github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-08 05:41:24 +00:00
Code Issues Packages Projects Releases Wiki Activity
10,830 Commits 702 Branches 79 Tags
b74c3d80cc585db9f072c6f2fbb7bd37db921064
Commit Graph

1839 Commits

Author SHA1 Message Date
Burak Sormageç
d7fb01afad fix(windows): resolve command execution and binary detection issues 2026-02-13 17:48:04 +01:00
Peter Steinberger
1eccfa8934 perf(test): trim duplicate e2e suites and harden signal hooks 2026-02-13 16:46:43 +00:00
Peter Steinberger
aa7fbf0488 perf(test): trim duplicate sanitize-session-history e2e cases 2026-02-13 16:21:59 +00:00
Peter Steinberger
b272158fe4 perf(test): eliminate resetModules via injectable seams 2026-02-13 16:20:37 +00:00
Peter Steinberger
c2f7b66d22 perf(test): replace module resets with direct spies and runtime seams 2026-02-13 16:04:49 +00:00
Peter Steinberger
767fd9f222 fix: classify /tools/invoke errors and sanitize 500s (#13185) (thanks @davidrudduck) 2026-02-13 16:58:30 +01:00
Peter Steinberger
de7d94d9e2 perf(test): remove resetModules from config/sandbox/message suites 2026-02-13 15:58:08 +00:00
Peter Steinberger
02fe0c840e perf(test): remove resetModules from auth/models/subagent suites 2026-02-13 15:53:32 +00:00
Ahmad Bitar
c179f71f42 feat: Android companion app improvements & gateway URL camera payloads (#13541) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 9c179c9c31
Co-authored-by: smartprogrammer93 <33181301+smartprogrammer93@users.noreply.github.com>
Co-authored-by: steipete <58493+steipete@users.noreply.github.com>
Reviewed-by: @steipete
 2026-02-13 16:49:28 +01:00
Peter Steinberger
31c6a12cfa fix(agents): restore missing runtime helpers and sandbox types 2026-02-13 15:42:05 +00:00
davidbors-snyk
29d7839582 fix: execute sandboxed file ops inside containers (#4026) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 795ec6aa2f
Co-authored-by: davidbors-snyk <240482518+davidbors-snyk@users.noreply.github.com>
Co-authored-by: steipete <58493+steipete@users.noreply.github.com>
Reviewed-by: @steipete
 2026-02-13 16:29:10 +01:00
loiie45e
2e04630105 openai-codex: add gpt-5.3-codex-spark forward-compat model (#15174) 
Merged via maintainer flow after rebase + local gates.

Prepared head SHA: 6cac87cbf9

Co-authored-by: loiie45e <15420100+loiie45e@users.noreply.github.com>
Co-authored-by: mbelinky <2406260+mbelinky@users.noreply.github.com>
 2026-02-13 15:21:07 +00:00
Tonic
08b7932df0 feat(agents) : Hugging Face Inference provider first-class support and Together API fix and Direct Injection Refactor Auths [AI-assisted] (#13472) 
* initial commit

* removes assesment from docs

* resolves automated review comments

* resolves lint , type , tests , refactors , and submits

* solves : why do we have to lint the tests xD

* adds greptile fixes

* solves a type error

* solves a ci error

* refactors auths

* solves a failing test after i pulled from main lol

* solves a failing test after i pulled from main lol

* resolves token naming issue to comply with better practices when using hf / huggingface

* fixes curly lints !

* fixes failing tests for google api from main

* solve merge conflicts

* solve failing tests with a defensive check 'undefined' openrouterapi key

* fix: preserve Hugging Face auth-choice intent and token behavior (#13472) (thanks @Josephrp)

* test: resolve auth-choice cherry-pick conflict cleanup (#13472)

---------

Co-authored-by: Cursor <cursoragent@cursor.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
 2026-02-13 16:18:16 +01:00
Peter Steinberger
a7d6e44719 perf(test): reduce test startup overhead 2026-02-13 14:48:45 +00:00
Peter Steinberger
3bcde8df32 fix: finalize vLLM onboarding integration (#12577) (thanks @gejifeng) 2026-02-13 15:48:37 +01:00
gejifeng
03c502ef31 lint: fix unused imports and onboarding preferred provider 2026-02-13 15:48:37 +01:00
gejifeng
94d5411f11 fix: remove duplicate TOGETHER_BASE_URL 2026-02-13 15:48:37 +01:00
gejifeng
3e7956b008 fix code review 2026-02-13 15:48:37 +01:00
gejifeng
0472dd68f0 fix code review 2026-02-13 15:48:37 +01:00
gejifeng
e73d881c50 Onboarding: add vLLM provider support 2026-02-13 15:48:37 +01:00
Yaxuan42
54bf5d0f41 feat(web-fetch): support Cloudflare Markdown for Agents (#15376) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: d0528dc429
Co-authored-by: Yaxuan42 <184813557+Yaxuan42@users.noreply.github.com>
Co-authored-by: steipete <58493+steipete@users.noreply.github.com>
Reviewed-by: @steipete
 2026-02-13 15:46:20 +01:00
Peter Steinberger
9131b22a28 test: migrate suites to e2e coverage layout 2026-02-13 14:28:22 +00:00
Peter Steinberger
990413534a fix: land multi-agent session path fix + regressions (#15103) (#15448) 
Co-authored-by: Josh Lehman <josh@martian.engineering>
 2026-02-13 14:17:24 +01:00
JINNYEONG KIM
94763cd87d Fix OpenAI/Codex tool call id sanitization for transcript policy (#15279) 2026-02-13 11:39:51 +00:00
loiie45e
07faab6ac3 openai-codex: bridge OAuth profiles into pi auth.json for model discovery (#15184) 2026-02-13 11:39:37 +00:00
Lucky
e3cb2564d7 Agents: allow gpt-5.3-codex-spark in fallback and thinking (#14990) 
* Agents: allow gpt-5.3-codex-spark in fallback and thinking

* Fix: model picker issue for openai-codex/gpt-5.3-codex-spark

Fixed an issue in the model picker.
 2026-02-13 11:39:22 +00:00
青雲
fd076eb43a fix: /status shows incorrect context percentage — totalTokens clamped to contextTokens (#15114) (#15133) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: a489669fc7
Co-authored-by: echoVic <16428813+echoVic@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-02-12 23:52:19 -05:00
Gustavo Madeira Santana
ac41176532 Auto-reply: fix non-default agent session transcript path resolution (#15154) 
* Auto-reply: fix non-default agent transcript path resolution

* Auto-reply: harden non-default agent transcript lookups

* Auto-reply: harden session path resolution across agent stores
 2026-02-12 23:23:12 -05:00
seheepeak
23e4183608 fix(sandbox): force network bridge for browser container (#6961) 2026-02-13 05:17:17 +01:00
George Pickett
a067565db5 fix: pass sandbox docker env into containers (#15138) (thanks @stevebot-alive) 2026-02-12 19:39:22 -08:00
Steve (OpenClaw)
92567765e6 fix(sandbox): pass docker.env into sandbox container 2026-02-12 19:39:22 -08:00
Tak Hoffman
89bfe0c944 fix: add adapter-path after_tool_call coverage (follow-up to #15012) (#15105) 2026-02-12 19:39:23 -06:00
Peter Steinberger
85409e401b fix: preserve inter-session input provenance (thanks @anbecker) 2026-02-13 02:02:01 +01:00
Patrick Barletta
d34138dfee fix: dispatch before_tool_call and after_tool_call hooks from both tool execution paths (openclaw#15012) thanks @Patrick-Barletta 
Verified:
- pnpm check

Co-authored-by: Patrick-Barletta <67929313+Patrick-Barletta@users.noreply.github.com>
 2026-02-12 18:48:11 -06:00
Peter Steinberger
4199f9889f fix: harden session transcript path resolution 2026-02-13 01:28:17 +01:00
Peter Steinberger
3eb6a31b6f fix: confine sandbox skill sync destinations 2026-02-13 01:24:51 +01:00
Kyle Tse
2655041f69 fix: wire 9 unwired plugin hooks to core code (openclaw#14882) thanks @shtse8 
Verified:
- GitHub CI checks green (non-skipped)

Co-authored-by: shtse8 <8020099+shtse8@users.noreply.github.com>
 2026-02-12 18:14:14 -06:00
Vladimir Peshekhonov
957b883082 fix(agents): stabilize overflow compaction retries and session context accounting (openclaw#14102) thanks @vpesh 
Verified:
- CI checks for commit 86a7ecb45e
- Rebase conflict resolution for compatibility with latest main

Co-authored-by: vpesh <9496634+vpesh@users.noreply.github.com>
 2026-02-12 17:53:13 -06:00
Peter Steinberger
da55d70fb0 fix(security): harden untrusted web tool transcripts 2026-02-13 00:46:56 +01:00
Kyle Tse
a10f228a5b fix: update totalTokens after compaction using last-call usage (#15018) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 9214291bf7
Co-authored-by: shtse8 <8020099+shtse8@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-02-12 18:02:30 -05:00
Shadow
149db5b2c2 Discord: handle thread edit params 2026-02-12 16:31:06 -06:00
Skyler Miao
cb0350230c feat(minimax): update models from M2.1 to M2.5 (#14865) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 1d58bc5760
Co-authored-by: adao-max <153898832+adao-max@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-02-12 16:48:46 -05:00
0xRain
d8d8109711 fix(agents): guard against undefined path in context file entries (#14903) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 25856b863d
Co-authored-by: 0xRaini <190923101+0xRaini@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-02-12 15:27:56 -05:00
fagemx
bdd0c12329 fix(providers): include provider name in billing error messages (#14697) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 774e0b6605
Co-authored-by: fagemx <117356295+fagemx@users.noreply.github.com>
Co-authored-by: shakkernerd <165377636+shakkernerd@users.noreply.github.com>
Reviewed-by: @shakkernerd
 2026-02-12 18:23:27 +00:00
Peter Steinberger
5e7842a41d feat(zai): auto-detect endpoint + default glm-5 (#14786) 
* feat(zai): auto-detect endpoint + default glm-5

* test: fix Z.AI default endpoint expectation (#14786)

* test: bump embedded runner beforeAll timeout

* chore: update changelog for Z.AI GLM-5 autodetect (#14786)

* chore: resolve changelog merge conflict with main (#14786)

* chore: append changelog note for #14786 without merge conflict

* chore: sync changelog with main to resolve merge conflict
 2026-02-12 19:16:04 +01:00
Yi Liu
d3aee84499 fix(security): add --ignore-scripts to skills install commands (#14659) 
Skills install runs package manager install commands (npm, pnpm, yarn,
bun) without --ignore-scripts, allowing malicious npm packages to
execute arbitrary code via postinstall/preinstall lifecycle scripts
during global installation.

This is inconsistent with the security fix in commit 92702af7a which
added --ignore-scripts to both plugin installs (src/plugins/install.ts)
and hook installs (src/hooks/install.ts). Skills install was overlooked
in that change.

Global install (-g) is particularly dangerous as scripts execute with
the user's full permissions and can modify globally-accessible binaries.
 2026-02-13 02:56:35 +09:00
Peter Steinberger
d25e96637c test(agents): make grok api key test hermetic 2026-02-12 17:17:02 +00:00
Sebastian
d31caa81ef fix(runtime): guard cleanup and preserve skipped cron jobs 2026-02-12 09:28:47 -05:00
0xRain
4f329f923c fix(agents): narrow billing error 402 regex to avoid false positives on issue IDs (#13827) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: b0501bbab7
Co-authored-by: 0xRaini <190923101+0xRaini@users.noreply.github.com>
Co-authored-by: sebslight <19554889+sebslight@users.noreply.github.com>
Reviewed-by: @sebslight
 2026-02-12 09:18:06 -05:00
Akari
455bc1ebba fix: use last API call's cache tokens for context-size display (#13698) (#13805) 
The UsageAccumulator sums cacheRead/cacheWrite across all API calls
within a single turn. With Anthropic prompt caching, each call reports
cacheRead ≈ current_context_size, so after N tool-call round-trips the
accumulated total becomes N × actual_context, which gets clamped to
contextWindow (200k) by deriveSessionTotalTokens().

Fix: track the most recent API call's cache fields separately and use
them in toNormalizedUsage() for context-size reporting. This makes
/status Context display accurate while preserving accumulated output
token counts.

Fixes #13698
Fixes #13782

Co-authored-by: akari-musubi <259925157+akari-musubi@users.noreply.github.com>
 2026-02-12 08:01:36 -06:00