centersl/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-03-27 09:21:35 +07:00
Code Issues Packages Projects Releases Wiki Activity
22,233 Commits 838 Branches 87 Tags
a92fbf7d40aa8a2ebf05c700207fc8ce1b792df4
Commit Graph

22233 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Peter Steinberger
a92fbf7d40 test: dedupe remaining agent test seams 2026-03-26 16:14:45 +00:00
Peter Steinberger
880b2fb7fd perf: enable local channel planner parallelism on node 25 2026-03-26 16:06:09 +00:00
Peter Steinberger
bac603a63e test: share subagent and policy test fixtures 2026-03-26 16:04:34 +00:00
Tak Hoffman
22520a2058 fix: preserve reset spawn context 2026-03-26 10:57:42 -05:00
Tak Hoffman
8c6be29454 fix: preserve reset elevated level 2026-03-26 10:51:01 -05:00
Tak Hoffman
b04ec4bada ci: make docker release tag-driven 2026-03-26 10:47:01 -05:00
Peter Steinberger
4ed5895637 test: dedupe config compatibility fixtures 2026-03-26 15:45:14 +00:00
Tak Hoffman
6bdf5e5634 fix: preserve reset spawn depth 2026-03-26 10:42:12 -05:00
Peter Steinberger
c4048aea41 test: share msteams monitor and pi runner fixtures 2026-03-26 15:40:51 +00:00
Peter Steinberger
339cc33cf8 perf: speed up channel test runs 2026-03-26 15:40:01 +00:00
Tak Hoffman
06b4a0a1f2 test: improve test runner help text (#55227) 
* test: improve test runner help text

* test: print extension help to stdout

* test: leave extension help passthrough alone

* test: parse timing update flags in one pass
 2026-03-26 10:34:14 -05:00
Tak Hoffman
471da49c59 fix: preserve reset ownership metadata 2026-03-26 10:32:09 -05:00
Jacob Tomlinson
0b4d073374 synology-chat: throttle webhook token guesses (#55141) 
* synology-chat: throttle webhook token guesses

* synology-chat: keep valid webhook traffic within configured limits

* docs: refresh generated config baseline

* synology-chat: enforce lockout after repeated token failures
 2026-03-26 15:30:06 +00:00
Peter Steinberger
9bc3d33b53 test: dedupe web search provider fixtures 2026-03-26 15:26:11 +00:00
Tak Hoffman
df04ca7da3 fix: preserve metadata on voice session touches 2026-03-26 10:25:18 -05:00
Peter Steinberger
65a1afb9df test: share redact and approval fixtures 2026-03-26 15:23:12 +00:00
Peter Steinberger
5e78232bc5 test: share pi compaction fixtures 2026-03-26 15:19:32 +00:00
Tak Hoffman
d69ff3c022 fix(whatsapp): unwrap quoted wrapper messages 2026-03-26 10:16:33 -05:00
Peter Steinberger
f56a25a596 test: dedupe foundry auth fixtures 2026-03-26 15:14:03 +00:00
Peter Steinberger
a4a00aa1da feat: pluginize cli inference backends 2026-03-26 15:11:15 +00:00
Tak Hoffman
24dd7aec90 fix: prefer freshest duplicate store matches 2026-03-26 10:10:05 -05:00
Peter Steinberger
5f9f08394a refactor: share matrix and telegram dedupe helpers 2026-03-26 15:08:45 +00:00
Ayaan Zaidi
4b1c37a152 fix: avoid duplicate ACP Telegram finals (#55173) 
* fix: avoid duplicate final ACP text on telegram

* fix: keep ACP final fallback for non-telegram blocks

* fix: count telegram ACP block replies as success

* fix: recover ACP final fallback after block failures

* fix: settle telegram ACP block delivery before fallback

* test: isolate ACP dispatch mocks under shared workers

* fix: prefer telegram provider for ACP visibility
 2026-03-26 20:37:21 +05:30
Peter Steinberger
2ed11a375a refactor: share web media loader 2026-03-26 14:55:32 +00:00
Jacob Tomlinson
5e08ce36d5 fix(bluebubbles): throttle webhook auth guesses (#55133) 
* fix(bluebubbles): throttle webhook auth guesses

* test(bluebubbles): isolate attachment ssrf config

* test(bluebubbles): hoist attachment mocks

* docs: refresh bluebubbles config baseline

* fix(bluebubbles): trust proxied webhook client IPs

* fix(bluebubbles): honor trusted proxy webhook IPs

* fix(bluebubbles): honor real-ip fallback for webhooks
 2026-03-26 14:54:03 +00:00
Peter Steinberger
5c3e018492 refactor: dedupe msteams graph actions 2026-03-26 14:45:53 +00:00
Tak Hoffman
a4e5b23dc3 docs: update PR template review guidance 2026-03-26 09:36:36 -05:00
Tak Hoffman
9f0305420a docs: add beta blocker contributor guidance (#55199) 
* docs: add beta blocker contributor guidance

* fix: tighten beta blocker labeling and flaky config test
 2026-03-26 09:31:59 -05:00
Tak Hoffman
e403899cc1 test: fix portable stderr capture and env leakage (#55184) 2026-03-26 09:31:08 -05:00
Tak Hoffman
dd46c3d75b test(memory): initialize providers in lazy manager tests 2026-03-26 09:29:07 -05:00
Tyler Yust
2513a8d852 fix(bluebubbles): refactor sendMessageBlueBubbles to use resolveBlueBubblesServerAccount and enhance private network handling in tests 2026-03-26 07:21:48 -07:00
Jacob Tomlinson
81c45976db Feishu: reject legacy raw card command payloads (#55130) 
* Feishu: reject legacy raw card callbacks

* Feishu: cover legacy text card payloads

* Docs: refresh config baseline

* CI: refresh PR checks

* Feishu: limit legacy card guard scope
 2026-03-26 14:17:45 +00:00
Jacob Tomlinson
11ea1f6786 Google Chat: require stable group ids (#55131) 
* Google Chat: require stable group ids

* Google Chat: fail closed on deprecated room keys
 2026-03-26 14:15:51 +00:00
Jacob Tomlinson
464e2c10a5 ACP: sanitize terminal tool titles (#55137) 
* ACP: sanitize terminal tool titles

Co-authored-by: nexrin <268879349+nexrin@users.noreply.github.com>

* Config: refresh config baseline and stabilize restart pid test

---------

Co-authored-by: nexrin <268879349+nexrin@users.noreply.github.com>
 2026-03-26 14:12:24 +00:00
Peter Steinberger
883239a560 build: prepare 2026.3.25 unreleased 2026-03-26 13:57:45 +00:00
Shakker
e3660f265c docs: sync config baseline 2026-03-26 13:35:48 +00:00
Tak Hoffman
cc7f18d6c2 fix: replace stale canonical duplicate rows 2026-03-26 08:03:24 -05:00
Tak Hoffman
fde3871ee7 fix: prefer freshest duplicate row promotion 2026-03-26 07:54:43 -05:00
Tyler Yust
cc077ef1ef fix(bluebubbles): enable group participant enrichment by default, add fallback fetch and handle field aliases 2026-03-26 05:45:41 -07:00
Tak Hoffman
68c6abe32b docs: add beta release testing guidance 2026-03-26 07:34:08 -05:00
Tak Hoffman
b529d13477 test: fix bluebubbles attachment ssrf expectations 2026-03-26 07:25:14 -05:00
Saurabh Mishra
6fbe9dd935 fix: surface provider-specific rate limit error message (#54433) (#54512) 
Merged via squash.

Prepared head SHA: 755cff833c
Co-authored-by: bugkill3r <2924124+bugkill3r@users.noreply.github.com>
Co-authored-by: altaywtf <9790196+altaywtf@users.noreply.github.com>
Reviewed-by: @altaywtf
 2026-03-26 15:16:06 +03:00
Jacob Tomlinson
2383daf5c4 Matrix: gate verification notices on DM access (#55122) 2026-03-26 11:59:20 +00:00
Tyler Yust
e43600c9e5 fix(bluebubbles): auto-allow private network for local serverUrl and add allowPrivateNetwork to channel schema 2026-03-26 04:55:46 -07:00
Jacob Tomlinson
c5415a474b fix(msteams): align feedback invoke authorization (#55108) 
* msteams: align feedback invoke authorization

* msteams: fix feedback allowlist regressions

* msteams: tighten feedback group authorization
 2026-03-26 11:51:43 +00:00
Jacob Tomlinson
269282ac69 Telegram: enforce DM auth for callbacks (#55112) 2026-03-26 11:42:27 +00:00
Jacob Tomlinson
d9810811b6 fix(agents): enforce session_status guard after sessionId resolution (#55105) 
* fix(agents): enforce visibility guard after sessionId resolution in session_status

When a sessionId (rather than an explicit agent key) is passed to the
session_status tool, the sessionId resolution block rewrites
requestedKeyRaw to an explicit "agent:..." key.  The subsequent
visibility guard check at line 375 tested
`!requestedKeyRaw.startsWith("agent:")`, which was now always false
after resolution — skipping the visibility check entirely.

This meant a sandboxed agent could bypass visibility restrictions by
providing a sessionId instead of an explicit session key.

Fix: use the original `isExplicitAgentKey` flag (captured before
resolution) instead of re-checking the dynamic requestedKeyRaw.
This ensures the visibility guard runs for sessionId inputs while
still skipping the redundant check for inputs that were already
validated at the earlier explicit-key check (lines 281-286).

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* test: cover session status sessionId guard

* test: align parent sessionId guard coverage

---------

Co-authored-by: Kevin Sheng <shenghuikevin@github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-26 11:34:22 +00:00
Jacob Tomlinson
5e8cb22176 Feishu: validate webhook signatures before parsing (#55083) 
* Feishu: validate webhook signatures before parsing

* Scripts: allow Feishu raw body guard callsite
 2026-03-26 10:29:22 +00:00
Nimrod Gutman
a3b85e1583 fix(discord): force fresh gateway reconnects (#54697) 
* fix(discord): force fresh gateway reconnects

* fix(discord): harden forced reconnect teardown

* fix(discord): retry after socket drain timeouts

* fix(discord): guard forced socket teardown

* fix(discord): stop cleanly during reconnect drain
 2026-03-26 12:05:00 +02:00
Altay
8564480f3e chore: add lockfile entry for extensions/microsoft-foundry 2026-03-26 12:50:33 +03:00