github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-12 04:33:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

refactor(security): unify secure id paths and guard weak patterns

Browse Source
This commit is contained in:
Peter Steinberger
2026-02-22 10:14:55 +01:00
parent ae8d4a8eec
commit 6c2e999776
12 changed files with 167 additions and 54 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/agents/pi-embedded-runner/run.ts
View File

@@ -1,5 +1,6 @@
import fs from "node:fs/promises";
import type { ThinkLevel } from "../../auto-reply/thinking.js";
import { generateSecureToken } from "../../infra/secure-random.js";
import { getGlobalHookRunner } from "../../plugins/hook-runner-global.js";
import type { PluginHookBeforeAgentStartResult } from "../../plugins/types.js";
import { enqueueCommandInLane } from "../../process/command-queue.js";
@@ -100,7 +101,7 @@ const createUsageAccumulator = (): UsageAccumulator => ({
});
function createCompactionDiagId(): string {
return `ovf-${Date.now().toString(36)}-${Math.random().toString(36).slice(2, 8)}`;
return `ovf-${Date.now().toString(36)}-${generateSecureToken(4)}`;
}
// Defensive guard for the outer run loop across all retry branches.