:29 +01:00
amazon-bedrock-mantle
chore: release 2026.4.20
2026-04-20 13:16:40 +01:00
anthropic
fix(anthropic): scope api default normalization
2026-04-21 07:48:21 +01:00
anthropic-vertex
refactor: share anthropic vertex provider helpers
2026-04-20 22:05:39 +01:00
arcee
test: share provider catalog fixtures
2026-04-21 00:32:42 +01:00
bluebubbles
bluebubbles: forward per-group systemPrompt into GroupSystemPrompt (#69198)
2026-04-20 20:01:03 -07:00
brave
build(deps): declare extension runtime dependencies
2026-04-20 16:07:14 +01:00
browser
fix(browser): clarify DevToolsActivePort attach failures
2026-04-21 08:11:41 +01:00
byteplus
chore: release 2026.4.20
2026-04-20 13:16:40 +01:00
chutes
chore: release 2026.4.20
2026-04-20 13:16:40 +01:00
cloudflare-ai-gateway
test(extensions): move provider contracts to owners
2026-04-20 20:55:39 +01:00
codex
fix(codex): exclude codex-app-server synthetic apiKey from secrets audit (#69581)
2026-04-21 16:39:35 +01:00
comfy
refactor: share ssrf policy merging
2026-04-21 00:54:08 +01:00
copilot-proxy
chore: release 2026.4.20
2026-04-20 13:16:40 +01:00
deepgram
chore: release 2026.4.20
2026-04-20 13:16:40 +01:00
deepseek
test: share provider catalog fixtures
2026-04-21 00:32:42 +01:00
device-pair
perf: avoid sort-for-single selection
2026-04-20 23:20:31 +01:00
diagnostics-otel
build: update dependencies
2026-04-20 13:18:32 +01:00
diffs
refactor: share plugin config issue formatting
2026-04-20 23:34:19 +01:00
discord
fix: lazy-load discord carbon runtime for npm install
2026-04-21 15:20:56 +01:00
duckduckgo
refactor: share duckduckgo web search provider base
2026-04-20 22:05:39 +01:00
elevenlabs
test: share streaming error response helper
2026-04-21 00:32:42 +01:00
exa
fix(web-search): restore SecretRef runtime compatibility for bundled providers (#68424)
2026-04-21 02:34:24 +01:00
fal
refactor: share ssrf policy merging
2026-04-21 00:54:08 +01:00
feishu
test(ci): reduce channel contract import cost
2026-04-21 00:40:07 +01:00
firecrawl
fix(web-search): restore SecretRef runtime compatibility for bundled providers (#68424)
2026-04-21 02:34:24 +01:00
fireworks
test: share provider catalog fixtures
2026-04-21 00:32:42 +01:00
github-copilot
test(extensions): move provider contracts to owners
2026-04-20 20:55:39 +01:00
google
fix(web-search): restore SecretRef runtime compatibility for bundled providers (#68424)
2026-04-21 02:34:24 +01:00
googlechat
test(ci): reduce channel contract import cost
2026-04-21 00:40:07 +01:00
groq
chore: release 2026.4.20
2026-04-20 13:16:40 +01:00
huggingface
chore: release 2026.4.20
2026-04-20 13:16:40 +01:00
image-generation-core
chore: release 2026.4.20
2026-04-20 13:16:40 +01:00
imessage
test(ci): reduce channel contract import cost
2026-04-21 00:40:07 +01:00
irc
test(extensions): move remaining channel schema tests
2026-04-20 21:54:49 +01:00
kilocode
chore: release 2026.4.20
2026-04-20 13:16:40 +01:00
kimi-coding
fix: gate max thinking by model support
2026-04-21 07:02:43 +01:00
line
test(ci): reduce channel contract import cost
2026-04-21 00:40:07 +01:00
litellm
chore: release 2026.4.20
2026-04-20 13:16:40 +01:00
llm-task
fix: gate max thinking by model support
2026-04-21 07:02:43 +01:00
lmstudio
refactor: share ssrf base url policy
2026-04-20 23:15:58 +01:00
lobster
fix: support Lobster approvalId TaskFlow resumes (#69559)
2026-04-21 05:32:13 +01:00
matrix
refactor: share timeout abort helper with matrix
2026-04-20 23:34:19 +01:00
mattermost
test(extensions): move registry channel contracts
2026-04-20 20:55:39 +01:00
media-understanding-core
chore: release 2026.4.20
2026-04-20 13:16:40 +01:00
memory-core
fix: stabilize memory dreaming QA
2026-04-21 03:12:42 +01:00
memory-lancedb
test(extensions): fix shared test helper contracts
2026-04-20 21:56:17 +01:00
memory-wiki
refactor: share plugin config issue formatting
2026-04-20 23:34:19 +01:00
microsoft
test: share debug proxy reset helper
2026-04-21 00:24:18 +01:00
microsoft-foundry
chore: release 2026.4.20
2026-04-20 13:16:40 +01:00
minimax
test: share minimax image fixtures
2026-04-20 21:33:44 +01:00
mistral
fix: gate max thinking by model support
2026-04-21 07:02:43 +01:00
moonshot
feat: add tiered model pricing support (#67605)
2026-04-21 03:02:57 +01:00
msteams
refactor: share oauth callback flow
2026-04-21 01:07:09 +01:00
nextcloud-talk
test(ci): reduce channel contract import cost
2026-04-21 00:40:07 +01:00
nostr
test(ci): reduce channel contract import cost
2026-04-21 00:40:07 +01:00
nvidia
chore: release 2026.4.20
2026-04-20 13:16:40 +01:00
ollama
fix: gate max thinking by model support
2026-04-21 07:02:43 +01:00
open-prose
chore: release 2026.4.20
2026-04-20 13:16:40 +01:00
openai
fix(openai-codex): normalize legacy copilot transport
2026-04-21 08:03:31 +01:00
opencode
chore: release 2026.4.20
2026-04-20 13:16:40 +01:00
opencode-go
chore: release 2026.4.20
2026-04-20 13:16:40 +01:00
openrouter
test(extensions): move provider contracts to owners
2026-04-20 20:55:39 +01:00
openshell
refactor: share plugin config issue formatting
2026-04-20 23:34:19 +01:00
perplexity
fix(web-search): restore SecretRef runtime compatibility for bundled providers (#68424)
2026-04-21 02:34:24 +01:00
phone-control
test(plugins): fix sync register call sites
2026-04-17 10:14:00 +05:30
qa-channel
test(ci): reduce channel contract import cost
2026-04-21 00:40:07 +01:00
qa-lab
test: filter live qa scenario lanes
2026-04-21 12:43:30 +01:00
qa-matrix
refactor: share matrix qa event matcher
2026-04-20 21:03:13 +01:00
qianfan
test: add Kimi and Qianfan extension coverage
2026-04-21 02:41:26 +01:00
qqbot
fix(qqbot): add SSRF guard to direct-upload URL paths in uploadC2CMedia and uploadGroupMedia [AI-assisted] (#69595)
2026-04-21 10:35:17 +05:30
qwen
test(extensions): move provider contracts to owners
2026-04-20 20:55:39 +01:00
runway
chore: release 2026.4.20
2026-04-20 13:16:40 +01:00
searxng
chore: release 2026.4.20
2026-04-20 13:16:40 +01:00
sglang
test(extensions): move provider contracts to owners
2026-04-20 20:55:39 +01:00
shared
test: trim whatsapp channel test barrels
2026-04-03 16:39:47 +01:00
signal
perf(channels): narrow slow bundled channel entry imports
2026-04-20 22:34:11 +01:00
slack
refactor: share channel doctor alias normalization
2026-04-20 23:34:19 +01:00
speech-core
test: share speech tts payload fixture
2026-04-20 17:11:33 +01:00
stepfun
chore: release 2026.4.20
2026-04-20 13:16:40 +01:00
synology-chat
test(ci): reduce channel contract import cost
2026-04-21 00:40:07 +01:00
synthetic
chore: release 2026.4.20
2026-04-20 13:16:40 +01:00
talk-voice
test(plugins): fix sync register call sites
2026-04-17 10:14:00 +05:30
tavily
fix(web-search): restore SecretRef runtime compatibility for bundled providers (#68424)
2026-04-21 02:34:24 +01:00
telegram
fix: add silent reply policy by conversation type (#68644)
2026-04-21 05:17:55 +01:00
test-support
test: share provider catalog fixtures
2026-04-21 00:32:42 +01:00
thread-ownership
test(plugins): fix sync register call sites
2026-04-17 10:14:00 +05:30
tlon
test(ci): reduce channel contract import cost
2026-04-21 00:40:07 +01:00
together
refactor: share provider polling helper
2026-04-20 23:04:10 +01:00
twitch
test(ci): reduce channel contract import cost
2026-04-21 00:40:07 +01:00
venice
test(extensions): move provider contracts to owners
2026-04-20 20:55:39 +01:00
vercel-ai-gateway
chore: release 2026.4.20
2026-04-20 13:16:40 +01:00
video-generation-core
chore: release 2026.4.20
2026-04-20 13:16:40 +01:00
vllm
test(extensions): move provider contracts to owners
2026-04-20 20:55:39 +01:00
voice-call
test: share voice call notify fixtures
2026-04-20 17:05:16 +01:00
volcengine
chore: release 2026.4.20
2026-04-20 13:16:40 +01:00
voyage
chore: release 2026.4.20
2026-04-20 13:16:40 +01:00
vydra
test: share vydra provider fixtures
2026-04-20 16:34:48 +01:00
webhooks
chore: release 2026.4.20
2026-04-20 13:16:40 +01:00
whatsapp
test: decouple outbound tests from bundled plugins
2026-04-20 22:44:38 +01:00
xai
fix(web-search): restore SecretRef runtime compatibility for bundled providers (#68424)
2026-04-21 02:34:24 +01:00
xiaomi
chore: release 2026.4.20
2026-04-20 13:16:40 +01:00
zai
test(extensions): move provider contracts to owners
2026-04-20 20:55:39 +01:00
zalo
test(ci): reduce channel contract import cost
2026-04-21 00:40:07 +01:00
zalouser
test(extensions): split outbound payload contracts
2026-04-20 19:37:20 +01:00
.npmignore
AGENTS.md
Docs: add test performance guardrails
2026-04-17 02:23:49 -04:00
CLAUDE.md
music-generation-providers.live.test.ts
test(extensions): keep generation helper out of discovery
2026-04-20 22:09:16 +01:00
tsconfig.package-boundary.base.json
refactor(cli): normalize route boundaries
2026-04-06 15:38:04 +01:00
tsconfig.package-boundary.paths.json
fix(ci): sync package boundary paths config
2026-04-09 23:59:00 +01:00
video-generation-providers.live.test.ts
test(extensions): keep generation helper out of discovery
2026-04-20 22:09:16 +01:00