openclaw

Author	SHA1	Message	Date
Peter Steinberger	166068dfbe	test: add byteplus coding-plan live test	2026-02-21 15:42:44 +01:00
Peter Steinberger	c8466e516f	fix(agents): raise dynamic retry cap budget	2026-02-21 15:41:30 +01:00
Peter Steinberger	b520e7ac38	fix: stabilize docker live model and doctor-switch tests	2026-02-21 15:36:24 +01:00
Peter Steinberger	b25d3652e7	fix(agents): cap embedded runner retry loop	2026-02-21 15:35:45 +01:00
Peter Steinberger	3101047234	feat(models): add Gemini 3.1 support	2026-02-21 15:08:06 +01:00
Peter Steinberger	581868365d	fix: finish volcengine/byteplus landing polish (#7967 ) (thanks @funmore123)	2026-02-21 15:05:09 +01:00
fanziqing	559736a5a0	feat(volcengine): integrate Volcengine & Byteplus Provider	2026-02-21 15:05:09 +01:00
大猫子	c62a6e7040	fix(models): add kimi-coding implicit provider template (openclaw#22526) thanks @lailoo Verified: - pnpm build - pnpm check - pnpm test:macmini Co-authored-by: lailoo <20536249+lailoo@users.noreply.github.com> Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>	2026-02-21 07:35:09 -06:00
Peter Steinberger	10b8839a82	fix(security): centralize WhatsApp outbound auth and return 403 tool auth errors	2026-02-21 14:31:01 +01:00
Peter Steinberger	f23da067f6	fix(security): harden heredoc allowlist parsing	2026-02-21 14:27:51 +01:00
orlyjamie	92cada2aca	fix(security): block command substitution in unquoted heredoc bodies The shell command analyzer (splitShellPipeline) skipped all token validation while parsing heredoc bodies. When the heredoc delimiter was unquoted, bash performs command substitution on the body content, allowing $(cmd) and backtick expressions to execute arbitrary commands that bypass the exec allowlist. Track whether heredoc delimiters are quoted or unquoted. When unquoted, scan the body for $( , ${ , and backtick tokens and reject the command. Quoted heredocs (<<'EOF' / <<"EOF") are safe - the shell treats their body as literal text. Ref: https://github.com/openclaw/openclaw/security/advisories/GHSA-65rx-fvh6-r4h2	2026-02-21 14:27:35 +01:00
Peter Steinberger	2706cbd6d7	fix(agents): include filenames in image resize logs	2026-02-21 13:16:41 +00:00
Peter Steinberger	3cfb402bda	refactor(test): reuse state-dir helper in agent runner suite	2026-02-21 13:08:05 +00:00
Peter Steinberger	25db01fe08	refactor(test): use withEnvAsync in pairing store fixture	2026-02-21 13:06:12 +00:00
Peter Steinberger	21bb46d304	fix(ci): include browser network in sandbox test fixture	2026-02-21 13:05:51 +00:00
Peter Steinberger	7a27e2648a	refactor(test): dedupe plugin env overrides via env helpers	2026-02-21 13:03:41 +00:00
Peter Steinberger	f48698a50b	fix(security): harden sandbox browser network defaults	2026-02-21 14:02:53 +01:00
Peter Steinberger	cf82614259	refactor(test): reuse state-dir helper in telegram tests	2026-02-21 13:02:12 +00:00
Peter Steinberger	26eb1f781d	refactor(test): reuse state-dir env helper in auth profile override e2e	2026-02-21 13:00:16 +00:00
Peter Steinberger	c2874aead7	refactor(test): centralize temporary state-dir env setup	2026-02-21 12:59:24 +00:00
Peter Steinberger	50a8942c07	docs(changelog): add WhatsApp reaction allowlist security note	2026-02-21 13:57:54 +01:00
Aether AI Agent	e217f8c3f7	fix(security): OC-91 validate WhatsApp JID against allowlist in all send paths — Aether AI Agent	2026-02-21 13:57:54 +01:00
Peter Steinberger	8c1518f0f3	fix(sandbox): use one-time noVNC observer tokens	2026-02-21 13:56:58 +01:00
Peter Steinberger	b43aadc34c	refactor(test): dedupe temp-home setup in voicewake suite	2026-02-21 12:56:34 +00:00
Peter Steinberger	c529bafdc3	refactor(test): reuse temp-home helper in voicewake e2e	2026-02-21 12:54:54 +00:00
Peter Steinberger	577e5cc74b	refactor(test): dedupe gateway env setup and add env util coverage	2026-02-21 12:52:21 +00:00
Peter Steinberger	621d8e1312	fix(sandbox): require noVNC observer password auth	2026-02-21 13:44:24 +01:00
Peter Steinberger	6cb7e16d40	fix(oauth): harden refresh token refresh-response validation	2026-02-21 13:44:14 +01:00
Peter Steinberger	be7f825006	refactor(gateway): harden proxy client ip resolution	2026-02-21 13:36:23 +01:00
Ayaan Zaidi	8b1fe0d1e2	fix(telegram): split streaming preview per assistant block (#22613 ) Merged via /review-pr -> /prepare-pr -> /merge-pr. Prepared head SHA: 26f35f4411e65cf14587efeedc4e326a71d54ee0 Co-authored-by: obviyus <22031114+obviyus@users.noreply.github.com> Co-authored-by: obviyus <22031114+obviyus@users.noreply.github.com> Reviewed-by: @obviyus	2026-02-21 18:05:23 +05:30
Peter Steinberger	36a0df423d	refactor(gateway): make ws and http auth surfaces explicit	2026-02-21 13:33:09 +01:00
Peter Steinberger	1835dec200	fix(security): force sandbox browser hash migration and audit stale labels	2026-02-21 13:25:41 +01:00
Peter Steinberger	b2d84528f8	refactor(test): remove duplicate cron tool harnesses	2026-02-21 12:25:23 +00:00
Peter Steinberger	14b0d2b816	refactor: harden control-ui auth flow and add insecure-flag audit summary	2026-02-21 13:18:23 +01:00
Peter Steinberger	4cd7d95746	style(browser): apply oxfmt cleanup for gate	2026-02-21 13:16:07 +01:00
Peter Steinberger	f265d45840	fix(tts): make model provider overrides opt-in	2026-02-21 13:16:07 +01:00
Peter Steinberger	f202e73077	refactor(security): centralize host env policy and harden env ingestion	2026-02-21 13:04:39 +01:00
Peter Steinberger	08e020881d	refactor(security): unify command gating and blocked-key guards	2026-02-21 13:04:37 +01:00
Peter Steinberger	356d61aacf	fix(gateway): scope tailscale tokenless auth to websocket	2026-02-21 13:03:13 +01:00
Peter Steinberger	6aa11f3092	fix(acp): harden resource link metadata formatting	2026-02-21 13:00:02 +01:00
Peter Steinberger	b577228d6b	test(security): add overflow compaction truncation-budget regression	2026-02-21 12:59:10 +01:00
Aether AI Agent	084f621025	fix(security): OC-65 prevent compaction counter reset to enforce context exhaustion limit — Aether AI Agent Remove the `overflowCompactionAttempts = 0` reset inside the inner loop's tool-result-truncation branch. The counter was being zeroed on each truncation cycle, allowing prompt-injection attacks to bypass the MAX_OVERFLOW_COMPACTION_ATTEMPTS guard and trigger unbounded auto-compaction, exhausting context window resources (DoS). CWE-400 / GHSA-x2g4-7mj7-2hhj	2026-02-21 12:59:10 +01:00
Peter Steinberger	99048dbec2	fix(gateway): align insecure-auth toggle messaging	2026-02-21 12:57:22 +01:00
Peter Steinberger	fbb79d4013	fix(security): harden runtime command override gating	2026-02-21 12:49:57 +01:00
Peter Steinberger	cb84c537f4	fix: normalize status auth cost handling and models header tests	2026-02-21 12:45:06 +01:00
Peter Steinberger	283029bdea	refactor(security): unify webhook auth matching paths	2026-02-21 11:52:34 +01:00
Peter Steinberger	6007941f04	fix(security): harden and refactor system.run command resolution	2026-02-21 11:49:38 +01:00
Peter Steinberger	5cc631cc9c	fix(agents): harden model-skip and tool-policy imports	2026-02-21 11:48:02 +01:00
Peter Steinberger	55aaeb5085	refactor(browser): centralize navigation guard enforcement	2026-02-21 11:46:11 +01:00
Peter Steinberger	2cdbadee1f	fix(security): block startup-file env injection across host execution paths	2026-02-21 11:44:20 +01:00

... 24 25 26 27 28 ...

9252 Commits