github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-07 06:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
17,859 Commits 702 Branches 79 Tags
5f90883ad378920249160fe2d9c610c362be765c
Commit Graph

4606 Commits

Author SHA1 Message Date
alexyyyander
c4dab17ca9 fix(gateway): prevent internal route leakage in chat.send 
Synthesis of routing fixes from #35321, #34635, and #35356 for internal-client reply safety.

- Require explicit `deliver: true` before inheriting any external delivery route.
- Keep webchat/TUI/UI-origin traffic on internal routing by default.
- Allow configured-main session inheritance only for non-Webchat/UI clients, and honor `session.mainKey`.
- Add regression tests for UI no-inherit, configured-main CLI inherit, and deliver-flag behavior.

Co-authored-by: alexyyyander <alexyyyander@users.noreply.github.com>
Co-authored-by: Octane0411 <88922959+Octane0411@users.noreply.github.com>
Co-authored-by: Linux2010 <35169750+Linux2010@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-03-04 23:57:35 -06:00
Sid
463fd4735e fix(agents): guard context pruning against malformed thinking blocks (#35146) 
Merged via squash.

Prepared head SHA: a196a565b1
Co-authored-by: Sid-Qin <201593046+Sid-Qin@users.noreply.github.com>
Co-authored-by: shakkernerd <165377636+shakkernerd@users.noreply.github.com>
Reviewed-by: @shakkernerd
 2026-03-05 05:52:24 +00:00
不做了睡大觉
8891e1e48d fix(web-ui): render Accounts schema node properly (#35380) 
Co-authored-by: stakeswky <64798754+stakeswky@users.noreply.github.com>
Co-authored-by: liuxiaopai-ai <73659136+liuxiaopai-ai@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-03-04 23:50:18 -06:00
Sid
d9b69a6145 fix(agents): guard promoteThinkingTagsToBlocks against malformed content entries (#35143) 
Merged via squash.

Prepared head SHA: 3971122f5f
Co-authored-by: Sid-Qin <201593046+Sid-Qin@users.noreply.github.com>
Co-authored-by: shakkernerd <165377636+shakkernerd@users.noreply.github.com>
Reviewed-by: @shakkernerd
 2026-03-05 05:37:33 +00:00
Sid
ce0c13191f fix(agents): decode HTML entities in xAI/Grok tool call arguments (#35276) 
Merged via squash.

Prepared head SHA: c4445d2938
Co-authored-by: Sid-Qin <201593046+Sid-Qin@users.noreply.github.com>
Co-authored-by: shakkernerd <165377636+shakkernerd@users.noreply.github.com>
Reviewed-by: @shakkernerd
 2026-03-05 05:32:39 +00:00
Sid
987e473364 fix(agents): detect Venice provider proxying xAI/Grok models for schema cleaning (#35355) 
Merged via squash.

Prepared head SHA: 8bfdec257b
Co-authored-by: Sid-Qin <201593046+Sid-Qin@users.noreply.github.com>
Co-authored-by: shakkernerd <165377636+shakkernerd@users.noreply.github.com>
Reviewed-by: @shakkernerd
 2026-03-05 05:29:25 +00:00
Shakker
1805735c63 chore(changelog): add dedupe note openclaw#27521 thanks @shivama205 2026-03-05 05:11:06 +00:00
Tak Hoffman
79d00ae398 fix(cron): stabilize restart catch-up replay semantics (#35351) 
* Cron: stabilize restart catch-up replay semantics

* Cron: respect backoff in startup missed-run replay
 2026-03-04 21:50:16 -06:00
sline
1059b406a8 fix: cron backup should preserve pre-edit snapshot (#35195) (#35234) 
* fix(cron): avoid overwriting .bak during normalization

Fixes openclaw/openclaw#35195

* test(cron): preserve pre-edit bak snapshot in normalization path

---------

Co-authored-by: 0xsline <sline@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-03-04 21:46:27 -06:00
rexl2018
3bf6ed181e Feishu: harden streaming merge semantics and final reply dedupe (#33245) 
* Feishu: close duplicate final gap and cover routing precedence

* Feishu: resolve reviewer duplicate-final and routing feedback

* Feishu: tighten streaming send-mode option typing

* Feishu: fix reverse-overlap streaming merge ordering

* Feishu: align streaming final dedupe test expectation

* Feishu: allow distinct streaming finals while deduping repeats

---------

Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-03-04 21:32:35 -06:00
Sid
8b8167d547 fix(agents): bypass pendingDescendantRuns guard for cron announce delivery (#35185) 
* fix(agents): bypass pendingDescendantRuns guard for cron announce delivery

Standalone cron job completions were blocked from direct channel delivery
when the cron run had spawned subagents that were still registered as
pending. The pendingDescendantRuns guard exists for live orchestration
coordination and should not apply to fire-and-forget cron announce sends.

Thread the announceType through the delivery chain and skip both the
child-descendant and requester-descendant pending-run guards when the
announce originates from a cron job.

Closes #34966

* fix: ensure outbound session entry for cron announce with named agents (#32432)

Named agents may not have a session entry for their delivery target,
causing the announce flow to silently fail (delivered=false, no error).

Two fixes:
1. Call ensureOutboundSessionEntry when resolving the cron announce
   session key so downstream delivery can find channel metadata.
2. Fall back to direct outbound delivery when announce delivery fails
   to ensure cron output reaches the target channel.

Closes #32432

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: guard announce direct-delivery fallback against suppression leaks (#32432)

The `!delivered` fallback condition was too broad — it caught intentional
suppressions (active subagents, interim messages, SILENT_REPLY_TOKEN) in
addition to actual announce delivery failures.  Add an
`announceDeliveryWasAttempted` flag so the direct-delivery fallback only
fires when `runSubagentAnnounceFlow` was actually called and failed.

Also remove the redundant `if (route)` guard in
`resolveCronAnnounceSessionKey` since `resolved` being truthy guarantees
`route` is non-null.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix(cron): harden announce synthesis follow-ups

---------

Co-authored-by: scoootscooob <zhentongfan@gmail.com>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-03-04 21:31:33 -06:00
Nhj
68e68bfb57 fix(feishu): use msg_type media for mp4 video (fixes #33674) (#33720) 
* fix(feishu): use msg_type media for mp4 video (fixes #33674)

* Feishu: harden streaming merge semantics and final reply dedupe

Use explicit streaming update semantics in the Feishu reply dispatcher:
treat onPartialReply payloads as snapshot updates and block fallback payloads
as delta chunks, then merge final text with the shared overlap-aware
mergeStreamingText helper before closing the stream.

Prevent duplicate final text delivery within the same dispatch cycle, and add
regression tests covering overlap snapshot merge, duplicate final suppression,
and block-as-delta behavior to guard against repeated/truncated output.

* fix(feishu): prefer message.reply for streaming cards in topic threads

* fix: reduce Feishu streaming card print_step to avoid duplicate rendering

Fixes openclaw/openclaw#33751

* Feishu: preserve media sends on duplicate finals and add media synthesis changelog

* Feishu: only dedupe exact duplicate final replies

* Feishu: use scoped plugin-sdk import in streaming-card tests

---------

Co-authored-by: 倪汉杰0668001185 <ni.hanjie@xydigit.com>
Co-authored-by: zhengquanliu <zhengquanliu@bytedance.com>
Co-authored-by: nick <nickzj@qq.com>
Co-authored-by: linhey <linhey@mini.local>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-03-04 20:39:44 -06:00
Isis Anisoptera
432e0222dd fix: restore auto-reply system events timeline (#34794) (thanks @anisoptera) (#34794) 
Co-authored-by: Ayaan Zaidi <zaidi@uplause.io>
 2026-03-05 07:56:14 +05:30
Shakker
498948581a docs(changelog): document dependency security fixes 2026-03-05 02:05:16 +00:00
Ho Lim
da0e245db6 fix(security): avoid prototype-chain account path checks (#34982) 
Merged via squash.

Prepared head SHA: f89cc6a649
Co-authored-by: HOYALIM <166576253+HOYALIM@users.noreply.github.com>
Co-authored-by: dvrshil <81693876+dvrshil@users.noreply.github.com>
Reviewed-by: @dvrshil
 2026-03-04 17:38:09 -08:00
Darshil
ed05810d68 fix: add spanish locale support (#35038) (thanks @DaoPromociones) 2026-03-04 15:29:52 -08:00
Vincent Koc
9c6847074d Changelog: add gateway restart health entry (#34874) 2026-03-04 15:44:02 -05:00
Vincent Koc
8c5692ac4a Changelog: add daemon systemd user-bus fallback entry (#34884) 2026-03-04 15:44:02 -05:00
青雲
96021a2b17 fix: align AGENTS.md template section names with post-compaction extraction (#25029) (#25098) 
Merged via squash.

Prepared head SHA: 8cd6cc8049
Co-authored-by: echoVic <16428813+echoVic@users.noreply.github.com>
Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com>
Reviewed-by: @jalehman
 2026-03-04 12:16:00 -08:00
Kai
4242c5152f agents: preserve totalTokens on request failure instead of using contextWindow (#34275) 
Merged via squash.

Prepared head SHA: f9d111d0a7
Co-authored-by: RealKai42 <44634134+RealKai42@users.noreply.github.com>
Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com>
Reviewed-by: @jalehman
 2026-03-04 12:02:22 -08:00
Rodrigo Uroz
df0f2e349f Compaction/Safeguard: require structured summary headings (#25555) 
Merged via squash.

Prepared head SHA: 0b1df34806
Co-authored-by: rodrigouroz <384037+rodrigouroz@users.noreply.github.com>
Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com>
Reviewed-by: @jalehman
 2026-03-04 10:54:42 -08:00
Shakker
2123265c09 chore(changelog): clarify outbound media-only fallback openclaw#32788 thanks @liuxiaopai-ai 2026-03-04 18:42:21 +00:00
Shakker
a970cae2da chore(changelog): align outbound adapter entry openclaw#32788 thanks @liuxiaopai-ai 2026-03-04 18:42:21 +00:00
liuxiaopai-ai
efdf2ca0d7 Outbound: allow text-only plugin adapters 2026-03-04 18:42:21 +00:00
Shakker
e6f0203ef3 chore(changelog): add PR entry openclaw#24337 thanks @echoVic 2026-03-04 16:39:54 +00:00
Sid
c8ebd48e0f fix(node-host): sync rawCommand with hardened argv after executable path pinning (#33137) 
Merged via squash.

Prepared head SHA: a7987905f7
Co-authored-by: Sid-Qin <201593046+Sid-Qin@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-03-04 11:30:33 -05:00
a
4fb40497d4 fix(daemon): handle systemctl is-enabled exit 4 (not-found) on Ubuntu (#33634) 
Merged via squash.

Prepared head SHA: 67dffc3ee2
Co-authored-by: Yuandiaodiaodiao <33371662+Yuandiaodiaodiao@users.noreply.github.com>
Co-authored-by: shakkernerd <165377636+shakkernerd@users.noreply.github.com>
Reviewed-by: @shakkernerd
 2026-03-04 16:13:45 +00:00
Sid
3fa43ec221 fix(model): propagate custom provider headers to model objects (#27490) 
Merged via squash.

Prepared head SHA: e4183b398f
Co-authored-by: Sid-Qin <201593046+Sid-Qin@users.noreply.github.com>
Co-authored-by: shakkernerd <165377636+shakkernerd@users.noreply.github.com>
Reviewed-by: @shakkernerd
 2026-03-04 16:02:29 +00:00
huangcj
dc8253a84d fix(memory): serialize local embedding initialization to avoid duplicate model loads (#15639) 
Merged via squash.

Prepared head SHA: a085fc21a8
Co-authored-by: SubtleSpark <43933609+SubtleSpark@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-03-04 10:09:03 -05:00
Vincent Koc
c1bb07bd16 fix(slack): route system events to bound agent sessions (#34045) 
* fix(slack): route system events via binding-aware session keys

* fix(slack): pass sender to system event session resolver

* fix(slack): include sender context for interaction session routing

* fix(slack): include modal submitter in session routing

* test(slack): cover binding-aware system event routing

* test(slack): update interaction session key assertions

* test(slack): assert reaction session routing carries sender

* docs(changelog): note slack system event routing fix

* Update CHANGELOG.md
 2026-03-04 08:44:07 -05:00
Ayaan Zaidi
7b5e64ef2e fix: preserve raw media invoke for HTTP tool clients (#34365) 2026-03-04 17:17:39 +05:30
Ayaan Zaidi
ef4fa43df8 fix: prevent nodes media base64 context bloat (#34332) 2026-03-04 16:53:30 +05:30
Ayaan Zaidi
ed8e0a8146 docs(changelog): credit @Brotherinlaw-13 for #34318 2026-03-04 16:27:48 +05:30
Bob
257e2f5338 fix: relay ACP sessions_spawn parent streaming (#34310) (thanks @vincentkoc) (#34310) 
Co-authored-by: Onur Solmaz <2453968+osolmaz@users.noreply.github.com>
 2026-03-04 11:44:20 +01:00
Bob
61f7cea48b fix: kill stuck ACP child processes on startup and harden sessions in discord threads (#33699) 
* Gateway: resolve agent.wait for chat.send runs

* Discord: harden ACP thread binding + listener timeout

* ACPX: handle already-exited child wait

* Gateway/Discord: address PR review findings

* Discord: keep ACP error-state thread bindings on startup

* gateway: make agent.wait dedupe bridge event-driven

* discord: harden ACP probe classification and cap startup fan-out

* discord: add cooperative timeout cancellation

* discord: fix startup probe concurrency helper typing

* plugin-sdk: avoid Windows root-alias shard timeout

* plugin-sdk: keep root alias reflection path non-blocking

* discord+gateway: resolve remaining PR review findings

* gateway+discord: fix codex review regressions

* Discord/Gateway: address Codex review findings

* Gateway: keep agent.wait lifecycle active with shared run IDs

* Discord: clean up status reactions on aborted runs

* fix: add changelog note for ACP/Discord startup hardening (#33699) (thanks @dutifulbob)

---------

Co-authored-by: Onur <2453968+osolmaz@users.noreply.github.com>
 2026-03-04 10:52:28 +01:00
Gustavo Madeira Santana
6a40f69d4d chore(docs): add plugins refactor changelog entry 2026-03-04 02:39:11 -05:00
Lynn
9d941949c9 fix(tui): normalize session key to lowercase to match gateway canonicalization (#34013) 
Merged via squash.

Prepared head SHA: cfe06ca131
Co-authored-by: lynnzc <6257996+lynnzc@users.noreply.github.com>
Co-authored-by: altaywtf <9790196+altaywtf@users.noreply.github.com>
Reviewed-by: @altaywtf
 2026-03-04 09:53:38 +03:00
Gustavo Madeira Santana
802b9f6b19 Plugins: add root-alias shim and cache/docs updates 2026-03-04 01:20:48 -05:00
Josh Avant
646817dd80 fix(outbound): unify resolved cfg threading across send paths (#33987) 2026-03-04 00:20:44 -06:00
Vincent Koc
4d183af0cf fix: code/cli acpx reliability 20260304 (#34020) 
* agents: switch claude-cli defaults to bypassPermissions

* agents: add claude-cli default args coverage

* agents: emit watchdog stall system event for cli runs

* agents: test cli watchdog stall system event

* acpx: fallback to sessions new when ensure returns no ids

* acpx tests: mock sessions new fallback path

* acpx tests: cover ensure-empty fallback flow

* skills: clarify claude print mode without pty

* docs: update cli-backends claude default args

* docs: refresh cli live test default args

* gateway tests: align live claude args defaults

* changelog: credit claude/acpx reliability fixes

* Agents: normalize legacy Claude permission flag overrides

* Tests: cover legacy Claude permission override normalization

* Changelog: note legacy Claude permission flag auto-normalization

* ACPX: fail fast when ensure/new return no session IDs

* ACPX tests: support empty sessions new fixture output

* ACPX tests: assert ensureSession failure when IDs missing

* CLI runner: scope watchdog heartbeat wake to session

* CLI runner tests: assert session-scoped watchdog wake

* Update CHANGELOG.md
 2026-03-04 01:15:28 -05:00
Dale Yarborough
a95a0be133 feat(slack): add typingReaction config for DM typing indicator fallback (#19816) 
* feat(slack): add typingReaction config for DM typing indicator fallback

Adds a reaction-based typing indicator for Slack DMs that works without
assistant mode. When `channels.slack.typingReaction` is set (e.g.
"hourglass_flowing_sand"), the emoji is added to the user's message when
processing starts and removed when the reply is sent.

Addresses #19809

* test(slack): add typingReaction to createSlackMonitorContext test callers

* test(slack): add typingReaction to test context callers

* test(slack): add typingReaction to context fixture

* docs(changelog): credit Slack typingReaction feature

* test(slack): align existing-thread history expectation

---------

Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
 2026-03-03 21:07:17 -08:00
Kesku
230fea1ca6 feat(web-search): switch Perplexity to native Search API (#33822) 
* feat: Add Perplexity Search API as web_search provider

* docs fixes

* domain_filter validation

* address comments

* provider-specific options in cache key

* add validation for unsupported date filters

* legacy fields

* unsupported_language guard

* cache key matches the request's precedence order

* conflicting_time_filters guard

* unsupported_country guard

* invalid_date_range guard

* pplx validate for ISO 639-1 format

* docs: add Perplexity Search API changelog entry

* unsupported_domain_filter guard

---------

Co-authored-by: Shadow <hi@shadowing.dev>
 2026-03-03 22:57:19 -06:00
Ayaan Zaidi
d5a7a32826 docs(changelog): credit #31513 in #33647 entry 2026-03-04 10:20:59 +05:30
Tak Hoffman
b4e4e25e74 fix(gateway): narrow legacy route inheritance for custom session keys (openclaw#33932) thanks @Takhoffman 
Verified:
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: Takhoffman <781889+Takhoffman@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-03-03 22:45:46 -06:00
Ayaan Zaidi
6962d2d79f fix: harden sessions_spawn attachment schema landing (#33648) (thanks @anisoptera) 2026-03-04 10:05:41 +05:30
Tak Hoffman
8a7d1aa973 fix(gateway): preserve route inheritance for legacy channel session keys (openclaw#33919) thanks @Takhoffman 
Verified:
- pnpm build
- pnpm check
- pnpm test src/gateway/server-methods/chat.directive-tags.test.ts
- pnpm test:macmini

Co-authored-by: Takhoffman <781889+Takhoffman@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-03-03 22:27:36 -06:00
Ayaan Zaidi
f74a04e4ba fix: tighten telegram topic-agent docs + fallback tests (#33647) (thanks @kesor) 2026-03-04 09:35:53 +05:30
Tak Hoffman
7f2708a8c3 fix(routing): unify session delivery invariants for duplicate suppression (#33786) 
* Routing: unify session delivery invariants

* Routing: address PR review feedback

* Routing: tighten topic and session-scope suppression

* fix(chat): inherit routes for per-account channel-peer sessions
 2026-03-03 21:40:38 -06:00
Tak Hoffman
87e6ce7c3a fix(extensions): synthesize mediaLocalRoots propagation across sendMedia adapters 
Restore deterministic mediaLocalRoots propagation through extension sendMedia adapters and add coverage for local/remote media handling in Google Chat.

Synthesis of #33581, #33545, #33540, #33536, #33528.

Co-authored-by: bmendonca3 <bmendonca3@users.noreply.github.com>
 2026-03-03 21:30:41 -06:00
Tak Hoffman
9889c6da53 Runtime: stabilize tool/run state transitions under compaction and backpressure 
Synthesize runtime state transition fixes for compaction tool-use integrity and long-running handler backpressure.

Sources: #33630, #33583

Co-authored-by: Kevin Shenghui <shenghuikevin@gmail.com>
Co-authored-by: Theo Tarr <theodore@tarr.com>
 2026-03-03 21:25:32 -06:00