github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-08 10:21:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

refactor(security): centralize host env policy and harden env ingestion

Browse Source
This commit is contained in:
Peter Steinberger
2026-02-21 13:04:34 +01:00
parent 08e020881d
commit f202e73077
10 changed files with 201 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/commands/daemon-install-helpers.ts
View File

@@ -1,5 +1,5 @@
import { formatCliCommand } from "../cli/command-format.js";
import { collectConfigEnvVars } from "../config/env-vars.js";
import { collectConfigServiceEnvVars } from "../config/env-vars.js";
import type { OpenClawConfig } from "../config/types.js";
import { resolveGatewayLaunchAgentLabel } from "../daemon/constants.js";
import { resolveGatewayProgramArguments } from "../daemon/program-args.js";
@@ -67,7 +67,7 @@ export async function buildGatewayInstallPlan(params: {
// Merge config env vars into the service environment (vars + inline env keys).
// Config env vars are added first so service-specific vars take precedence.
const environment: Record<string, string | undefined> = {
...collectConfigEnvVars(params.config),
...collectConfigServiceEnvVars(params.config),
};
Object.assign(environment, serviceEnvironment);