mirror of
https://github.com/openclaw/openclaw.git
synced 2026-07-16 13:51:37 +00:00
* fix(copilot): redact OAuth error response body in fetchJson error messages Replace raw response body text with bounded, redacted structured error detail extracted via extractProviderErrorDetail so OAuth error responses containing tokens, device codes, or other sensitive fields are not leaked into Error messages and downstream logs. * test(copilot): add device-code and non-JSON error body redaction cases Add regression tests covering the device code flow and non-JSON error bodies alongside the existing token refresh coverage. Also include live proof output showing real Response object redaction via extractProviderErrorDetail. Ref: #102953 * fix(copilot): normalize OAuth HTTP failures --------- Co-authored-by: Peter Steinberger <steipete@gmail.com>