Ayuriel/openclaw
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
17,466 Commits 756 Branches 79 Tags
Commit Graph

1419 Commits

Author SHA1 Message Date
Peter Steinberger
b5192d6e6b fix(daemon): preserve envfile auth provenance 2026-03-08 00:58:16 +00:00
Vincent Koc
0d66834f94 Daemon: scope relaxed systemd probes to install flows 2026-03-07 16:45:18 -08:00
Vincent Koc
a56841b98c
Daemon: harden WSL2 systemctl install checks (#39294) 
* Daemon: harden WSL2 systemctl install checks

* Changelog: note WSL2 daemon install hardening

* Daemon: tighten systemctl failure classification
 2026-03-07 16:43:19 -08:00
Peter Steinberger
eed403dc74 refactor(agents): unify spawned metadata and extract attachments service 2026-03-08 00:23:45 +00:00
Vincent Koc
936f0a7f22 Update gateway-status.test.ts 2026-03-07 15:59:11 -08:00
Vincent Koc
3ae61d57a3 Gateway Status: allowlist missing token test fixture 2026-03-07 15:58:01 -08:00
Peter Steinberger
ab54532c8f fix(agents): land #39247 from @jasonQin6 (subagent workspace inheritance) 
Propagate parent workspace directories into spawned subagent runs, keep workspace override internal-only, and add regression tests for forwarding boundaries.

Co-authored-by: jasonQin6 <991262382@qq.com>
 2026-03-07 23:56:37 +00:00
Peter Steinberger
d228a62143 refactor: share trimmed string entry normalization 2026-03-07 23:27:51 +00:00
Peter Steinberger
fecca6fd8d refactor: unify gateway SecretRef auth resolution paths 2026-03-07 23:27:50 +00:00
Peter Steinberger
265367d99b fix(gateway): land #28428 from @l0cka 
Landed from contributor PR #28428 by @l0cka.

Co-authored-by: Daniel Alkurdi <danielalkurdi@gmail.com>
 2026-03-07 22:51:08 +00:00
Peter Steinberger
92f5a2e252 fix(models): refresh gpt/gemini alias defaults (#38638, thanks @ademczuk) 
Co-authored-by: ademczuk <andrew.demczuk@gmail.com>
 2026-03-07 21:10:58 +00:00
Peter Steinberger
c35f529fac refactor: share daemon install plan runtime scaffolding 2026-03-07 21:09:27 +00:00
Peter Steinberger
b955ba1688 refactor: consolidate daemon runtime and start hints 2026-03-07 21:09:26 +00:00
Peter Steinberger
a91731a831 refactor: centralize gateway auth env credential readers 2026-03-07 21:09:26 +00:00
Peter Steinberger
0848a47c97 refactor: dedupe anthropic probe target test setup 2026-03-07 19:02:01 +00:00
Peter Steinberger
2ada1b71b6 fix(models-auth): land #38951 from @MumuTW 
Co-authored-by: MumuTW <MumuTW@users.noreply.github.com>
 2026-03-07 18:51:17 +00:00
Peter Steinberger
02f99c0ff3 docs: clarify agent owner trust defaults 2026-03-07 18:48:27 +00:00
Peter Steinberger
fbb9bb08c5 style(test): format gateway auth token coverage 2026-03-07 18:33:30 +00:00
Vincent Koc
f966dde476
tests: fix detect-secrets false positives (#39084) 
* Tests: rename gateway status env token fixture

* Tests: allowlist feishu onboarding fixtures

* Tests: allowlist Google Chat private key fixture

* Docs: allowlist Brave API key example

* Tests: allowlist pairing password env fixtures

* Chore: refresh detect-secrets baseline
 2026-03-07 13:21:29 -05:00
Vincent Koc
3acf46ed45 Tests: fix doctor gateway auth token formatting 2026-03-07 10:18:52 -08:00
Vincent Koc
e4d80ed556
CI: restore main detect-secrets scan (#38438) 
* Tests: stabilize detect-secrets fixtures

* Tests: fix rebased detect-secrets false positives

* Docs: keep snippets valid under detect-secrets

* Tests: finalize detect-secrets false-positive fixes

* Tests: reduce detect-secrets false positives

* Tests: keep detect-secrets pragmas inline

* Tests: remediate next detect-secrets batch

* Tests: tighten detect-secrets allowlists

* Tests: stabilize detect-secrets formatter drift
 2026-03-07 10:06:35 -08:00
Peter Steinberger
ce9719c654 refactor(test-utils): share direct channel plugin test fixture 2026-03-07 17:58:31 +00:00
Peter Steinberger
5f56333016 refactor(commands): dedupe config-only channel status fixtures 2026-03-07 17:58:31 +00:00
Peter Steinberger
bcb587a3bc refactor(commands): dedupe channel plugin test fixture builders 2026-03-07 17:58:31 +00:00
Peter Steinberger
c1a8f8150e refactor(commands): dedupe gateway status token secret fixtures 2026-03-07 17:58:31 +00:00
Josh Avant
8e20dd22d8
Secrets: harden SecretRef-safe models.json persistence (#38955) 2026-03-07 11:28:39 -06:00
Peter Steinberger
6f3990ddca refactor(commands): dedupe onboard search perplexity test setup 2026-03-07 17:05:23 +00:00
Peter Steinberger
8e6acded82 refactor(commands): dedupe message command secret-config tests 2026-03-07 17:05:23 +00:00
Peter Steinberger
d103918891 refactor(commands): dedupe model probe target test fixtures 2026-03-07 17:05:23 +00:00
Peter Steinberger
134c1e23d3 refactor(commands): dedupe ACP stream test scaffolding 2026-03-07 17:05:23 +00:00
Peter Steinberger
1dd4f92ea2 fix: default local onboarding tools profile to coding 2026-03-07 16:41:27 +00:00
Florian Hines
33e7394861
fix(providers): make all models available in kilocode provider (#32352) 
* kilocode: dynamic model discovery, kilo/auto default, cooldown exemption

- Replace 9-model hardcoded catalog with dynamic discovery from
  GET /api/gateway/models (Venice-like pattern with static fallback)
- Default model changed from anthropic/claude-opus-4.6 to kilo/auto
  (smart routing model)
- Add createKilocodeWrapper for X-KILOCODE-FEATURE header injection
  and reasoning.effort handling (skip for kilo/auto)
- Add kilocode to cooldown-exempt providers (proxy like OpenRouter)
- Keep sync buildKilocodeProvider for onboarding, add async
  buildKilocodeProviderWithDiscovery for implicit provider resolution
- Per-token gateway pricing converted to per-1M-token for cost fields

* kilocode: skip reasoning injection for x-ai models, harden discovery loop

* fix(kilocode): keep valid discovered duplicates (openclaw#32352, thanks @pandemicsyn)

* refactor(proxy): normalize reasoning payload guards (openclaw#32352, thanks @pandemicsyn)

* chore(changelog): note kilocode hardening (openclaw#32352, thanks @pandemicsyn and @vincentkoc)

* chore(changelog): fix kilocode note format (openclaw#32352, thanks @pandemicsyn and @vincentkoc)

* test(kilocode): support auto-model override cases (openclaw#32352, thanks @pandemicsyn)

* Update CHANGELOG.md

---------

Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
 2026-03-07 08:14:06 -08:00
拐爷&&老拐瘦
2e31aead39
fix(gateway): invalidate bootstrap cache on session rollover (openclaw#38535) 
Verified:
- pnpm install --frozen-lockfile
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: yfge <1186273+yfge@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-03-06 23:46:02 -06:00
ql-wade
e309a15d73
fix: suppress ACP NO_REPLY fragments in console output (#38436) 2026-03-07 09:34:45 +05:30
Vincent Koc
42e3d8d693
Secrets: add inline allowlist review set (#38314) 
* Secrets: add inline allowlist review set

* Secrets: narrow detect-secrets file exclusions

* Secrets: exclude Docker fingerprint false positive

* Secrets: allowlist test and docs false positives

* Secrets: refresh baseline after allowlist updates

* Secrets: fix gateway chat fixture pragma

* Secrets: format pre-commit config

* Android: keep talk mode fixture JSON valid

* Feishu: rely on client timeout injection

* Secrets: allowlist provider auth test fixtures

* Secrets: allowlist onboard search fixtures

* Secrets: allowlist onboard mode fixture

* Secrets: allowlist gateway auth mode fixture

* Secrets: allowlist APNS wake test key

* Secrets: allowlist gateway reload fixtures

* Secrets: allowlist moonshot video fixture

* Secrets: allowlist auto audio fixture

* Secrets: allowlist tiny audio fixture

* Secrets: allowlist embeddings fixtures

* Secrets: allowlist resolve fixtures

* Secrets: allowlist target registry pattern fixtures

* Secrets: allowlist gateway chat env fixture

* Secrets: refresh baseline after fixture allowlists

* Secrets: reapply gateway chat env allowlist

* Secrets: reapply gateway chat env allowlist

* Secrets: stabilize gateway chat env allowlist

* Secrets: allowlist runtime snapshot save fixture

* Secrets: allowlist oauth profile fixtures

* Secrets: allowlist compaction identifier fixture

* Secrets: allowlist model auth fixture

* Secrets: allowlist model status fixtures

* Secrets: allowlist custom onboarding fixture

* Secrets: allowlist mattermost token summary fixtures

* Secrets: allowlist gateway auth suite fixtures

* Secrets: allowlist channel summary fixture

* Secrets: allowlist provider usage auth fixtures

* Secrets: allowlist media proxy fixture

* Secrets: allowlist secrets audit fixtures

* Secrets: refresh baseline after final fixture allowlists

* Feishu: prefer explicit client timeout

* Feishu: test direct timeout precedence
 2026-03-06 19:35:26 -05:00
Vincent Koc
3070fafec1
fix(venice): switch default model to kimi-k2-5 (#38423) 
* Docs: refresh Venice default model guidance

* Venice: switch default model to Kimi K2.5

* Changelog: credit Venice default refresh
 2026-03-06 19:31:07 -05:00
Altay
6e962d8b9e
fix(agents): handle overloaded failover separately (#38301) 
* fix(agents): skip auth-profile failure on overload

* fix(agents): note overload auth-profile fallback fix

* fix(agents): classify overloaded failures separately

* fix(agents): back off before overload failover

* fix(agents): tighten overload probe and backoff state

* fix(agents): persist overloaded cooldown across runs

* fix(agents): tighten overloaded status handling

* test(agents): add overload regression coverage

* fix(agents): restore runner imports after rebase

* test(agents): add overload fallback integration coverage

* fix(agents): harden overloaded failover abort handling

* test(agents): tighten overload classifier coverage

* test(agents): cover all-overloaded fallback exhaustion

* fix(cron): retry overloaded fallback summaries

* fix(cron): treat HTTP 529 as overloaded retry
 2026-03-07 01:42:11 +03:00
Kesku
3d7bc5958d
feat(onboarding): add web search to onboarding flow (#34009) 
* add web search to onboarding flow

* remove post onboarding step (now redundant)

* post-onboarding nudge if no web search set up

* address comments

* fix test mocking

* add enabled: false assertion to the no-key test

* --skip-search cli flag

* use provider that a user has a key for

* add assertions, replace the duplicated switch blocks

* test for quickstart fast-path with existing config key

* address comments

* cover quickstart falls through to key test

* bring back key source

* normalize secret inputs instead of direct string trimming

* preserve enabled: false if it's already set

* handle missing API keys in flow

* doc updates

* hasExistingKey to detect both plaintext strings and SecretRef objects

* preserve enabled state only on the "keep current" paths

* add test for preserving

* better gate flows

* guard against invalid provider values in config

* Update src/commands/configure.wizard.ts

Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>

* format fix

* only mentions env var when it's actually available

* search apiKey fields now typed as SecretInput

* if no provider check if any search provider key is detectable

* handle both kimi keys

* remove .filter(Boolean)

* do not disable web_search after user enables it

* update resolveSearchProvider

* fix(onboarding): skip search key prompt in ref mode

* fix: add onboarding web search step (#34009) (thanks @kesku)

---------

Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
Co-authored-by: Shadow <hi@shadowing.dev>
 2026-03-06 13:09:00 -06:00
Ayaan Zaidi
bdd368533f fix(auth): remove bogus codex oauth responses probe 2026-03-06 15:07:34 +05:30
Vignesh Natarajan
a4a490bae7 fix(openai-codex-oauth): stop mutating authorize url scopes 2026-03-06 01:13:12 -08:00
Vignesh Natarajan
c5828cbc08 fix(onboarding): guard daemon status probe on headless linux 2026-03-05 22:51:58 -08:00
Josh Avant
0e4245063f
CLI: make read-only SecretRef status flows degrade safely (#37023) 
* CLI: add read-only SecretRef inspection

* CLI: fix read-only SecretRef status regressions

* CLI: preserve read-only SecretRef status fallbacks

* Docs: document read-only channel inspection hook

* CLI: preserve audit coverage for read-only SecretRefs

* CLI: fix read-only status account selection

* CLI: fix targeted gateway fallback analysis

* CLI: fix Slack HTTP read-only inspection

* CLI: align audit credential status checks

* CLI: restore Telegram read-only fallback semantics
 2026-03-05 23:07:13 -06:00
dorukardahan
5d4b04040d
feat(openai): add gpt-5.4 support for API and Codex OAuth (#36590) 
* feat(openai): add gpt-5.4 support and priority processing

* feat(openai-codex): add gpt-5.4 oauth support

* fix(openai): preserve provider overrides in gpt-5.4 fallback

* fix(openai-codex): keep xhigh for gpt-5.4 default

* fix(models): preserve configured overrides in list output

* fix(models): close gpt-5.4 integration gaps

* fix(openai): scope service tier to public api

* fix(openai): complete prep followups for gpt-5.4 support (#36590) (thanks @dorukardahan)

---------

Co-authored-by: Tyler Yust <TYTYYUST@YAHOO.COM>
 2026-03-05 21:01:37 -08:00
Vincent Koc
e5481ac79f
Doctor: warn on implicit heartbeat directPolicy (#36789) 
* Changelog: note heartbeat directPolicy doctor warning

* Tests: cover heartbeat directPolicy doctor warning

* Doctor: warn on implicit heartbeat directPolicy

* Tests: cover per-agent heartbeat directPolicy warning

* Update CHANGELOG.md
 2026-03-05 23:22:39 -05:00
Vignesh Natarajan
d45353f95b fix(agents): honor explicit rate-limit cooldown probes in fallback runs 2026-03-05 20:03:06 -08:00
Vignesh Natarajan
8088218f46 fix(openai-codex): request required oauth api scopes (#24720) 2026-03-05 18:10:03 -08:00
Josh Avant
fb289b7a79
Memory: handle SecretRef keys in doctor embeddings (#36835) 
Merged via squash.

Prepared head SHA: c1a3d0caae60115d886e8bfc9983c9533c773f04
Co-authored-by: joshavant <830519+joshavant@users.noreply.github.com>
Co-authored-by: joshavant <830519+joshavant@users.noreply.github.com>
Reviewed-by: @joshavant
 2026-03-05 20:05:59 -06:00
Vignesh Natarajan
92b4892127 fix(auth): harden openai-codex oauth login path 2026-03-05 17:16:34 -08:00
Vignesh Natarajan
d86a12eb62 fix(gateway): honor insecure ws override for remote hostnames 2026-03-05 17:04:26 -08:00
Gustavo Madeira Santana
6dfd39c32f
Harden Telegram poll gating and schema consistency (#36547) 
Merged via squash.

Prepared head SHA: f77824419e3d166f727474a9953a063a2b4547f2
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-03-05 19:24:43 -05:00