github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-11 01:04:32 +00:00
Code Issues Packages Projects Releases Wiki Activity
10,731 Commits 702 Branches 79 Tags
893d2fb862c1b05da062f3bc66a1c51a7c8cc234
Commit Graph

6139 Commits

Author SHA1 Message Date
Conroy Whitney
08886eaaa3 test: add DST boundary test for timestamp injection 
Verifies that America/New_York correctly resolves to midnight for
both EST (winter, UTC-5) and EDT (summer, UTC-4) using the same
IANA timezone. Intl.DateTimeFormat handles the DST transition.
 2026-01-31 09:47:27 -06:00
Conroy Whitney
bbf2205640 feat(gateway): inject timestamps into chat.send (webchat/TUI) 
The chat.send handler (used by webchat and TUI) is a separate path
from the agent handler. Inject timestamp into BodyForAgent (what the
model sees) while keeping Body raw for UI display.

This completes timestamp coverage for all non-channel paths:
- agent handler: spawned subagents, sessions_send, heartbeats
- chat.send: webchat, TUI
 2026-01-31 09:47:27 -06:00
Conroy Whitney
582a4e261a feat(gateway): inject timestamps into agent handler messages 
Messages arriving through the gateway agent method (TUI, web, spawned
subagents, sessions_send, heartbeats) now get a timestamp prefix
automatically. This gives all agent contexts date/time awareness
without modifying the system prompt (which is cached for stability).

Channel messages (Discord, Telegram, etc.) already have timestamps
via envelope formatting in a separate code path and never reach
the agent handler, so there is no double-stamping risk.

Cron jobs also inject their own 'Current time:' prefix and are
detected and skipped.

Extracted as a pure function (injectTimestamp) with 12 unit tests
covering: timezone handling, 12/24h format, midnight boundaries,
envelope detection, cron detection, and empty messages.

Integration test verifies the agent handler wires it in correctly.

Closes #3658
Refs: #1897, #1928, #2108
 2026-01-31 09:47:27 -06:00
Josh Palmer
7a6c40872d Agents: add system prompt safety guardrails (#5445) 
* 🤖 agents: add system prompt safety guardrails

What:
- add safety guardrails to system prompt
- update system prompt docs
- update prompt tests

Why:
- discourage power-seeking or self-modification behavior
- clarify safety/oversight priority when conflicts arise

Tests:
- pnpm lint (pass)
- pnpm build (fails: DefaultResourceLoader missing in pi-coding-agent)
- pnpm test (not run; build failed)

* 🤖 agents: tighten safety wording for prompt guardrails

What:
- scope safety wording to system prompts/safety/tool policy changes
- document Safety inclusion in minimal prompt mode
- update safety prompt tests

Why:
- avoid blocking normal code changes or PR workflows
- keep prompt mode docs consistent with implementation

Tests:
- pnpm lint (pass)
- pnpm build (fails: DefaultResourceLoader missing in pi-coding-agent)
- pnpm test (not run; build failed)

* 🤖 docs: note safety guardrails are soft

What:
- document system prompt safety guardrails as advisory
- add security note on prompt guardrails vs hard controls

Why:
- clarify threat model and operator expectations
- avoid implying prompt text is an enforcement layer

Tests:
- pnpm lint (pass)
- pnpm build (fails: DefaultResourceLoader missing in pi-coding-agent)
- pnpm test (not run; build failed)
 2026-01-31 15:50:15 +01:00
cpojer
59cfff02f6 chore: Emit TypeScript declaration files so that we can type-check the extensions folder soon. 2026-01-31 21:57:21 +09:00
Peter Steinberger
1287328b6f feat: add MiniMax OAuth plugin (#4521) (thanks @Maosghoul) 2026-01-31 12:42:45 +01:00
cpojer
76361ae3ab revert: Switch back to tsc for compiling. 2026-01-31 18:31:49 +09:00
Peter Steinberger
ddc5683c67 fix: resolve workspace templates from package root 2026-01-31 09:07:49 +00:00
cpojer
4b7406719c fix: Update a few more entry.js to entry.mjs paths. 2026-01-31 17:45:00 +09:00
cpojer
ed65131c1c fix: Also build entry.ts into dist/entry.mjs. 2026-01-31 17:26:39 +09:00
cpojer
86d38c2d82 chore: Oops, "long" is actually used + fix TypeScript error. 2026-01-31 17:12:28 +09:00
Peter Steinberger
ee26b68fe1 fix: lint cleanups 2026-01-31 07:59:01 +00:00
Peter Steinberger
a42e1c82d9 fix: restore tsc build and plugin install tests 2026-01-31 07:54:15 +00:00
cpojer
c4feb7a457 chore: Fix TypeScript errors 5/n. 2026-01-31 16:49:55 +09:00
cpojer
9e908ad6be chore: Fix TypeScript errors 4/n. 2026-01-31 16:48:44 +09:00
cpojer
3282d22dd9 chore: Fix TypeScript errors 3/n. 2026-01-31 16:47:03 +09:00
cpojer
952b0f8c48 chore: Fix TypeScript errors 2/n. 2026-01-31 16:42:40 +09:00
cpojer
e5eb9610dc chore: Fix TypeScript errors 1/n. 2026-01-31 16:38:03 +09:00
cpojer
5ceff756e1 chore: Enable "curly" rule to avoid single-statement if confusion/errors. 2026-01-31 16:19:20 +09:00
cpojer
009b16fab8 chore: more lint cleanup. 2026-01-31 16:16:13 +09:00
cpojer
b7e401b6b6 chore: Enable no-useless-concat (removing the lint rule from the disabled list automatically enables it because it is in the "suspicious" group). 2026-01-31 16:08:56 +09:00
cpojer
9c4cbaab7b chore: Enable eslint/no-unused-vars. 2026-01-31 16:06:39 +09:00
cpojer
15792b153f chore: Enable more lint rules, disable some that trigger a lot. Will clean up later. 2026-01-31 16:04:04 +09:00
Peter Steinberger
481f696a87 chore: reorder auth provider list 2026-01-31 08:02:45 +01:00
cpojer
7a9ddcd590 chore: Enable some "perf" lint rules. 2026-01-31 15:58:24 +09:00
Mario Zechner
cbc405c9e3 Agents: update pi-coding-agent API usage 2026-01-31 07:35:52 +01:00
Peter Steinberger
51e72d41c2 fix: restore embedded extension discovery typings 2026-01-31 06:33:32 +00:00
Mario Zechner
72ea3eedc9 Tests: inline mock classes in vi.mock factory 2026-01-31 07:31:00 +01:00
cpojer
a00e0bc189 Lint. 2026-01-31 15:28:11 +09:00
cpojer
67945e8d62 chore: Switch from TypeScript to build with tsdown, speeds up pnpm build by 5-10x. 2026-01-31 15:25:37 +09:00
Peter Steinberger
d2a852b982 fix: align embedded session setup with sdk 2026-01-31 06:22:24 +00:00
Peter Steinberger
ded95d5c70 test: update config candidate order expectation 2026-01-31 06:18:17 +00:00
Mario Zechner
a441059761 Tests: fix models list mock lint 2026-01-31 07:16:34 +01:00
cpojer
84ac889e22 Fix lint. 2026-01-31 15:10:32 +09:00
Peter Steinberger
e9f0be06eb fix: repair docker build typing 2026-01-31 06:50:56 +01:00
Peter Steinberger
08ed62852a chore: update deps and pi model discovery 2026-01-31 06:45:57 +01:00
Shakker
3c8fa0f913 fix: remove unused variables and fix template literal type 2026-01-31 05:18:27 +00:00
Shakker
b1d25ed0dd feat: automated completion setup in postinstall and onboarding 2026-01-31 05:18:27 +00:00
Shakker
48aaf6ce4e fix: suppress banner and doctor checks for completion command 2026-01-31 05:18:27 +00:00
Shakker
beafaef92f feat: implement completion command and shell generators 2026-01-31 05:18:27 +00:00
Shakker
14c77f8295 feat: add completion subcommand to generate shell completion scripts for Zsh, Bash, PowerShell, and Fish. 2026-01-31 05:18:27 +00:00
Mario Zechner
bf15d0a3f5 Auth: switch Kimi Coding to built-in provider 2026-01-31 06:04:10 +01:00
Mario Zechner
ca47b0d79c OAuth: normalize profile email 2026-01-31 05:26:18 +01:00
Mario Zechner
9b1a6b30d9 Tests: update pi SDK mocks 2026-01-31 05:23:53 +01:00
Ayaan Zaidi
310eed825e fix: preserve delivery thread fallback (#4911) (thanks @yevhen) 2026-01-31 09:31:40 +05:30
Yevhen Bobrov
a642ca4ea8 Fix telegram threadId in deliveryContext 2026-01-31 09:31:40 +05:30
Ayaan Zaidi
e849df64dc fix: normalize telegram account token lookup (#5055) (thanks @jasonsschin) 2026-01-31 08:58:04 +05:30
jasonsschin
e913de0720 Fix Telegram token resolution for non-normalized accountId keys 2026-01-31 08:58:04 +05:30
Mario Zechner
c0a6e675a3 Agents: update pi dependencies to 0.50.7 2026-01-31 04:20:12 +01:00
Evan Otero
c67df653b6 fix(security): restrict local path extraction in media parser to prevent LFI (#4880) 
* Media: restrict local path extraction to prevent LFI

* Lint: remove unused variable hasValidMediaOnLine
 2026-01-31 03:44:11 +01:00