Ayuriel/openclaw
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
18,147 Commits 756 Branches 79 Tags
Commit Graph

3309 Commits

Author SHA1 Message Date
chengzhichao-xydt
0a8fa0e001
Moonshot: respect explicit baseUrl for CN endpoint so platform.moonshot.cn keys authenticate (#33637) (#33696) 
* Moonshot: respect explicit baseUrl for CN endpoint so platform.moonshot.cn keys authenticate (#33637)

* Moonshot: address review - remove dead constant, import canonical URLs (#33696)
 2026-03-12 12:10:38 -04:00
Jacob Riff
3fa91cd69d
feat: add sessions_yield tool for cooperative turn-ending (#36537) 
Merged via squash.

Prepared head SHA: 75d9204c863792226389a4d33eeb40c4e842528d
Co-authored-by: jriff <50276+jriff@users.noreply.github.com>
Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com>
Reviewed-by: @jalehman
 2026-03-12 08:46:47 -07:00
Rodrigo Uroz
688e3f0863 Compaction Runner: emit transcript updates post-compact (#25558) 
Merged via squash.

Prepared head SHA: 8a858436ed31805124a9d096bd93ab90e5423672
Co-authored-by: rodrigouroz <384037+rodrigouroz@users.noreply.github.com>
Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com>
Reviewed-by: @jalehman
 2026-03-12 08:22:12 -07:00
Vincent Koc
8ad0ca309e
Subagents: stop retrying external completion timeouts (#41235) (#43847) 
* Changelog: add subagent announce timeout note

* Tests: cover subagent completion timeout no-retry

* Subagents: stop retrying external completion timeouts

* Config: update subagent announce timeout default docs

* Tests: use fake timers for subagent timeout retry guard
 2026-03-12 11:03:06 -04:00
Vincent Koc
2f037f0930 Agents: adapt pi-ai oauth and payload hooks 2026-03-12 10:19:14 -04:00
0x4C33
f3be1c828c
fix(status): resolve context window by provider-qualified key, prefer max on bare-id collision, solve #35976 (#36389) 
Merged via squash.

Prepared head SHA: f8cf752c59708fb388fd200276115277e8b217d6
Co-authored-by: haoruilee <60883781+haoruilee@users.noreply.github.com>
Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com>
Reviewed-by: @jalehman
 2026-03-12 07:00:36 -07:00
rabsef-bicrym
ff47876e61
fix: carry observed overflow token counts into compaction (#40357) 
Merged via squash.

Prepared head SHA: b99eed4329bda45083cdedc2386c2c4041c034be
Co-authored-by: rabsef-bicrym <52549148+rabsef-bicrym@users.noreply.github.com>
Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com>
Reviewed-by: @jalehman
 2026-03-12 06:58:42 -07:00
avirweb
f2e28fc30f
fix(telegram): allow fallback models in /model validation (#40105) 
Merged via squash.

Prepared head SHA: de07585e03cba06897d50c1d79fbe09d326c6ac9
Co-authored-by: avirweb <257412074+avirweb@users.noreply.github.com>
Co-authored-by: velvet-shark <126378+velvet-shark@users.noreply.github.com>
Reviewed-by: @velvet-shark
 2026-03-12 13:55:51 +01:00
glitch
8ea79b64d0
fix: preserve sandbox write payload stdin (#43876) 
Merged via squash.

Prepared head SHA: a10fd4b21c78ec57411e6a4f387f16b1441660c2
Co-authored-by: glitch418x <189487110+glitch418x@users.noreply.github.com>
Co-authored-by: altaywtf <9790196+altaywtf@users.noreply.github.com>
Reviewed-by: @altaywtf
 2026-03-12 12:42:57 +03:00
jnMetaCode
f640326e31
fix(failover): add missing network errno patterns to text-based timeout classifier (#42830) 
Merged via squash.

Prepared head SHA: 91761487e8825c0fd6582a762d04bba04f726a85
Co-authored-by: jnMetaCode <12096460+jnMetaCode@users.noreply.github.com>
Co-authored-by: altaywtf <9790196+altaywtf@users.noreply.github.com>
Reviewed-by: @altaywtf
 2026-03-12 12:34:44 +03:00
Vincent Koc
46a332385d
Gateway: keep spawned workspace overrides internal (#43801) 
* Gateway: keep spawned workspace overrides internal

* Changelog: note GHSA-2rqg agent boundary fix

* Gateway: persist spawned workspace inheritance in sessions

* Agents: clean failed lineage spawn state

* Tests: cover lineage attachment cleanup

* Tests: cover lineage thread cleanup
 2026-03-12 04:20:00 -04:00
Vincent Koc
9aeaa19e9e
Agents: clear invalidated Kimi tool arg repair (#43824) 2026-03-12 03:53:06 -04:00
Vincent Koc
d8ee97c466
Agents: recover malformed Anthropic-compatible tool call args (#42835) 
* Agents: recover malformed anthropic tool call args

* Agents: add malformed tool call regression test

* Changelog: note Kimi tool call arg recovery

* Agents: repair toolcall end message snapshots

* Agents: narrow Kimi tool call arg repair
 2026-03-12 03:28:22 -04:00
Josh Avant
0bcb95e8fa
Models: enforce source-managed SecretRef markers in models.json (#43759) 
Merged via squash.

Prepared head SHA: 4a065ef5d849273756ceb0dd241ca24ca9e621ca
Co-authored-by: joshavant <830519+joshavant@users.noreply.github.com>
Co-authored-by: joshavant <830519+joshavant@users.noreply.github.com>
Reviewed-by: @joshavant
 2026-03-12 02:22:52 -05:00
Vincent Koc
99ec687d7a
fix(agents): enforce sandboxed session_status visibility (#43754) 
* agents: guard sandboxed session_status access

* test(agents): cover sandboxed session_status scope

* docs(changelog): credit session_status hardening

* agents: preflight sandboxed session_status checks

* test(agents): cover session_status existence oracle

* agents: preserve legacy session_status tree keys

* test(agents): cover legacy session_status tree keys

* Update CHANGELOG.md
 2026-03-12 02:54:25 -04:00
Toven
ade748176f
OpenRouter: surface free Hunter and Healer stealth models for the next week (#43642) 
* Models: add temporary Hunter and Healer alpha to OpenRouter catalog

* Add temporary OpenRouter stealth catalog entries

---------

Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-03-11 22:58:48 -05:00
David Rudduck
f01c41b27a
fix(context-engine): guard compact() throw + fire hooks for ownsCompaction engines (#41361) 
Merged via squash.

Prepared head SHA: 0957b32dc63b16d710403565953b77bfbd2bd987
Co-authored-by: davidrudduck <47308254+davidrudduck@users.noreply.github.com>
Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com>
Reviewed-by: @jalehman
 2026-03-11 20:19:20 -07:00
Robin Waslander
e95f2dcd6e
fix(sandbox): anchor fs-bridge writeFile commit to canonical parent path 
Refs: GHSA-xvx8-77m6-gwg6
 2026-03-12 03:52:24 +01:00
Peter Steinberger
17fd46ab66
test: fix websocket tool shape coverage 2026-03-12 02:16:56 +00:00
Peter Steinberger
980619b9be
fix: harden openai websocket replay 2026-03-12 02:13:06 +00:00
Brian Yu
cced1e0f76 preserve openai phase param 2026-03-11 23:15:52 +00:00
zhoulf1006
453c8d7c1b
fix(hooks): add missing trigger and channelId to agent_end, llm_input, and llm_output hook contexts (#42362) 
Merged via squash.

Prepared head SHA: e6d7b7e31aa6ae12813b4609adb6e569a4084d08
Co-authored-by: zhoulf1006 <35586967+zhoulf1006@users.noreply.github.com>
Co-authored-by: hydro13 <6640526+hydro13@users.noreply.github.com>
Reviewed-by: @hydro13
 2026-03-11 23:40:13 +01:00
Gustavo Madeira Santana
d79ca52960
Memory: add multimodal image and audio indexing (#43460) 
Merged via squash.

Prepared head SHA: a994c07190a2062322f459c928b6cd74f9803d88
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-03-11 22:28:34 +00:00
Peter Steinberger
c8dd06cba2 fix(ws): preserve payload overrides 2026-03-11 20:11:51 +00:00
Peter Steinberger
bdd9ed238a test: align pi-ai oauth mocks 2026-03-11 20:11:51 +00:00
Peter Steinberger
620bae4ec7 fix(ollama): share model context discovery 2026-03-11 20:11:51 +00:00
Peter Steinberger
9329a0ab24 test(agents): cover openai responses phase replay 2026-03-11 20:10:55 +00:00
Tak Hoffman
4133edb395
fix: restore web tools to coding profile (#43436) 
* fix: restore web tools to coding profile

* fix: tighten tool catalog regression assertion
 2026-03-11 15:07:17 -05:00
Squabble9
128e5bc317
fix: recognize Venice 402 billing errors for model fallback (#43205) 
Merged via squash.

Prepared head SHA: 1f6b10b9d934235e71f279f888292139c4a85aa6
Co-authored-by: Squabble9 <194720422+Squabble9@users.noreply.github.com>
Co-authored-by: altaywtf <9790196+altaywtf@users.noreply.github.com>
Reviewed-by: @altaywtf
 2026-03-11 22:15:32 +03:00
ingyukoh
2a18cbb110
fix(agents): prevent false billing error replacing valid response text (#40616) 
Merged via squash.

Prepared head SHA: 05179362b439ff3b0330df3eb6a28aa05396ea9d
Co-authored-by: ingyukoh <6015960+ingyukoh@users.noreply.github.com>
Co-authored-by: altaywtf <9790196+altaywtf@users.noreply.github.com>
Reviewed-by: @altaywtf
 2026-03-11 22:00:11 +03:00
VibhorGautam
4473242b4f
fix: use unknown instead of rate_limit as default cooldown reason (#42911) 
Merged via squash.

Prepared head SHA: bebf6704d7b02b9a32935c0006eac2d76694fec0
Co-authored-by: VibhorGautam <55019395+VibhorGautam@users.noreply.github.com>
Co-authored-by: altaywtf <9790196+altaywtf@users.noreply.github.com>
Reviewed-by: @altaywtf
 2026-03-11 21:34:14 +03:00
Bill Chirico
60aed95346
feat(memory): add gemini-embedding-2-preview support (#42501) 
Merged via squash.

Prepared head SHA: c57b1f8ba2ca65f4946afe94a9137ee8c05c8c64
Co-authored-by: BillChirico <13951316+BillChirico@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-03-11 14:28:53 -04:00
ademczuk
58634c9c65
fix(agents): check billing errors before context overflow heuristics (#40409) 
Merged via squash.

Prepared head SHA: c88f89c462d87957a4c6c51a23ab997fd307059d
Co-authored-by: ademczuk <5212682+ademczuk@users.noreply.github.com>
Co-authored-by: altaywtf <9790196+altaywtf@users.noreply.github.com>
Reviewed-by: @altaywtf
 2026-03-11 21:08:55 +03:00
Tak Hoffman
87876a3e36
Fix env proxy bootstrap for model traffic (#43248) 
* Fix env proxy bootstrap for model traffic

* Address proxy dispatcher review followups

* Fix proxy env precedence for empty lowercase vars
 2026-03-11 10:21:35 -05:00
Bruce MacDonald
d6108a6f72 Onboard: add Ollama auth flow and improve model defaults 
Add Ollama as a auth provider in onboarding with Cloud + Local mode
selection, browser-based sign-in via /api/me, smart model suggestions
per mode, and graceful fallback when the default model is unavailable.

- Extract shared ollama-models.ts
- Auto-pull missing models during onboarding
- Non-interactive mode support for CI/automation

Closes #8239
Closes #3494

Co-Authored-By: Jeffrey Morgan <jmorganca@gmail.com>
 2026-03-11 14:52:55 +00:00
Robin Waslander
62d5df28dc
fix(agents): add nodes to owner-only tool policy fallbacks 
The nodes tool was missing from OWNER_ONLY_TOOL_NAME_FALLBACKS in
tool-policy.ts. applyOwnerOnlyToolPolicy() correctly removed gateway
and cron for non-owners but kept nodes, which internally issues
privileged gateway calls: node.pair.approve (operator.pairing) and
node.invoke (operator.write).

A non-owner sender could approve pending node pairings and invoke
arbitrary node commands, extending to system.run on paired nodes.

Add nodes to the fallback owner-only set. Non-owners no longer receive
the nodes tool after policy application; owners retain it.

Fixes GHSA-r26r-9hxr-r792
 2026-03-11 14:17:03 +01:00
Andyliu
10e6e27451
fix(models): guard optional model input capabilities (#42096) 
Merged via squash.

Prepared head SHA: d398fa0222b7045b549fd3592d469c079ca3efb6
Co-authored-by: andyliu <2377291+andyliu@users.noreply.github.com>
Co-authored-by: hydro13 <6640526+hydro13@users.noreply.github.com>
Reviewed-by: @hydro13
 2026-03-11 13:43:59 +01:00
Frank Yang
d68d4362ee fix(context-pruning): cover image-only tool-result pruning 2026-03-11 18:07:37 +08:00
MoerAI
a78674f115 fix(context-pruning): prune image-containing tool results instead of skipping them (#41789) 2026-03-11 18:07:37 +08:00
ademczuk
dc4441322f
fix(agents): include azure-openai in Responses API store override (#42934) 
Merged via squash.

Prepared head SHA: d3285fef41001bb25a8d1cb47a37ee9a132ffb9e
Co-authored-by: ademczuk <5212682+ademczuk@users.noreply.github.com>
Co-authored-by: frankekn <4488090+frankekn@users.noreply.github.com>
Reviewed-by: @frankekn
 2026-03-11 16:16:10 +08:00
Luke
7761e7626f
Providers: add Opencode Go support (#42313) 
* feat(providers): add opencode-go provider support and onboarding

* Onboard: unify OpenCode auth handling openclaw#42313 thanks @ImLukeF

* Docs: merge OpenCode Zen and Go docs openclaw#42313 thanks @ImLukeF

* Update CHANGELOG.md

---------

Co-authored-by: Ubuntu <ubuntu@vps-90352893.vps.ovh.ca>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
 2026-03-11 01:31:06 -04:00
Vincent Koc
bd33a340fb
fix(sandbox): sanitize Docker env before marking OPENCLAW_CLI (#42256) 
* Sandbox: sanitize Docker env before exec marker injection

* Sandbox: add regression test for Docker exec marker env

* Sandbox: disable Windows shell fallback for Docker

* Sandbox: cover Windows Docker wrapper rejection

* Sandbox: test strict env sanitization through Docker args
 2026-03-11 00:59:36 -04:00
Peter Steinberger
a52104c235 test: restore fs bridge helper export 2026-03-11 02:38:00 +00:00
Peter Steinberger
a0d5462571 fix(security): pin staged writes and fs mutations 2026-03-11 02:38:00 +00:00
Peter Steinberger
72b0e00eab refactor: unify sandbox fs bridge mutations 2026-03-11 02:10:23 +00:00
Peter Steinberger
aad014c7c1 fix: harden subagent control boundaries 2026-03-11 01:44:38 +00:00
Peter Steinberger
68c674d37c refactor(security): simplify system.run approval model 2026-03-11 01:43:06 +00:00
Peter Steinberger
11924a7026 fix(sandbox): pin fs-bridge staged writes 2026-03-11 01:15:47 +00:00
Peter Steinberger
ecdbd8aa52 fix(security): restrict leaf subagent control scope 2026-03-11 01:12:22 +00:00
Peter Steinberger
fa0329c340 test: cover cron nested lane selection 2026-03-11 00:02:00 +00:00