github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-11 13:01:41 +00:00
Code Issues Packages Projects Releases Wiki Activity
18,950 Commits 702 Branches 79 Tags
42d6e35cb45f753fc2f4f3b4050cb42e2f3eb7a7
Commit Graph

4865 Commits

Author SHA1 Message Date
Vignesh Natarajan
b4cdffc7a4 TUI: make Ctrl+C exit behavior reliably responsive 2026-02-22 01:28:55 -08:00
Peter Steinberger
f4dd0577b0 fix(security): block hook transform symlink escapes 2026-02-22 10:18:05 +01:00
Peter Steinberger
6c2e999776 refactor(security): unify secure id paths and guard weak patterns 2026-02-22 10:16:19 +01:00
Peter Steinberger
ae8d4a8eec fix(security): harden channel token and id generation 2026-02-22 10:16:02 +01:00
Peter Steinberger
de2e5c7b74 docs(security): clarify dangerous control-ui bypass policy 2026-02-22 10:11:46 +01:00
Vignesh Natarajan
b9e9fbc97c TUI: preserve RTL text order in terminal output 2026-02-22 01:10:03 -08:00
Peter Steinberger
2b63592be5 fix: harden exec allowlist wrapper resolution 2026-02-22 09:52:02 +01:00
Peter Steinberger
8e7d8c3d8e docs(changelog): add shell startup env override fix note 2026-02-22 09:50:21 +01:00
Vignesh Natarajan
2a66c8d676 Agents/Subagents: honor subagent alsoAllow grants 2026-02-22 00:39:27 -08:00
Peter Steinberger
c99e7696e6 fix: decouple owner display secret from gateway auth token 2026-02-22 09:35:07 +01:00
Peter Steinberger
8887f41d7d refactor(gateway)!: remove legacy v1 device-auth handshake 2026-02-22 09:27:03 +01:00
Vignesh Natarajan
6ceadaa41f Agents: add fallback reply for tool-only completions 2026-02-22 00:23:31 -08:00
Peter Steinberger
3d03375043 fix(gateway): block avatar symlink escapes 2026-02-22 08:51:17 +01:00
Peter Steinberger
cd7faea93b docs(changelog): note next npm release for hook auth fix 2026-02-22 08:48:13 +01:00
Vignesh Natarajan
6bf5e76be6 Agents: drop stale pre-compaction usage snapshots 2026-02-21 23:47:15 -08:00
Peter Steinberger
265da4dd2a fix(security): harden gateway command/audit guardrails 2026-02-22 08:45:48 +01:00
Peter Steinberger
3284d2eb22 fix(security): normalize hook auth rate-limit client keys 2026-02-22 08:40:49 +01:00
Vignesh Natarajan
aab20e58d7 Sessions: persist prompt-token totals without usage 2026-02-21 23:37:42 -08:00
Peter Steinberger
e0db04a50d fix(security): harden avatar validation and size limits 2026-02-22 08:35:32 +01:00
Peter Steinberger
049b8b14bc fix(security): flag open-group runtime/fs exposure in audit 2026-02-22 08:22:51 +01:00
Vignesh Natarajan
cdfe45eeb8 Agents: validate persisted tool-call names 2026-02-21 23:06:44 -08:00
Vignesh Natarajan
29a782b9cd Models/Config: default missing Anthropic model api fields 2026-02-21 22:50:43 -08:00
Vignesh Natarajan
542fc169d2 Plugins/Hooks: avoid duplicate before_agent_start executions 2026-02-21 22:31:51 -08:00
Vignesh Natarajan
96c985400d BlueBubbles: accept webhook payloads with missing handles 2026-02-21 22:10:30 -08:00
Pierre
4f700e96af Fix Telegram DM last-route metadata leakage (#19491) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 16b025b3aa
Co-authored-by: guirguispierre <22091706+guirguispierre@users.noreply.github.com>
Co-authored-by: obviyus <22031114+obviyus@users.noreply.github.com>
Reviewed-by: @obviyus
 2026-02-22 11:29:59 +05:30
Vignesh Natarajan
54e5f80424 Browser: accept canonical upload paths for symlinked roots 2026-02-21 21:54:57 -08:00
Vignesh Natarajan
98b2b16ac3 Security/Exec: persist inner commands for shell-wrapper approvals 2026-02-21 21:26:20 -08:00
miz-cha
2f023a4775 fix(telegram): disable autoSelectFamily by default on WSL2 (#21916) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 431fd96670
Co-authored-by: MizukiMachine <185313792+MizukiMachine@users.noreply.github.com>
Co-authored-by: obviyus <22031114+obviyus@users.noreply.github.com>
Reviewed-by: @obviyus
 2026-02-22 10:54:49 +05:30
Vignesh Natarajan
73b4330d4c CLI/Config: keep explicitly unset keys removed 2026-02-21 21:08:04 -08:00
Robin Waslander
daf036a4f6 fix(slash): persist channel metadata from slash command sessions (#23065) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 29fa20c7d7
Co-authored-by: hydro13 <6640526+hydro13@users.noreply.github.com>
Co-authored-by: obviyus <22031114+obviyus@users.noreply.github.com>
Reviewed-by: @obviyus
 2026-02-22 10:29:06 +05:30
Vignesh Natarajan
6d11b46994 Media: preserve PDF MIME classification in file extraction 2026-02-21 20:50:25 -08:00
Ayaan Zaidi
63b4c500d9 fix: prevent Telegram preview stream cross-edit race (#23202) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 529abf209d
Co-authored-by: obviyus <22031114+obviyus@users.noreply.github.com>
Co-authored-by: obviyus <22031114+obviyus@users.noreply.github.com>
Reviewed-by: @obviyus
 2026-02-22 10:04:33 +05:30
Vignesh Natarajan
413f81b856 Memory/QMD: migrate legacy unscoped collections 2026-02-21 20:31:12 -08:00
Vignesh Natarajan
961bde27fe Cron: guard missing expr in schedule parsing 2026-02-21 20:18:11 -08:00
Vignesh Natarajan
c51c2a2dca Slack: preserve slash options receiver binding 2026-02-21 20:01:39 -08:00
Vignesh Natarajan
8920e281cc Plugins: allowlist plugins when enabling from CLI 2026-02-21 19:37:26 -08:00
Vignesh Natarajan
483c464b62 Gateway: preserve token scopes on scope-less repair approvals 2026-02-21 19:37:15 -08:00
Vignesh Natarajan
55d492b4cd Gateway: allow operator admin scope for pairing and approvals 2026-02-21 19:37:04 -08:00
Vignesh Natarajan
68cb4fc8a1 TUI: render sending and waiting indicators immediately 2026-02-21 19:28:42 -08:00
Vignesh Natarajan
68b92e80f7 Agents: log lifecycle error text for embedded run failures 2026-02-21 19:24:45 -08:00
Vignesh Natarajan
35fe33aa90 Agents: classify Anthropic api_error internal server failures for fallback 2026-02-21 19:22:16 -08:00
Vignesh Natarajan
a10d689860 TUI: coalesce multiline paste submits on macOS terminals 2026-02-21 19:19:55 -08:00
Vignesh Natarajan
f2d664e24f Gateway: deep-compare array config paths for reload diff 2026-02-21 19:17:46 -08:00
Vignesh Natarajan
2830dafbe9 Cron: keep list/status responsive during startup catch-up 2026-02-21 19:13:04 -08:00
Vignesh Natarajan
c45a5c551f Agents: preserve unsafe integer tool args in Ollama stream 2026-02-21 19:08:31 -08:00
Vignesh Natarajan
4550a52007 TUI: filter model picker to allowlisted models 2026-02-21 19:03:15 -08:00
Andrew Jeon
853ae626fa feat: add Korean language support for memory search query expansion (#18899) 
* feat: add Korean stop words and tokenization for memory search

* fix: address review comments on Korean query expansion

* fix: lint errors - curly brace and toSorted

* fix(memory): improve Korean stop words and deduplicate

* Memory: tighten Korean query expansion filtering

* Docs/Changelog: credit Korean memory query expansion

---------

Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
 2026-02-21 21:33:30 -05:00
Vignesh Natarajan
5b4409d5d0 fix: pairing admin satisfies write (#23125) (thanks @vignesh07) 2026-02-21 18:25:13 -08:00
vignesh07
a37e12eabc docs(changelog): credit nicole-luxe for mcporter QMD work 2026-02-21 17:32:59 -08:00
Vincent Koc
7a6ff4c55a docs(changelog): credit BlueBubbles DM history fix (#23095) 2026-02-21 20:03:17 -05:00