github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-04-19 09:08:38 +00:00
Code Issues Packages Projects Releases Wiki Activity
18,141 Commits 702 Branches 79 Tags
7844bc89a1612800810617c823eb0c76ef945804
Commit Graph

4752 Commits

Author SHA1 Message Date
Vincent Koc
7844bc89a1 Security: require Feishu webhook encrypt key (#44087) 
* Feishu: require webhook encrypt key in schema

* Feishu: cover encrypt key webhook validation

* Feishu: enforce encrypt key at startup

* Feishu: add webhook forgery regression test

* Feishu: collect encrypt key during onboarding

* Docs: require Feishu webhook encrypt key

* Changelog: note Feishu webhook hardening

* Docs: clarify Feishu encrypt key screenshot

* Feishu: treat webhook encrypt key as secret input

* Feishu: resolve encrypt key only in webhook mode
 2026-03-12 11:01:00 -04:00
Vincent Koc
99170e2408 Hardening: normalize Unicode command obfuscation detection (#44091) 
* Exec: cover unicode obfuscation cases

* Exec: normalize unicode obfuscation detection

* Changelog: note exec detection hardening

* Exec: strip unicode tag character obfuscation

* Exec: harden unicode suppression and length guards

* Exec: require path boundaries for safe URL suppressions
 2026-03-12 10:57:49 -04:00
Vincent Koc
eff0d5a947 Hardening: tighten preauth WebSocket handshake limits (#44089) 
* Gateway: tighten preauth handshake limits

* Changelog: note WebSocket preauth hardening

* Gateway: count preauth frame bytes accurately

* Gateway: cap WebSocket payloads before auth
 2026-03-12 10:55:41 -04:00
Vincent Koc
3e730c0332 Security: preserve Feishu reaction chat type (#44088) 
* Feishu: preserve looked-up chat type

* Feishu: fail closed on ambiguous reaction chats

* Feishu: cover reaction chat type fallback

* Changelog: note Feishu reaction hardening

* Feishu: fail closed without resolved chat type

* Feishu: normalize reaction chat type at runtime
 2026-03-12 10:53:40 -04:00
Vincent Koc
48cbfdfac0 Hardening: require LINE webhook signatures (#44090) 
* LINE: require webhook signatures in express handler

* LINE: require webhook signatures in node handler

* LINE: update express signature tests

* LINE: update node signature tests

* Changelog: note LINE webhook hardening

* LINE: validate signatures before parsing webhook bodies

* LINE: reject missing signatures before body reads
 2026-03-12 10:50:36 -04:00
Lyle
c965049dc6 fix(mattermost): pass mediaLocalRoots through reply delivery (#44021) 
Merged via squash.

Prepared head SHA: 856f11f129
Co-authored-by: LyleLiu666 <31182860+LyleLiu666@users.noreply.github.com>
Co-authored-by: mukhtharcm <56378562+mukhtharcm@users.noreply.github.com>
Reviewed-by: @mukhtharcm
 2026-03-12 20:13:51 +05:30
0x4C33
f3be1c828c fix(status): resolve context window by provider-qualified key, prefer max on bare-id collision, solve #35976 (#36389) 
Merged via squash.

Prepared head SHA: f8cf752c59
Co-authored-by: haoruilee <60883781+haoruilee@users.noreply.github.com>
Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com>
Reviewed-by: @jalehman
 2026-03-12 07:00:36 -07:00
rabsef-bicrym
ff47876e61 fix: carry observed overflow token counts into compaction (#40357) 
Merged via squash.

Prepared head SHA: b99eed4329
Co-authored-by: rabsef-bicrym <52549148+rabsef-bicrym@users.noreply.github.com>
Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com>
Reviewed-by: @jalehman
 2026-03-12 06:58:42 -07:00
avirweb
f2e28fc30f fix(telegram): allow fallback models in /model validation (#40105) 
Merged via squash.

Prepared head SHA: de07585e03
Co-authored-by: avirweb <257412074+avirweb@users.noreply.github.com>
Co-authored-by: velvet-shark <126378+velvet-shark@users.noreply.github.com>
Reviewed-by: @velvet-shark
 2026-03-12 13:55:51 +01:00
Teconomix
171d2df9e0 feat(mattermost): add replyToMode support (off | first | all) (#29587) 
Merged via squash.

Prepared head SHA: 4a67791f53
Co-authored-by: teconomix <6959299+teconomix@users.noreply.github.com>
Co-authored-by: mukhtharcm <56378562+mukhtharcm@users.noreply.github.com>
Reviewed-by: @mukhtharcm
 2026-03-12 18:03:12 +05:30
Sally O'Malley
8e0e4f736a docs: add Kubernetes install guide, setup script, and manifests (#34492) 
* add docs and manifests for k8s install

Signed-off-by: sallyom <somalley@redhat.com>

* changelog

Signed-off-by: sallyom <somalley@redhat.com>

---------

Signed-off-by: sallyom <somalley@redhat.com>
 2026-03-12 07:28:21 -04:00
Nimrod Gutman
4f620bebe5 fix(doctor): canonicalize gateway service entrypoint paths (#43882) 
Merged via squash.

Prepared head SHA: 9f530d2a86
Co-authored-by: ngutman <1540134+ngutman@users.noreply.github.com>
Co-authored-by: ngutman <1540134+ngutman@users.noreply.github.com>
Reviewed-by: @ngutman
 2026-03-12 12:39:22 +02:00
Ayaan Zaidi
8582cb08b5 fix: stop main-session UI replies inheriting channel routes (#43918) 2026-03-12 15:39:34 +05:30
glitch
8ea79b64d0 fix: preserve sandbox write payload stdin (#43876) 
Merged via squash.

Prepared head SHA: a10fd4b21c
Co-authored-by: glitch418x <189487110+glitch418x@users.noreply.github.com>
Co-authored-by: altaywtf <9790196+altaywtf@users.noreply.github.com>
Reviewed-by: @altaywtf
 2026-03-12 12:42:57 +03:00
jnMetaCode
f640326e31 fix(failover): add missing network errno patterns to text-based timeout classifier (#42830) 
Merged via squash.

Prepared head SHA: 91761487e8
Co-authored-by: jnMetaCode <12096460+jnMetaCode@users.noreply.github.com>
Co-authored-by: altaywtf <9790196+altaywtf@users.noreply.github.com>
Reviewed-by: @altaywtf
 2026-03-12 12:34:44 +03:00
Xaden Ryan
658bd54ecf feat(llm-task): add thinking override 
Co-authored-by: Xaden Ryan <165437834+xadenryan@users.noreply.github.com>
 2026-03-12 19:21:35 +11:00
Vincent Koc
f37815b323 Gateway: block profile mutations via browser.request (#43800) 
* Gateway: block profile mutations via browser.request

* Changelog: note GHSA-vmhq browser request fix

* Gateway: normalize browser.request profile guard paths
 2026-03-12 04:21:03 -04:00
Vincent Koc
46a332385d Gateway: keep spawned workspace overrides internal (#43801) 
* Gateway: keep spawned workspace overrides internal

* Changelog: note GHSA-2rqg agent boundary fix

* Gateway: persist spawned workspace inheritance in sessions

* Agents: clean failed lineage spawn state

* Tests: cover lineage attachment cleanup

* Tests: cover lineage thread cleanup
 2026-03-12 04:20:00 -04:00
Ayaan Zaidi
ed0ec57a7b fix: scope telegram polling restart to telegram errors (#43799) 
* fix: scope telegram polling restart to telegram errors

* fix: make telegram error tagging best-effort

* fix: scope telegram polling restart to telegram errors (#43799)
 2026-03-12 13:14:17 +05:30
Vincent Koc
82e3ac21ee Infra: tighten exec allowlist glob matching (#43798) 
* Infra: tighten exec allowlist glob matching

* Changelog: note GHSA-f8r2 exec allowlist fix
 2026-03-12 03:33:50 -04:00
Vincent Koc
d8ee97c466 Agents: recover malformed Anthropic-compatible tool call args (#42835) 
* Agents: recover malformed anthropic tool call args

* Agents: add malformed tool call regression test

* Changelog: note Kimi tool call arg recovery

* Agents: repair toolcall end message snapshots

* Agents: narrow Kimi tool call arg repair
 2026-03-12 03:28:22 -04:00
Josh Avant
0bcb95e8fa Models: enforce source-managed SecretRef markers in models.json (#43759) 
Merged via squash.

Prepared head SHA: 4a065ef5d8
Co-authored-by: joshavant <830519+joshavant@users.noreply.github.com>
Co-authored-by: joshavant <830519+joshavant@users.noreply.github.com>
Reviewed-by: @joshavant
 2026-03-12 02:22:52 -05:00
Mathias Nagler
e8a162d3d8 fix(mattermost): prevent duplicate messages when block streaming + threading are active (#41362) 
* fix(mattermost): prevent duplicate messages when block streaming + threading are active

Remove replyToId from createBlockReplyPayloadKey so identical content is
deduplicated regardless of threading target. Add explicit threading dock
to the Mattermost plugin with resolveReplyToMode reading from config
(default "all"), and add replyToMode to the Mattermost config schema.

Fixes #41219

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix(mattermost): address PR review — per-account replyToMode and test clarity

Read replyToMode from the merged per-account config via
resolveMattermostAccount so account-level overrides are honored in
multi-account setups. Add replyToMode to MattermostAccountConfig type.
Rename misleading test to clarify it exercises shouldDropFinalPayloads
short-circuit, not payload key dedup.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* Replies: keep block-pipeline reply targets distinct

* Tests: cover block reply target-aware dedupe

* Update CHANGELOG.md

---------

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
 2026-03-12 03:15:17 -04:00
Vincent Koc
241e8cc553 fix(bluebubbles): dedupe reflected self-chat duplicates (#38442) 
* BlueBubbles: drop reflected self-chat duplicates

* Changelog: add BlueBubbles self-chat echo dedupe entry

* BlueBubbles: gate self-chat cache and expand coverage

* BlueBubbles: require explicit sender ids for self-chat dedupe

* BlueBubbles: harden self-chat cache

* BlueBubbles: move self-chat cache identity into cache

* BlueBubbles: gate self-chat cache to confirmed outbound sends

* Update CHANGELOG.md

* BlueBubbles: bound self-chat cache input work

* Tests: cover BlueBubbles cache cap under cleanup throttle

* BlueBubbles: canonicalize self-chat DM scope

* Tests: cover BlueBubbles mixed self-chat scope aliases
 2026-03-12 03:11:43 -04:00
wangchunyue(王春跃)
6c196c913f fix(cron): prevent duplicate proactive delivery on transient retry (#40646) 
* fix(cron): prevent duplicate proactive delivery on transient retry

* refactor: scope skipQueue to retryTransient path only

Non-retrying direct delivery (structured content / thread) keeps the
write-ahead queue so recoverPendingDeliveries can replay after a crash.

Addresses review feedback from codex-connector.

* fix: preserve write-ahead queue on initial delivery attempt

The first call through retryTransientDirectCronDelivery now keeps the
write-ahead queue entry so recoverPendingDeliveries can replay after a
crash.  Only subsequent retry attempts set skipQueue to prevent
duplicate sends.

Addresses second codex-connector review on ea5ae5c.

* ci: retrigger checks

* Cron: bypass write-ahead queue for direct isolated delivery

* Tests: assert isolated cron skipQueue invariants

* Changelog: add cron duplicate-delivery fix entry

---------

Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
 2026-03-12 03:01:19 -04:00
lisitan
f3c00fce15 fix: prevent duplicate assistant messages in TUI (fixes #35278) (#35364) 
* fix: prevent duplicate assistant messages in TUI (fixes #35278)

When startAssistant() is called multiple times with the same runId,
it was creating duplicate AssistantMessageComponent instances instead
of reusing the existing one. This caused messages to appear twice in
the terminal UI.

The fix checks if a component already exists for the runId before
creating a new one. If it exists, we update its text instead of
appending a duplicate component.

Test coverage includes verification that:
- Only one component is created when startAssistant is called twice
- The second text replaces the first
- Component count remains 1 (prevents regression)

Generated with [Claude Code](https://claude.ai/code)
via [Happy](https://happy.engineering)

Co-Authored-By: Claude <noreply@anthropic.com>
Co-Authored-By: Happy <yesreply@happy.engineering>

* Changelog: add TUI duplicate-render fix entry

---------

Co-authored-by: 沐沐 <mumu@example.com>
Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Happy <yesreply@happy.engineering>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
 2026-03-12 02:59:42 -04:00
Vincent Koc
99ec687d7a fix(agents): enforce sandboxed session_status visibility (#43754) 
* agents: guard sandboxed session_status access

* test(agents): cover sandboxed session_status scope

* docs(changelog): credit session_status hardening

* agents: preflight sandboxed session_status checks

* test(agents): cover session_status existence oracle

* agents: preserve legacy session_status tree keys

* test(agents): cover legacy session_status tree keys

* Update CHANGELOG.md
 2026-03-12 02:54:25 -04:00
Vincent Koc
12dc299cde fix(imessage): dedupe reflected self-chat duplicates (#38440) 
* iMessage: drop reflected self-chat duplicates

* Changelog: add iMessage self-chat echo dedupe entry

* iMessage: keep self-chat dedupe scoped to final group identity

* iMessage: harden self-chat cache

* iMessage: sanitize self-chat duplicate logs

* iMessage: scope group self-chat dedupe by sender

* iMessage: move self-chat cache identity into cache

* iMessage: hash full self-chat text

* Update CHANGELOG.md
 2026-03-12 02:27:35 -04:00
Luke
8baf55d8ed Changelog: note Reminders permission fix 2026-03-12 17:01:42 +11:00
Ayaan Zaidi
f7416da905 style: format changelog 2026-03-12 11:28:27 +05:30
Vincent Koc
99a5a3c16a Update CHANGELOG.md 2026-03-12 01:37:33 -04:00
Vincent Koc
672924b01e Update CHANGELOG.md 2026-03-12 01:36:16 -04:00
Vincent Koc
4f462facda Infra: cap device tokens to approved scopes (#43686) 
* Infra: cap device tokens to approved scopes

* Changelog: note device token hardening
 2026-03-12 01:25:52 -04:00
Vincent Koc
2504cb6a1e Security: escape invisible exec approval format chars (#43687) 
* Infra: escape invisible exec approval chars

* Gateway: sanitize exec approval display text

* Tests: cover sanitized exec approval payloads

* Tests: cover sanitized exec approval forwarding

* Changelog: note exec approval prompt hardening
 2026-03-12 01:20:04 -04:00
Vincent Koc
1dcef7b644 Infra: block GIT_EXEC_PATH in host env sanitizer (#43685) 
* Infra: block GIT_EXEC_PATH in host env sanitizer

* Changelog: note host env hardening
 2026-03-12 01:16:03 -04:00
Vincent Koc
18f15850e6 fix(browser): restore proxy attachment media size cap (#43684) 
* browser: honor shared proxy file size cap

* test(browser): cover proxy file size cap

* docs(changelog): note browser proxy size cap fix
 2026-03-12 01:04:31 -04:00
Peter Steinberger
29dc65403f build: prepare 2026.3.11 release 2026-03-12 05:01:07 +00:00
Ayaan Zaidi
fbc1bd6f8e fix: clear telegram polling cleanup timers 2026-03-12 09:36:04 +05:30
Toven
ade748176f OpenRouter: surface free Hunter and Healer stealth models for the next week (#43642) 
* Models: add temporary Hunter and Healer alpha to OpenRouter catalog

* Add temporary OpenRouter stealth catalog entries

---------

Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-03-11 22:58:48 -05:00
Peter Steinberger
1fcee52a5c docs: reorder unreleased changelog by user impact 2026-03-12 03:42:39 +00:00
David Rudduck
f01c41b27a fix(context-engine): guard compact() throw + fire hooks for ownsCompaction engines (#41361) 
Merged via squash.

Prepared head SHA: 0957b32dc6
Co-authored-by: davidrudduck <47308254+davidrudduck@users.noreply.github.com>
Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com>
Reviewed-by: @jalehman
 2026-03-11 20:19:20 -07:00
Frank Yang
5231277163 fix(acp): rehydrate restarted main ACP sessions (#43285) 
Merged via squash.

Prepared head SHA: f06318e58f
Co-authored-by: frankekn <4488090+frankekn@users.noreply.github.com>
Co-authored-by: frankekn <4488090+frankekn@users.noreply.github.com>
Reviewed-by: @frankekn
 2026-03-12 11:05:09 +08:00
Robin Waslander
ebed3bbde1 fix(gateway): enforce browser origin check regardless of proxy headers 
In trusted-proxy mode, enforceOriginCheckForAnyClient was set to false
whenever proxy headers were present. This allowed browser-originated
WebSocket connections from untrusted origins to bypass origin validation
entirely, as the check only ran for control-ui and webchat client types.

An attacker serving a page from an untrusted origin could connect through
a trusted reverse proxy, inherit proxy-injected identity, and obtain
operator.admin access via the sharedAuthOk / roleCanSkipDeviceIdentity
path without any origin restriction.

Remove the hasProxyHeaders exemption so origin validation runs for all
browser-originated connections regardless of how the request arrived.

Fixes GHSA-5wcw-8jjv-m286
 2026-03-12 01:16:52 +01:00
Robin Waslander
3c0fd3dffe fix(daemon): replace bootout with kickstart -k for launchd restarts on macOS 
On macOS, launchctl bootout permanently unloads the LaunchAgent plist.
Even with KeepAlive: true, launchd cannot respawn a service whose plist
has been removed from its registry. This left users with a dead gateway
requiring manual 'openclaw gateway install' to recover.

Affected trigger paths:
- openclaw gateway restart from an agent session (#43311)
- SIGTERM on config reload (#43406)
- Gateway self-restart via SIGTERM (#43035)
- Hot reload on channel config change (#43049)

Switch restartLaunchAgent() to launchctl kickstart -k, which force-kills
and restarts the service without unloading the plist. When the restart
originates from inside the launchd-managed process tree, delegate to a
new detached handoff helper (launchd-restart-handoff.ts) to avoid the
caller being killed mid-command. Self-restart paths in process-respawn.ts
now schedule the detached start-after-exit handoff before exiting instead
of relying on exit/KeepAlive timing.

Fixes #43311, #43406, #43035, #43049
 2026-03-12 01:16:49 +01:00
Vincent Koc
b6d83749c8 fix(terminal): sanitize skills JSON and fallback on legacy Windows (#43520) 
* Terminal: use ASCII borders on legacy Windows consoles

* Skills: sanitize JSON output for control bytes

* Changelog: credit terminal follow-up fixes

* Update CHANGELOG.md

* Update CHANGELOG.md

Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>

* Skills: strip remaining escape sequences from JSON output

---------

Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
 2026-03-11 19:53:07 -04:00
zhoulf1006
453c8d7c1b fix(hooks): add missing trigger and channelId to agent_end, llm_input, and llm_output hook contexts (#42362) 
Merged via squash.

Prepared head SHA: e6d7b7e31a
Co-authored-by: zhoulf1006 <35586967+zhoulf1006@users.noreply.github.com>
Co-authored-by: hydro13 <6640526+hydro13@users.noreply.github.com>
Reviewed-by: @hydro13
 2026-03-11 23:40:13 +01:00
Gustavo Madeira Santana
d79ca52960 Memory: add multimodal image and audio indexing (#43460) 
Merged via squash.

Prepared head SHA: a994c07190
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-03-11 22:28:34 +00:00
Harold Hunt
20d097ac2f Gateway/Dashboard: surface config validation issues (#42664) 
Merged via squash.

Prepared head SHA: 43f66cdcf0
Co-authored-by: huntharo <5617868+huntharo@users.noreply.github.com>
Co-authored-by: huntharo <5617868+huntharo@users.noreply.github.com>
Reviewed-by: @huntharo
 2026-03-11 17:32:41 -04:00
Peter Steinberger
9c81c31232 chore: refresh dependencies except carbon 2026-03-11 20:10:33 +00:00
Squabble9
128e5bc317 fix: recognize Venice 402 billing errors for model fallback (#43205) 
Merged via squash.

Prepared head SHA: 1f6b10b9d9
Co-authored-by: Squabble9 <194720422+Squabble9@users.noreply.github.com>
Co-authored-by: altaywtf <9790196+altaywtf@users.noreply.github.com>
Reviewed-by: @altaywtf
 2026-03-11 22:15:32 +03:00