github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-06 22:41:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
12,883 Commits 702 Branches 79 Tags
3e1ed0032d650ca5cad7d6dbafc890a45ffbb9e2
Commit Graph

2999 Commits

Author SHA1 Message Date
Vignesh Natarajan
6f6954fb34 Changelog: note directory cache bounds hardening 2026-02-14 17:58:11 -08:00
Vignesh Natarajan
c6bac6703e Changelog: note Slack thread starter cache bounds 2026-02-14 17:55:25 -08:00
Vignesh Natarajan
bb53d984d3 Changelog: note abort memory map hardening 2026-02-14 17:52:24 -08:00
Vignesh Natarajan
377bb9073e Changelog: note agentRunSeq map hardening 2026-02-14 17:50:52 -08:00
Tyler Yust
edb06170f5 fix(image): allow workspace and sandbox media paths (#15541) 2026-02-14 17:46:36 -08:00
Vignesh Natarajan
56708b636e Changelog: note diagnostic session-state bounds 2026-02-14 17:30:10 -08:00
Vignesh Natarajan
d70cc39544 Changelog: note memory watcher FD-pressure hardening 2026-02-14 17:25:10 -08:00
Vignesh Natarajan
41d7d0e2e6 Changelog: note TUI gateway bind URL fix 2026-02-14 17:16:17 -08:00
Vignesh Natarajan
aa09be168d Changelog: note media local root allowlist update 2026-02-14 17:10:58 -08:00
Vignesh Natarajan
21ee5c0aaf Changelog: note sandbox bind-mount file tool fix 2026-02-14 16:54:37 -08:00
Vignesh Natarajan
f18e3fba79 Changelog: note explicit TUI session override fix 2026-02-14 16:40:52 -08:00
Vignesh Natarajan
b08146fad6 TUI/Gateway: emit internal hooks for /new and /reset 2026-02-14 16:33:42 -08:00
Gustavo Madeira Santana
a8c30634ac changelog: add workspace onboarding attribution 2026-02-14 19:20:27 -05:00
Gustavo Madeira Santana
28b78b25b7 fix(workspace): persist bootstrap onboarding state 2026-02-14 19:20:27 -05:00
Vignesh Natarajan
3f69607d8c Changelog: configurable LanceDB capture limit 2026-02-14 16:03:40 -08:00
Vignesh Natarajan
53a8f474ee Memory/QMD: handle fallback init failures gracefully 2026-02-14 15:42:02 -08:00
Vignesh Natarajan
c4dbcc3444 Memory/QMD: make status checks side-effect free 2026-02-14 15:42:02 -08:00
Robby
ceb934299b fix(workspace): create BOOTSTRAP.md regardless of workspace state (#16457) (#16504) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: a57718c09e
Co-authored-by: robbyczgw-cla <239660374+robbyczgw-cla@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-02-14 18:41:35 -05:00
Charlie Greenman
dec6859702 agents: reduce prompt token bloat from exec and context (#16539) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 8e1635fa3f
Co-authored-by: CharlieGreenman <8540141+CharlieGreenman@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-02-14 18:32:45 -05:00
Vignesh Natarajan
2547514b47 Memory/QMD: treat prefixed no-results markers as empty 2026-02-14 15:31:52 -08:00
Peter Steinberger
abf42abd41 fix: LINE webhook verification 200; fix tsgo error (#16582) (thanks @arosstale) 2026-02-15 00:27:12 +01:00
Peter Steinberger
90117a3849 docs: consolidate 2026.2.14 changelog 2026-02-15 00:05:51 +01:00
Peter Steinberger
9e2e57458e docs(changelog): soften exec allowlist scope note 2026-02-15 00:03:21 +01:00
Vignesh Natarajan
c0bf6bc24f Memory/QMD: parse scope once in qmd scope checks 2026-02-14 14:59:18 -08:00
Vignesh Natarajan
0fdcb3be43 Memory/QMD: skip unchanged session export writes 2026-02-14 14:59:18 -08:00
Vignesh Natarajan
83e08b3bd5 Memory/QMD: optimize qmd readFile for line-window reads 2026-02-14 14:59:18 -08:00
Vignesh Natarajan
62aae7f69d Memory/QMD: add limit arg to search command 2026-02-14 14:59:18 -08:00
Vignesh Natarajan
19df928e7f Memory/QMD: robustly parse noisy qmd JSON output 2026-02-14 14:59:18 -08:00
Vignesh Natarajan
6bf333bf31 Memory/QMD: prefer exact docid lookup in index 2026-02-14 14:59:18 -08:00
Vignesh Natarajan
f9f816d139 Memory/QMD: cap qmd command output buffering 2026-02-14 14:59:18 -08:00
Bin Deng
c0cd3c3c08 fix: add safety timeout to session.compact() to prevent lane deadlock (#16533) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 21e4045add
Co-authored-by: BinHPdev <219093083+BinHPdev@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-02-14 17:54:12 -05:00
Peter Steinberger
7d658410e5 docs(changelog): clarify exec allowlist mode only 2026-02-14 23:51:15 +01:00
Peter Steinberger
db60b424a2 docs(changelog): note exec allowlist command substitution fix 2026-02-14 23:51:15 +01:00
Vishal Doshi
3efb752124 fix(gateway): abort active runs during sessions.reset (#16576) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 43da87f2df
Co-authored-by: Grynn <212880+Grynn@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-02-14 17:42:33 -05:00
Peter Steinberger
a99ad11a41 fix: validate state for manual Chutes OAuth 2026-02-14 23:33:56 +01:00
Gustavo Madeira Santana
8217d77ece fix(cli): run plugin gateway_stop hooks before message exit (#16580) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 8542ac77ae
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-02-14 17:33:08 -05:00
Peter Steinberger
d02202e765 docs(changelog): note clawtributors updater injection fix 2026-02-14 23:26:39 +01:00
Peter Steinberger
a429380e33 fix(scripts): harden clawtributors updater 2026-02-14 23:25:32 +01:00
Bruno Škvorc
dbdcbe03e7 fix: preserve bootstrap paths and expose failed mutations (#16131) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 385dcbd8a9
Co-authored-by: Swader <1430603+Swader@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-02-14 17:01:16 -05:00
Peter Steinberger
c0c0e0f9ae fix(security): block full-form IPv4-mapped IPv6 in SSRF guard 2026-02-14 22:58:38 +01:00
Peter Steinberger
9e7aab9baf docs(changelog): credit logicx24 for plugin install traversal report 2026-02-14 22:54:38 +01:00
yinghaosang
8927c69b3f fix(cli): stop message send from hanging forever after delivery (#16460) (#16491) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 78dffc9e99
Co-authored-by: yinghaosang <261132136+yinghaosang@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-02-14 16:53:56 -05:00
Peter Steinberger
576f7072a7 docs(changelog): credit @simecek for gateway connect auth fix 2026-02-14 22:42:35 +01:00
Gustavo Madeira Santana
48b3d7096c fix: harden device pairing token generation and verification (#16535) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: bcbb50e368
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-02-14 16:23:33 -05:00
Peter Steinberger
0b20ee2722 docs(changelog): note gateway /approve scope fix 2026-02-14 22:14:18 +01:00
Peter Steinberger
938b1dd1e7 docs(changelog): fix gatewayUrl SSRF entry 2026-02-14 22:08:28 +01:00
Peter Steinberger
3513ff09de docs(changelog): note Telegram webhookSecret hard requirement 2026-02-14 22:08:19 +01:00
Peter Steinberger
c5406e1d24 fix(security): prevent gatewayUrl SSRF 2026-02-14 22:01:11 +01:00
Peter Steinberger
e95ce05c1e chore(security): soften gatewayUrl override messaging 2026-02-14 21:53:30 +01:00
Peter Steinberger
2d5647a804 fix(security): restrict tool gatewayUrl overrides 2026-02-14 21:53:14 +01:00