github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-08 07:51:26 +00:00
Code Issues Packages Projects Releases Wiki Activity
14,296 Commits 702 Branches 79 Tags
ca761d62259dd41e127b0ab58b34f9b8d47dd83d
Commit Graph

1317 Commits

Author SHA1 Message Date
Peter Steinberger
ca761d6225 test: consolidate gateway auth test scenarios 2026-02-23 21:57:17 +00:00
Peter Steinberger
75423a00d6 refactor: deduplicate shared helpers and test setup 2026-02-23 20:40:44 +00:00
Peter Steinberger
9af3ec92a5 fix(gateway): add HSTS header hardening and docs 2026-02-23 19:47:29 +00:00
Peter Steinberger
40db3fef49 fix(agents): cache bootstrap snapshots per session key 
Co-authored-by: Isis Anisoptera <github@lotuswind.net>
 2026-02-23 19:19:45 +00:00
Ruslan Kharitonov
8d69251475 fix(doctor): use gateway health status for memory search key check (#22327) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 2f02ec9403
Co-authored-by: therk <901920+therk@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-02-23 14:07:16 -05:00
Brian Mendonca
bd8b9af9a7 fix(exec): bind env-prefixed shell wrappers to full approval text 
(cherry picked from commit 1edf957988)
 2026-02-23 18:56:14 +00:00
justinhuangcode
d00d814ad1 fix(gateway): include platform and reason in node command rejection error 
The generic "node command not allowed" error gives no indication of why the
command was rejected, making it hard to diagnose issues (e.g. running
`nodes notify` against a Linux node that does not declare `system.notify`).

Include the rejection reason and node platform in the error message so
callers can tell whether the command is not supported by the node, not in
the platform allowlist, or the node did not advertise its capabilities.

Fixes #24616

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
(cherry picked from commit e3d74619bc)
 2026-02-23 18:56:14 +00:00
Peter Steinberger
2fa6aa6ea6 test(agents): add comprehensive kimi regressions 2026-02-23 18:27:36 +00:00
Vincent Koc
7fb69b7cd2 Gateway: stop repeated unauthorized WS request floods per connection (#24294) 
* Gateway WS: add unauthorized flood guard primitive

* Gateway WS: close repeated unauthorized post-handshake request floods

* Gateway WS: test unauthorized flood guard behavior

* Changelog: note gateway WS unauthorized flood guard hardening

* Update CHANGELOG.md
 2026-02-23 09:58:47 -05:00
Peter Steinberger
3f03cdea56 test: optimize redundant suites for faster runtime 2026-02-23 13:57:34 +00:00
Ayaan Zaidi
86fcca2352 fix(gateway): annotate connection test mocks 2026-02-23 11:47:27 +05:30
Ayaan Zaidi
118611465c test(gateway): make strict-delivery bestEffort case deterministic 2026-02-23 11:45:18 +05:30
Ayaan Zaidi
d589b3a95c test(gateway): clear agentCommand mock before strict bestEffort assert 2026-02-23 11:45:18 +05:30
Ayaan Zaidi
03122e5933 fix(cron): preserve telegram announce target + delivery truth 2026-02-23 11:45:18 +05:30
Tak Hoffman
35fbf26d24 Gateway: suppress tools.catalog plugin conflict diagnostics 2026-02-23 00:05:57 -06:00
Tak Hoffman
9e1a13bf4c Gateway/UI: data-driven agents tools catalog with provenance (openclaw#24199) thanks @Takhoffman 
Verified:
- pnpm install --frozen-lockfile
- pnpm build
- gh pr checks 24199 --watch --fail-fast

Co-authored-by: Takhoffman <781889+Takhoffman@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-22 23:55:59 -06:00
Peter Steinberger
1c753ea786 test: dedupe fixtures and test harness setup 2026-02-23 05:45:54 +00:00
Peter Steinberger
8af19ddc5b refactor: extract shared dedupe helpers for runtime paths 2026-02-23 05:43:43 +00:00
Tak Hoffman
77c3b142a9 Web UI: add full cron edit parity, all-jobs run history, and compact filters (openclaw#24155) thanks @Takhoffman 
Verified:
- pnpm install --frozen-lockfile
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: Takhoffman <781889+Takhoffman@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-22 23:05:42 -06:00
Tak Hoffman
259d863353 Gateway: harden cron.runs jobId path handling (openclaw#24038) thanks @Takhoffman 
Verified:
- pnpm install --frozen-lockfile
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: Takhoffman <781889+Takhoffman@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-22 19:35:26 -06:00
Vignesh Natarajan
a10ec2607f Gateway/Chat UI: sanitize untrusted wrapper markup in final payloads 2026-02-22 16:53:54 -08:00
Peter Steinberger
60c494c024 test: tighten mistral media and onboarding coverage 2026-02-23 00:19:05 +00:00
Vincent Koc
d92ba4f8aa feat: Provider/Mistral full support for Mistral on OpenClaw 🇫🇷 (#23845) 
* Onboard: add Mistral auth choice and CLI flags

* Onboard/Auth: add Mistral provider config defaults

* Auth choice: wire Mistral API-key flow

* Onboard non-interactive: support --mistral-api-key

* Media understanding: add Mistral Voxtral audio provider

* Changelog: note Mistral onboarding and media support

* Docs: add Mistral provider and onboarding/media references

* Tests: cover Mistral media registry/defaults and auth mapping

* Memory: add Mistral embeddings provider support

* Onboarding: refresh Mistral model metadata

* Docs: document Mistral embeddings and endpoints

* Memory: persist Mistral embedding client state in managers

* Memory: add regressions for mistral provider wiring

* Gateway: add live tool probe retry helper

* Gateway: cover live tool probe retry helper

* Gateway: retry malformed live tool-read probe responses

* Memory: support plain-text batch error bodies

* Tests: add Mistral Voxtral live transcription smoke

* Docs: add Mistral live audio test command

* Revert: remove Mistral live voice test and docs entry

* Onboard: re-export Mistral default model ref from models

* Changelog: credit joeVenner for Mistral work

* fix: include Mistral in auto audio key fallback

* Update CHANGELOG.md

* Update CHANGELOG.md

---------

Co-authored-by: Shakker <shakkerdroid@gmail.com>
 2026-02-23 00:03:56 +00:00
Peter Steinberger
13db0b88f5 refactor(gateway): share safe avatar file open checks 2026-02-22 23:12:45 +01:00
Peter Steinberger
7b229decdd test(perf): dedupe fixtures and reduce flaky waits 2026-02-22 22:06:01 +00:00
Peter Steinberger
6970c2c2db fix(gateway): harden control-ui avatar reads 2026-02-22 22:40:22 +01:00
Peter Steinberger
d24f5c1e3a fix(gateway): fail fast exec approvals when no approvers are reachable 
Co-authored-by: fanxian831-netizen <262880470+fanxian831-netizen@users.noreply.github.com>
 2026-02-22 22:24:27 +01:00
Peter Steinberger
2081b3a3c4 refactor(channels): dedupe hook and monitor execution paths 2026-02-22 21:19:09 +00:00
Tak Hoffman
f8171ffcdc Config UI: tag filters and complete schema help/labels coverage (#23796) 
* Config UI: add tag filters and complete schema help/labels

* Config UI: finalize tags/help polish and unblock test suite

* Protocol: regenerate Swift gateway models
 2026-02-22 15:17:07 -06:00
Peter Steinberger
9165bd7f37 fix(gateway): auto-approve loopback scope upgrades 
Co-authored-by: Marcus Widing <245375637+widingmarcus-cyber@users.noreply.github.com>
 2026-02-22 22:11:50 +01:00
Peter Steinberger
7eae1933fb refactor(test): extract shared fixture helpers in gateway and outbound tests 2026-02-22 20:18:20 +00:00
Peter Steinberger
2dcb244985 refactor(test): dedupe gateway and web scaffolding 2026-02-22 20:04:51 +00:00
Peter Steinberger
51b0772e14 fix(exec-approvals): harden forwarding target and resolve delivery paths 
Co-authored-by: bubmiller <bubmiller@users.noreply.github.com>
 2026-02-22 20:37:22 +01:00
Peter Steinberger
bbdfba5694 fix: harden connect auth flow and exec policy diagnostics 2026-02-22 20:22:00 +01:00
Peter Steinberger
aa4c250eb8 fix(cron): split run and delivery status tracking 2026-02-22 20:19:23 +01:00
Peter Steinberger
0c1f491a02 fix(gateway): clarify pairing and node auth guidance 2026-02-22 19:50:29 +01:00
Peter Steinberger
176973b882 test(gateway): align auto-enable channel assertion 2026-02-22 18:37:18 +00:00
Peter Steinberger
b13bba9c35 fix(gateway): skip operator pairing on valid shared auth 2026-02-22 19:25:50 +01:00
Peter Steinberger
b79c89fc90 fix: stabilize CI type and test harness coverage 2026-02-22 18:06:34 +00:00
Peter Steinberger
08431da5d5 refactor(gateway): unify credential precedence across entrypoints 2026-02-22 18:55:44 +01:00
Jonathan Works
8c089bbe32 fix(hooks): suppress main session events for silent/delivered hook turns (#20678) 
* fix(hooks): suppress main session events for silent/delivered hook turns

When a hook agent turn returns NO_REPLY (SILENT_REPLY_TOKEN), mark the
result as delivered so the hooks handler skips enqueueSystemEvent and
requestHeartbeatNow. Without this, every Gmail notification classified
as NO_REPLY still injects a system event into the main agent session,
causing context window growth proportional to email volume.

Two-part fix:
- cron/isolated-agent/run.ts: set delivered:true when synthesizedText
  matches SILENT_REPLY_TOKEN so callers know no notification is needed
- gateway/server/hooks.ts: guard enqueueSystemEvent + requestHeartbeatNow
  with !result.delivered (addresses duplicate delivery, refs #20196)

Refs: https://github.com/openclaw/openclaw/issues/20196

* Changelog: document hook silent-delivery suppression fix

---------

Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
 2026-02-22 12:47:42 -05:00
Alex Zaytsev
1685a0dd12 fix: remove trailing newline from CLAUDE.md symlink target (#21160) 
* fix: remove trailing newline from CLAUDE.md symlink target

* Dev tooling: prevent CLAUDE symlink newline regressions

---------

Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
 2026-02-22 12:40:06 -05:00
Peter Steinberger
66529c7aa5 refactor(gateway): unify auth credential resolution 2026-02-22 18:23:13 +01:00
Peter Steinberger
296b19e413 test: dedupe gateway browser discord and channel coverage 2026-02-22 17:11:54 +00:00
Dan Dodson
4cad674387 fix: preserve stored provider in resolveSessionModelRef for vendor-prefixed models (#22753) 
* fix: preserve stored provider in resolveSessionModelRef for vendor-prefixed models

When an OpenRouter model with a vendor prefix (e.g. "anthropic/claude-haiku-4.5")
was successfully used and persisted to the session entry, the next call to
resolveSessionModelRef would re-parse the model string through parseModelRef,
which splits on the first slash and incorrectly extracts "anthropic" as the
provider — discarding the stored "openrouter" provider entirely. This caused
subsequent requests to attempt direct Anthropic API calls with an OpenRouter
API key, producing "credit balance too low" billing errors.

The fix trusts the explicitly stored modelProvider on the session entry and
skips parseModelRef re-parsing when a provider is already recorded. parseModelRef
is still used as a fallback when no provider is stored on the entry.

Co-authored-by: Cursor <cursoragent@cursor.com>

* Changelog: add OpenRouter note for #22753

---------

Co-authored-by: Cursor <cursoragent@cursor.com>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
 2026-02-22 12:07:33 -05:00
Peter Steinberger
b6ac0eef5d test: trim gateway fixture sizes and preload message command 2026-02-22 17:06:34 +00:00
Peter Steinberger
f14ebd743c refactor(security): unify local-host and tailnet CIDR checks 2026-02-22 17:20:27 +01:00
Peter Steinberger
f442a3539f feat(update): add core auto-updater and dry-run preview 2026-02-22 17:11:36 +01:00
Peter Steinberger
333fbb8634 refactor(net): consolidate IP checks with ipaddr.js 2026-02-22 17:02:44 +01:00
Peter Steinberger
142c0a7f7d refactor: extract gateway transcript append helper 2026-02-22 14:44:19 +00:00