github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-23 19:38:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
14,838 Commits 702 Branches 79 Tags
a6efcd2f36949fc7c8aba9d514427eb036dd32da
Commit Graph

722 Commits

Author SHA1 Message Date
Gustavo Madeira Santana
a6efcd2f36 Matrix-js: dedupe monitor types and stabilize verification test 2026-02-25 17:27:59 -05:00
Gustavo Madeira Santana
3c52124ca7 Matrix-js: fix pnpm check typing regressions 2026-02-25 17:22:09 -05:00
Gustavo Madeira Santana
78354f14a5 Matrix-js: harden user verification routing and guidance 2026-02-25 16:56:35 -05:00
Gustavo Madeira Santana
2f57931f8a Matrix-js: fix user verification chat flow 2026-02-25 16:41:34 -05:00
Gustavo Madeira Santana
1f6e2a522a Matrix-js: dedupe verify CLI flow and align logger with runtime 2026-02-25 16:28:16 -05:00
Gustavo Madeira Santana
ad86d24834 Matrix-js: align backup status issue and guidance 2026-02-25 16:21:33 -05:00
Gustavo Madeira Santana
204b64dbbc Matrix-js: persist backup key cache before verify exit 2026-02-25 16:12:11 -05:00
Gustavo Madeira Santana
97c52c4c05 Matrix-js: show explicit backup issue in verify status 2026-02-25 16:07:09 -05:00
Gustavo Madeira Santana
51471a20b0 Matrix-js: silence sdk debug logs in non-verbose verify 2026-02-25 16:02:04 -05:00
Gustavo Madeira Santana
e74ea8a5d8 Matrix-js: quiet verify logs unless verbose 2026-02-25 15:58:49 -05:00
Gustavo Madeira Santana
6f3bc211d9 Matrix-js: add verbose verify output and docs 2026-02-25 15:54:42 -05:00
Gustavo Madeira Santana
341d949632 Matrix-js: add backup restore and status guidance 2026-02-25 15:48:46 -05:00
Gustavo Madeira Santana
5598535aa9 matrix-js: enable key backup creation in verify bootstrap 2026-02-25 15:34:41 -05:00
Gustavo Madeira Santana
950fd1913f matrix-js: show local-time verification timestamps via shared formatter 2026-02-25 15:26:00 -05:00
Gustavo Madeira Santana
7a44a6370d matrix-js: stabilize verification flow and rename verify device command 2026-02-25 15:10:26 -05:00
Gustavo Madeira Santana
e2e64ba04d Merge remote-tracking branch 'origin/main' into codex/pr-12077-matrix-plugin 
# Conflicts:
#	extensions/matrix/package.json
#	extensions/matrix/src/matrix/monitor/events.ts
#	extensions/matrix/src/matrix/send.ts
#	pnpm-lock.yaml
 2026-02-25 12:34:29 -05:00
Brian Mendonca
107bda27c9 security(msteams): isolate group allowlist from pairing-store entries 2026-02-25 04:49:52 +00:00
Brian Mendonca
d1bed505c5 security(irc): isolate group allowlist from DM pairing store 2026-02-25 04:48:43 +00:00
Brian Mendonca
0a58328217 security(nextcloud-talk): isolate group allowlist from pairing-store entries 2026-02-25 04:47:46 +00:00
Brian Mendonca
09200b3c10 security(nextcloud-talk): reject unsigned webhooks before body read 2026-02-25 04:45:59 +00:00
Shakker
2652bb1d7d Release: sync plugin versions to 2026.2.25 2026-02-25 04:19:59 +00:00
Peter Steinberger
d42ef2ac62 refactor: consolidate typing lifecycle and queue policy 2026-02-25 02:16:03 +00:00
Peter Steinberger
e0201c2774 fix: keep channel typing active during long inference (#25886, thanks @stakeswky) 
Co-authored-by: stakeswky <stakeswky@users.noreply.github.com>
 2026-02-25 02:03:27 +00:00
Peter Steinberger
7dfac70185 fix(synology-chat): land @bmendonca3 fail-closed allowlist follow-up (#25827) 
Carry fail-closed empty-allowlist guard clarity and changelog attribution for PR #25827.

Co-authored-by: Brian Mendonca <brianmendonca@Brians-MacBook-Air.local>
 2026-02-25 01:19:43 +00:00
Peter Steinberger
8470dff619 chore(deps): update dependencies except carbon 2026-02-25 01:10:36 +00:00
Peter Steinberger
b0bb3cca8a test(types): fix ts narrowing regressions in followup and matrix queue tests 2026-02-24 23:54:51 +00:00
Brian Mendonca
a3c4f56b0b security(voice-call): detect Telnyx webhook replay 2026-02-24 23:50:30 +00:00
Peter Steinberger
53f9b7d4e7 fix(automation): harden announce delivery + cron coding profile (#25813 #25821 #25822) 
Co-authored-by: Shawn <shenghuikevin@shenghuideMac-mini.local>
Co-authored-by: 不做了睡大觉 <user@example.com>
Co-authored-by: Marcus Widing <widing.marcus@gmail.com>
 2026-02-24 23:49:34 +00:00
Peter Steinberger
453664f09d refactor(zalo): split monitor access and webhook logic 2026-02-24 23:40:51 +00:00
Peter Steinberger
58309fd8d9 refactor(matrix,tests): extract helpers and inject send-queue timing 2026-02-24 23:37:50 +00:00
Peter Steinberger
a2529c25ff test(matrix,discord,sandbox): expand breakage regression coverage 2026-02-24 23:37:50 +00:00
Peter Steinberger
b4010a0b62 fix(zalo): enforce group sender policy in groups 2026-02-24 23:30:43 +00:00
Peter Steinberger
9fccf60733 refactor(synology-chat): centralize DM auth and fail fast startup 2026-02-24 23:28:40 +00:00
Peter Steinberger
e7a5f9f4d8 fix(channels,sandbox): land hard breakage cluster from reviewed PR bases 
Lands reviewed fixes based on #25839 (@pewallin), #25841 (@joshjhall), and #25737/@25713 (@DennisGoldfinger/@peteragility), with additional hardening + regression tests for queue cleanup and shell script safety.

Fixes #25836
Fixes #25840
Fixes #25824
Fixes #25868

Co-authored-by: Peter Wallin <pwallin@gmail.com>
Co-authored-by: Joshua Hall <josh@yaplabs.com>
Co-authored-by: Dennis Goldfinger <dennisgoldfinger@gmail.com>
Co-authored-by: peteragility <peteragility@users.noreply.github.com>
 2026-02-24 23:27:56 +00:00
Peter Steinberger
0ee30361b8 fix(synology-chat): fail closed empty allowlist 2026-02-24 23:18:17 +00:00
Peter Steinberger
d3da67c7a9 fix(security): lock sandbox tmp media paths to openclaw roots 2026-02-24 23:10:19 +00:00
Shakker
955cc9029f chore: sync plugin versions to 2026.2.24 2026-02-24 22:45:46 +00:00
justinhuangcode
0ded77ca7d test(matrix): add regression tests for reasoning-only reply filtering 
Verify that deliverMatrixReplies skips replies whose text starts with
"Reasoning:\n" or opens with <thinking>/<think>/<antthinking> tags, while
still delivering all normal replies.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-24 04:36:27 +00:00
justinhuangcode
1298bd4e1b fix(matrix): skip reasoning-only messages in reply delivery 
When `includeReasoning` is active (or `reasoningLevel` falls back to the
model default), the agent emits reasoning blocks as separate reply
payloads prefixed with "Reasoning:\n".  Matrix has no dedicated reasoning
lane, so these internal thinking traces leak into the chat as regular
user-visible messages.

Filter out pure-reasoning payloads (those starting with "Reasoning:\n" or
a `<thinking>` tag) before delivery so internal reasoning never reaches
the Matrix room.

Fixes #24411

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-24 04:36:27 +00:00
Shennan
a7518b7589 fix(feishu): pass parentPeer for topic session binding inheritance 
(cherry picked from commit bddeb1fd95)
 2026-02-24 04:33:51 +00:00
Marcus Castro
dd41a78458 fix(bluebubbles): pass SSRF policy for localhost attachment downloads (#24457) 
(cherry picked from commit aff64567c7)
 2026-02-24 04:06:57 +00:00
SidQin-cyber
9d3bd50990 fix(otel): use protobuf OTLP exporters instead of JSON/HTTP 
The diagnostics-otel extension validates that protocol is "http/protobuf"
but was importing JSON-based `-http` exporters. This caused silent failures
with backends like VictoriaMetrics that only accept protobuf-encoded OTLP.

Switch all three exporter imports (metrics, traces, logs) from
`@opentelemetry/exporter-*-otlp-http` to `@opentelemetry/exporter-*-otlp-proto`.

Fixes #24942

Co-authored-by: Cursor <cursoragent@cursor.com>
(cherry picked from commit f5c0bf0497)
 2026-02-24 04:04:35 +00:00
Peter Steinberger
6c1ed9493c fix: harden queue retry debounce and add regression tests 2026-02-24 03:52:49 +00:00
Sid
f5cab29ec7 fix(synology-chat): deregister stale webhook route before re-registering on restart (#24971) 
When the Synology Chat plugin restarts (auto-restart or health monitor),
startAccount is called again without calling the previous stop(). The
HTTP route is still registered, so registerPluginHttpRoute returns a
no-op unregister function and logs "already registered". This triggers
another restart, creating an infinite loop.

Store the unregister function at module level keyed by account+path.
Before registering, check for and call any stale unregister from the
previous start cycle, ensuring a clean slate for route registration.

Fixes #24894

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-24 03:33:47 +00:00
Peter Steinberger
1d28da55a5 fix(voice-call): block Twilio webhook replay and stale transitions 2026-02-24 02:37:24 +00:00
Peter Steinberger
161d9841dc refactor(security): unify dangerous name matching handling 2026-02-24 01:33:08 +00:00
Peter Steinberger
6a7c303dcc test(msteams): fix allowlist name-match expectations 2026-02-24 01:26:53 +00:00
Peter Steinberger
cfa44ea6b4 fix(security): make allowFrom id-only by default with dangerous name opt-in (#24907) 
* fix(channels): default allowFrom to id-only; add dangerous name opt-in

* docs(security): align channel allowFrom docs with id-only default
 2026-02-24 01:01:51 +00:00
Peter Steinberger
0183610db3 refactor: de-duplicate channel runtime and payload helpers 2026-02-23 21:25:28 +00:00
Peter Steinberger
75423a00d6 refactor: deduplicate shared helpers and test setup 2026-02-23 20:40:44 +00:00