Ayuriel/openclaw
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
14,433 Commits 756 Branches 79 Tags
Commit Graph

1087 Commits

Author SHA1 Message Date
junwon
04bcabcbae
fix(infra): handle Windows dev=0 in sameFileIdentity TOCTOU check (#24939) 
* fix(infra): handle Windows dev=0 in sameFileIdentity TOCTOU check

On Windows, `fs.lstatSync` (path-based) returns `dev: 0` while
`fs.fstatSync` (fd-based) returns the real NTFS volume serial number.
This mismatch caused `sameFileIdentity` to always fail, making
`openVerifiedFileSync` reject every file — silently breaking all
Control UI static file serving (HTTP 404).

Fall back to ino-only comparison when either dev is 0 on Windows.
ino remains unique within a single volume, so TOCTOU protection
is preserved.

Fixes #24692

* fix: format sameFileIdentity wrapping (#24939)

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
 2026-02-24 03:33:27 +00:00
Glucksberg
a3b82a563d
fix: resolve symlinks in pnpm/bun global install detection (#24744) 
Use tryRealpath() instead of path.resolve() when comparing expected
package paths in detectGlobalInstallManagerForRoot(). path.resolve()
only normalizes path strings without following symlinks, causing pnpm
global installs to go undetected since pnpm symlinks node_modules
entries into its .pnpm content-addressable store.

Fixes #22768

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-24 03:33:24 +00:00
Peter Steinberger
3af9d1f8e9 fix: scope Telegram RFC2544 SSRF exception to policy opt-in (#24982) (thanks @stakeswky) 2026-02-24 03:28:00 +00:00
User
9df80b73e2 fix: allow RFC2544 benchmark range (198.18.0.0/15) through SSRF filter 
Telegram's API and file servers resolve to IPs in the 198.18.0.0/15
range (RFC 2544 benchmarking range). The SSRF filter was blocking these
addresses because ipaddr.js classifies them as 'reserved', and the
filter also had an explicit RFC2544_BENCHMARK_PREFIX check that blocked
them unconditionally.

Fix: exempt 198.18.0.0/15 from the 'reserved' range block in
isBlockedSpecialUseIpv4Address(). Other 'reserved' ranges (TEST-NET-2,
TEST-NET-3, documentation prefixes) remain blocked. The explicit
RFC2544_BENCHMARK_PREFIX check is repurposed as the exemption guard.

Closes #24973
 2026-02-24 03:28:00 +00:00
Peter Steinberger
ffd63b7a2c fix(security): trust resolved skill-bin paths in allowlist auto-allow 2026-02-24 03:12:43 +00:00
Peter Steinberger
204d9fb404 refactor(security): dedupe shell env probe and add path regression test 2026-02-24 03:11:33 +00:00
Peter Steinberger
64aab80201 test(exec): add regressions for safe-bin metadata and chain semantics 2026-02-24 03:10:19 +00:00
Peter Steinberger
a67689a7e3 fix: harden allow-always shell multiplexer wrapper handling 2026-02-24 03:06:51 +00:00
Peter Steinberger
4a3f8438e5 fix(gateway): bind node exec approvals to nodeId 2026-02-24 03:05:58 +00:00
Peter Steinberger
9530c01085 refactor(exec): split safe-bin policy modules and dedupe allowlist flow 2026-02-24 03:05:03 +00:00
Peter Steinberger
ff10fe8b91 fix(security): require /etc/shells for shell env fallback 2026-02-24 02:58:24 +00:00
Peter Steinberger
90383e00e9 fix(security): harden autoAllowSkills exec matching 2026-02-24 02:53:47 +00:00
Peter Steinberger
3f923e8313 test: add env -S allowlist bypass regressions 2026-02-24 02:28:00 +00:00
Peter Steinberger
6c441ea797 fix: support legacy and beta prerelease version formats 2026-02-24 02:05:37 +00:00
Peter Steinberger
a1c4bf07c6 fix(security): harden exec wrapper allowlist execution parity 2026-02-24 01:52:17 +00:00
Peter Steinberger
5eb72ab769 fix(security): harden browser SSRF defaults and migrate legacy key 2026-02-24 01:52:01 +00:00
Peter Steinberger
f97c0922e1 fix(security): harden account-key handling against prototype pollution 2026-02-24 01:09:31 +00:00
Peter Steinberger
3b8e33037a fix(security): harden safeBins long-option validation 2026-02-23 23:58:58 +00:00
Peter Steinberger
a2dfe9879f fix(security): harden regex compilation for filters and redaction 2026-02-23 23:54:50 +00:00
Peter Steinberger
75423a00d6 refactor: deduplicate shared helpers and test setup 2026-02-23 20:40:44 +00:00
Peter Steinberger
d266d12be1 refactor(exec): simplify env-prefixed wrapper modifier check 2026-02-23 18:56:14 +00:00
Brian Mendonca
bd8b9af9a7 fix(exec): bind env-prefixed shell wrappers to full approval text 
(cherry picked from commit 1edf9579882d427322129dc434d0dadc0699102d)
 2026-02-23 18:56:14 +00:00
Gustavo Madeira Santana
5de1f540e7
CLI: fix gateway restart health ownership for child listener pids (#24696) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: d6d4b43f7e0a59856f40d259053cbf653fac3bc2
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-02-23 13:53:10 -05:00
Doruk Ardahan
daaad03593 fix(infra): treat nested network request errors as non-fatal 2026-02-23 18:27:23 +00:00
Vincent Koc
0e28e50b45
fix(security): detect obfuscated commands that bypass allowlist filters (#24287) 
* security(exec): add obfuscated command detector

* test(exec): cover obfuscation detector patterns

* security(exec): enforce obfuscation approval on gateway host

* security(exec): enforce obfuscation approval on node host

* test(exec): prevent obfuscation timeout bypass

* chore(changelog): credit obfuscation security fix
 2026-02-23 02:50:06 -05:00
Vignesh Natarajan
8d9d01447e chore: align plugin versions and harden outbound cross-provider test 2026-02-22 23:04:17 -08:00
Peter Steinberger
1c753ea786 test: dedupe fixtures and test harness setup 2026-02-23 05:45:54 +00:00
Peter Steinberger
8af19ddc5b refactor: extract shared dedupe helpers for runtime paths 2026-02-23 05:43:43 +00:00
Peter Steinberger
382fe8009a refactor!: remove google-antigravity provider support 2026-02-23 05:20:14 +01:00
Peter Steinberger
84e5ab598a fix: make windows CI path handling deterministic 2026-02-22 22:34:49 +00:00
Peter Steinberger
cd919ebd2d refactor(exec): unify wrapper resolution and split approvals tests 2026-02-22 23:20:09 +01:00
Peter Steinberger
13db0b88f5 refactor(gateway): share safe avatar file open checks 2026-02-22 23:12:45 +01:00
Peter Steinberger
862975507a refactor(exec): split command resolution and trusted-dir normalization 2026-02-22 23:00:33 +01:00
Peter Steinberger
24c954d972 fix(security): harden allow-always wrapper persistence 2026-02-22 22:55:33 +01:00
Peter Steinberger
64b273a71c fix(exec): harden safe-bin trust and add explicit trusted dirs 2026-02-22 22:43:18 +01:00
Vignesh Natarajan
08fb38f729 Fix: resolve pnpm check type regressions 2026-02-22 13:40:51 -08:00
Peter Steinberger
e16f93af0c fix: stabilize ci test typings and mocks 2026-02-22 21:38:47 +00:00
Peter Steinberger
3f0b9dbb36 fix(security): block shell-wrapper line-continuation allowlist bypass 2026-02-22 22:36:29 +01:00
Peter Steinberger
7c109f5737 fix: resolve ci type errors and reconnect test flake 2026-02-22 21:35:20 +00:00
Peter Steinberger
d24f5c1e3a fix(gateway): fail fast exec approvals when no approvers are reachable 
Co-authored-by: fanxian831-netizen <262880470+fanxian831-netizen@users.noreply.github.com>
 2026-02-22 22:24:27 +01:00
Peter Steinberger
7bbd597383 fix(media): enforce agent media roots in plugin send actions 
Co-authored-by: Oliver Drobnik <333270+odrobnik@users.noreply.github.com>
Co-authored-by: thisischappy <257418353+thisischappy@users.noreply.github.com>
 2026-02-22 22:24:27 +01:00
Peter Steinberger
06b0a60bef refactor(daemon): share runtime and service probe helpers 2026-02-22 21:19:09 +00:00
Peter Steinberger
c539782c09 test(gateway-lock): stabilize port-probe liveness coverage 2026-02-22 22:11:53 +01:00
Peter Steinberger
34fef3ae60 fix(delivery): quarantine permanent recovery failures 
Co-authored-by: Aldo <17973757+aldoeliacim@users.noreply.github.com>
 2026-02-22 22:11:51 +01:00
Peter Steinberger
e6383a2c13 fix(gateway): probe port liveness for stale lock recovery 
Co-authored-by: Operative-001 <261882263+Operative-001@users.noreply.github.com>
 2026-02-22 22:11:51 +01:00
Peter Steinberger
7eae1933fb refactor(test): extract shared fixture helpers in gateway and outbound tests 2026-02-22 20:18:20 +00:00
Peter Steinberger
2dcb244985 refactor(test): dedupe gateway and web scaffolding 2026-02-22 20:04:51 +00:00
Peter Steinberger
5e8b1f5ac8 refactor(test): centralize trigger and cron test helpers 2026-02-22 20:04:51 +00:00
Peter Steinberger
51b0772e14 fix(exec-approvals): harden forwarding target and resolve delivery paths 
Co-authored-by: bubmiller <bubmiller@users.noreply.github.com>
 2026-02-22 20:37:22 +01:00
Peter Steinberger
eefbf3dc5a fix(sandbox): normalize /workspace media paths to host sandbox root 
Co-authored-by: echo931 <echo931@users.noreply.github.com>
 2026-02-22 20:37:21 +01:00