github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-04-18 15:27:26 +00:00
Code Issues Packages Projects Releases Wiki Activity
14,323 Commits 702 Branches 79 Tags
30c622554f413131baf570a2dd3d955a25f71d6e
Commit Graph

9085 Commits

Author SHA1 Message Date
Vincent Koc
30c622554f Providers: disable developer role for DashScope-compatible endpoints (#24675) 
* Agents: disable developer role for DashScope-compatible endpoints

* Agents: test DashScope developer-role compatibility

* Gateway: test allowlisted sessions.patch model selection

* Changelog: add DashScope role-compat fix note
 2026-02-23 19:51:16 -05:00
Peter Steinberger
a430e1722b test(channels): reduce media test runtime and polling 2026-02-24 00:31:58 +00:00
Peter Steinberger
663f784e4e test(core): trim redundant setup and tighten waits 2026-02-24 00:31:58 +00:00
Peter Steinberger
f58c1ef34e test(gateway): speed up contract and polling suites 2026-02-24 00:31:58 +00:00
Peter Steinberger
f0c3c8b6a3 fix(config): redact dynamic catchall secret keys 2026-02-24 00:21:29 +00:00
Peter Steinberger
8dfa33d373 test(sandbox): add root bind mount regression 2026-02-24 00:17:21 +00:00
Peter Steinberger
3b8e33037a fix(security): harden safeBins long-option validation 2026-02-23 23:58:58 +00:00
Peter Steinberger
a2dfe9879f fix(security): harden regex compilation for filters and redaction 2026-02-23 23:54:50 +00:00
Peter Steinberger
e6484cb65f refactor: harden kilocode auth ordering and dedupe provider wiring 2026-02-23 23:37:13 +00:00
Peter Steinberger
f52a0228ca test: optimize auth and audit test runtime 2026-02-23 23:31:52 +00:00
John Fawcett
13f32e2f7d feat: Add Kilo Gateway provider (#20212) 
* feat: Add Kilo Gateway provider

Add support for Kilo Gateway as a model provider, similar to OpenRouter.
Kilo Gateway provides a unified API that routes requests to many models
behind a single endpoint and API key.

Changes:
- Add kilocode provider option to auth-choice and onboarding flows
- Add KILOCODE_API_KEY environment variable support
- Add kilocode/ model prefix handling in model-auth and extra-params
- Add provider documentation in docs/providers/kilocode.md
- Update model-providers.md with Kilo Gateway section
- Add design doc for the integration

* kilocode: add provider tests and normalize onboard auth-choice registration

* kilocode: register in resolveImplicitProviders so models appear in provider filter

* kilocode: update base URL from /api/openrouter/ to /api/gateway/

* docs: fix formatting in kilocode docs

* fix: address PR review — remove kilocode from cacheRetention, fix stale model refs and CLI name in docs, fix TS2742

* docs: fix stale refs in design doc — Moltbot to OpenClaw, MoltbotConfig to OpenClawConfig, remove extra-params section, fix doc path

* fix: use resolveAgentModelPrimaryValue for AgentModelConfig union type

---------

Co-authored-by: Mark IJbema <mark@kilocode.ai>
 2026-02-23 23:29:27 +00:00
Peter Steinberger
ddb7ec99a8 test: speed up cron test polling and waits 2026-02-23 22:42:23 +00:00
Peter Steinberger
0cc46d774c test: consolidate auth-choice tests for faster coverage 2026-02-23 22:42:23 +00:00
Gustavo Madeira Santana
eff3c5c707 Session/Cron maintenance hardening and cleanup UX (#24753) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 7533b85156
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Co-authored-by: shakkernerd <165377636+shakkernerd@users.noreply.github.com>
Reviewed-by: @shakkernerd
 2026-02-23 22:39:48 +00:00
Peter Steinberger
29b19455e3 test(commands): collapse provider and endpoint matrices 2026-02-23 22:16:45 +00:00
Peter Steinberger
b922ecb8c1 test(security): reduce duplicate audit assertions 2026-02-23 22:16:39 +00:00
Peter Steinberger
cd5f3fe0c1 test(config): consolidate env/include scenario coverage 2026-02-23 22:16:30 +00:00
Peter Steinberger
c248c515a3 test: collapse sandbox agent config duplicate cases 2026-02-23 22:01:32 +00:00
Peter Steinberger
287586206c test: consolidate sandbox docker merge scenarios 2026-02-23 22:01:22 +00:00
Peter Steinberger
8b192beaaf test: combine web reconnect progression assertions 2026-02-23 21:57:30 +00:00
Peter Steinberger
ecd278b67b test: merge redundant telegram media path scenarios 2026-02-23 21:57:23 +00:00
Peter Steinberger
ca761d6225 test: consolidate gateway auth test scenarios 2026-02-23 21:57:17 +00:00
Peter Steinberger
b9f01e8d3f test: consolidate directive behavior suites for faster runs 2026-02-23 21:48:12 +00:00
Peter Steinberger
b8fc8e7e6d test: optimize directive behavior test scenarios 2026-02-23 21:35:42 +00:00
Peter Steinberger
0183610db3 refactor: de-duplicate channel runtime and payload helpers 2026-02-23 21:25:28 +00:00
Peter Steinberger
0ae7f470a2 test: normalize skill prompt path assertions on windows 2026-02-23 21:17:29 +00:00
Peter Steinberger
31ca7fb277 test: consolidate directive behavior test scenarios 2026-02-23 21:13:11 +00:00
Peter Steinberger
426f803b8a test: speed up sessions_spawn tool harness 2026-02-23 21:13:05 +00:00
Peter Steinberger
7e5f771d27 test: speed up skills test suites 2026-02-23 21:02:13 +00:00
Peter Steinberger
75423a00d6 refactor: deduplicate shared helpers and test setup 2026-02-23 20:40:44 +00:00
Peter Steinberger
1f5e6444ee test: remove redundant pi embedded runner cases 2026-02-23 20:15:56 +00:00
Peter Steinberger
3b5a276a48 test: speed up supervisor test timing 2026-02-23 20:15:56 +00:00
Peter Steinberger
5a475259bb fix(telegram): suppress reasoning-only leaks when reasoning is off 
Co-authored-by: avirweb <avirweb@users.noreply.github.com>
 2026-02-23 20:06:16 +00:00
Peter Steinberger
63e4dfaa9c test: consolidate pi-tools gating assertions 2026-02-23 20:00:11 +00:00
Peter Steinberger
cba8037d90 test: prune redundant trigger handling integration coverage 2026-02-23 20:00:11 +00:00
Peter Steinberger
32e6ccb7b6 test(cron): cover announce failure when best-effort is off 2026-02-23 19:48:37 +00:00
Peter Steinberger
9af3ec92a5 fix(gateway): add HSTS header hardening and docs 2026-02-23 19:47:29 +00:00
Peter Steinberger
c88915b721 test: consolidate trigger handling suites 2026-02-23 19:41:47 +00:00
Peter Steinberger
87603b5c45 fix: sync built-in channel enablement across config paths 2026-02-23 19:40:42 +00:00
Peter Steinberger
7a40d99b1d refactor(cron): extract delivery dispatch + harden reset notices 2026-02-23 19:25:22 +00:00
Peter Steinberger
fe62711342 test(gate): stabilize env- and timing-sensitive process/web-search checks 2026-02-23 19:19:58 +00:00
Peter Steinberger
31e4c21b67 fix(auto-reply): move volatile inbound flags out of system metadata 
Co-authored-by: aidiffuser <aidiffuser@users.noreply.github.com>
 2026-02-23 19:19:45 +00:00
Peter Steinberger
cf38339f25 fix(tools): improve session_status cache-aware usage reporting 
Co-authored-by: Lucian Feraru <1ucian@users.noreply.github.com>
 2026-02-23 19:19:45 +00:00
Peter Steinberger
40db3fef49 fix(agents): cache bootstrap snapshots per session key 
Co-authored-by: Isis Anisoptera <github@lotuswind.net>
 2026-02-23 19:19:45 +00:00
Peter Steinberger
47723b646d refactor(test): de-duplicate msteams and bash test helpers 2026-02-23 19:12:27 +00:00
Ruslan Kharitonov
8d69251475 fix(doctor): use gateway health status for memory search key check (#22327) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 2f02ec9403
Co-authored-by: therk <901920+therk@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-02-23 14:07:16 -05:00
Peter Steinberger
bf373eeb43 refactor: harden reset notice + cron delivery target flow 2026-02-23 19:01:02 +00:00
Peter Steinberger
d266d12be1 refactor(exec): simplify env-prefixed wrapper modifier check 2026-02-23 18:56:14 +00:00
Brian Mendonca
bd8b9af9a7 fix(exec): bind env-prefixed shell wrappers to full approval text 
(cherry picked from commit 1edf957988)
 2026-02-23 18:56:14 +00:00
oneaix
216d99e585 fix(browser): derive relay auth token from gateway token in Chrome extension 
The extension relay server authenticates using an HMAC-SHA256 derived
token (`openclaw-extension-relay-v1:<port>`), but the Chrome extension
was sending the raw gateway token. This caused both the WebSocket
connection and the options page validation to fail with 401 Unauthorized.

Additionally, the options page validation request triggered a CORS
preflight (due to the custom `x-openclaw-relay-token` header) which the
relay rejects because OPTIONS requests lack auth headers. The options
page now delegates the check to the background service worker which has
host_permissions and bypasses CORS preflight.

Fixes #23842

Co-authored-by: Cursor <cursoragent@cursor.com>
(cherry picked from commit bbc654b9f0)
 2026-02-23 18:56:14 +00:00