github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-04-19 00:37:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
12,159 Commits 702 Branches 79 Tags
b05e89e5e6051fbc5d455f8cdbc8c57fc1acf1fe
Commit Graph

24 Commits

Author SHA1 Message Date
Peter Steinberger
b05e89e5e6 fix(agents): make image sanitization dimension configurable 2026-02-18 00:54:20 +01:00
Sebastian
f924ab40d8 revert(tools): undo accidental merge of PR #18584 2026-02-16 21:13:48 -05:00
Peter Steinberger
563df56389 Revert "config: align memory hybrid UI metadata with schema labels/help" 
This reverts commit 7d8d8c338b.
 2026-02-17 02:24:48 +01:00
Peter Steinberger
076df941a3 feat: add configurable tool loop detection 2026-02-17 00:17:01 +01:00
尹凯
e997545d4b fix(discord): apply proxy to app-id and allowlist REST lookups 2026-02-17 00:02:09 +01:00
Rodrigo Uroz
7d8d8c338b config: align memory hybrid UI metadata with schema labels/help 2026-02-16 23:59:19 +01:00
Colin
89ce1460e1 feat(slack): add configurable stream modes 2026-02-16 23:50:42 +01:00
smartprogrammer93
fc6d53c895 fix: correct import path in test and restore deleted schema help entries 2026-02-16 23:50:18 +01:00
smartprogrammer93
6d2e3685d6 feat(tools): add URL allowlist for web_search and web_fetch 
Add optional urlAllowlist config at tools.web level that restricts which
URLs can be accessed by web tools:

- Config types (types.tools.ts): Add urlAllowlist?: string[] to tools.web
- Zod schema: Add urlAllowlist field to ToolsWebSchema
- Schema help: Add help text for the new config fields
- web_search: Filter Brave search results by allowlist (provider=brave)
- web_fetch: Block URLs not matching allowlist before fetching
- ssrf.ts: Export normalizeHostnameAllowlist and matchesHostnameAllowlist

URL matching supports:
- Exact domain match (example.com)
- Wildcard patterns (*.github.com)

When urlAllowlist is not configured, all URLs are allowed (backwards compatible).

Tests: Add web-tools.url-allowlist.test.ts with 23 tests covering:
- URL allowlist resolution from config
- Wildcard pattern matching
- web_fetch error response format
- Brave search result filtering
 2026-02-16 23:50:18 +01:00
Shadow
72e228e14b Heartbeat: allow suppressing tool warnings (#18497) 
* Heartbeat: allow suppressing tool warnings

* Changelog: note heartbeat tool-warning suppression
 2026-02-16 13:29:24 -06:00
Gustavo Madeira Santana
8a67016646 Agents: raise bootstrap total cap and warn on /context truncation (#18229) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: f6620526df
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-02-16 12:04:53 -05:00
Peter Steinberger
c6c53437f7 fix(security): scope session tools and webhook secret fallback 2026-02-16 03:47:10 +01:00
Shadow
9203a2fdb1 Discord: CV2! (#16364) 2026-02-15 10:24:53 -06:00
Ayaan Zaidi
a69e82765f fix(telegram): stream replies in-place without duplicate final sends 2026-02-15 20:32:51 +05:30
Vai
2c8b921054 feat: add messages.suppressToolErrors config option (#16620) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 9ae4394b81
Co-authored-by: vai-oro <258511217+vai-oro@users.noreply.github.com>
Co-authored-by: sebslight <19554889+sebslight@users.noreply.github.com>
Reviewed-by: @sebslight
 2026-02-14 22:28:58 -05:00
Peter Steinberger
cf04208cb9 fix(allowlist): canonicalize Slack/Discord allowFrom 2026-02-15 03:46:16 +01:00
Peter Steinberger
f9bb748a6c fix(memory): prevent QMD scope deny bypass 2026-02-15 02:41:45 +00:00
Peter Steinberger
4a44da7d91 fix(security): default apply_patch workspace containment 2026-02-15 03:19:27 +01:00
Charlie Greenman
dec6859702 agents: reduce prompt token bloat from exec and context (#16539) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 8e1635fa3f
Co-authored-by: CharlieGreenman <8540141+CharlieGreenman@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-02-14 18:32:45 -05:00
Peter Steinberger
5e7c3250cb fix(security): add optional workspace-only path guards for fs tools 2026-02-14 23:50:24 +01:00
Peter Steinberger
47b6cde8ca refactor(config): add dmPolicy aliases for Slack/Discord 2026-02-14 21:04:27 +01:00
Shadow
6acea69b20 Discord: refine presence config defaults (#10855) (thanks @h0tp-ftw) 2026-02-13 13:34:19 -06:00
Shadow
5645f227f6 Discord: add gateway proxy docs and tests (#10400) (thanks @winter-loo) 2026-02-13 13:26:51 -06:00
Henry Loenwind
96318641d8 fix: Finish credential redaction that was merged unfinished (#13073) 
* Squash

* Removed unused files

Not mine, someone merged that stuff in earlier.

* fix: patch redaction regressions and schema breakages

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
 2026-02-13 16:19:21 +01:00