Ayuriel/openclaw
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
13,513 Commits 756 Branches 79 Tags
Commit Graph

3117 Commits

Author SHA1 Message Date
vignesh07
a37e12eabc docs(changelog): credit nicole-luxe for mcporter QMD work 2026-02-21 17:32:59 -08:00
Vincent Koc
7a6ff4c55a
docs(changelog): credit BlueBubbles DM history fix (#23095) 2026-02-21 20:03:17 -05:00
Vignesh
3317b49d3b
feat(memory): allow QMD searches via mcporter keep-alive (openclaw#19617) thanks @vignesh07 
Verified:
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: vignesh07 <1436853+vignesh07@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-21 18:54:33 -06:00
Peter Steinberger
7707e3406c fix: await DiscordMessageListener handler for queued messages (#22396) 
Co-authored-by: Irene <huangxiyan2311@gmail.com>
 2026-02-22 00:41:46 +01:00
Peter Steinberger
d3991d6aa9 fix: harden sandbox tmp media validation (#17892) (thanks @dashed) 2026-02-22 00:31:21 +01:00
Peter Steinberger
95dab6e019 fix: harden config prototype-key guards (#22968) (thanks @Clawborn) 2026-02-22 00:25:22 +01:00
Peter Steinberger
780bbbd062 fix: restore CI checks after #23012 (thanks @druide67) 2026-02-22 00:16:15 +01:00
Peter Steinberger
bfe016fa29 fix: clear stale remote discovery endpoints (#21618) (thanks @bmendonca3) 2026-02-22 00:04:36 +01:00
Peter Steinberger
71bd15bb42 fix(ssrf): block special-use ipv4 ranges 2026-02-21 23:45:49 +01:00
Peter Steinberger
dea154ccae docs(changelog): add control-ui symlink hardening entry 2026-02-21 23:19:35 +01:00
Peter Steinberger
b34097f62d fix(security): enforce msteams redirect allowlist checks 2026-02-21 23:18:48 +01:00
Peter Steinberger
73d93dee64 fix: enforce inbound media max-bytes during remote fetch 2026-02-21 23:02:29 +01:00
Peter Steinberger
dd41fadcaf fix(macos): enforce path-only exec allowlist patterns 2026-02-21 22:58:40 +01:00
Peter Steinberger
2712883d16 docs(changelog): clarify quoted substitution fix for macOS allowlist 2026-02-21 22:57:53 +01:00
Peter Steinberger
f903603722 docs(changelog): keep 2026.2.22 split from 2026.2.21 2026-02-21 20:10:51 +01:00
Sean McLellan
00b98a368a
fix: flatten nested anyOf/oneOf in Gemini schema cleaning (openclaw#22825) thanks @Oceanswave 
Verified:
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: Oceanswave <760674+Oceanswave@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-21 13:09:42 -06:00
Peter Steinberger
f9108120c2 fix(gateway): strip inline directive tags from displayed text 2026-02-21 20:08:55 +01:00
Peter Steinberger
c3af00bddb docs(changelog): split 2026.2.21 release entries 2026-02-21 20:06:57 +01:00
Peter Steinberger
25e89cc863 fix(security): harden shell env fallback 2026-02-21 20:01:08 +01:00
Peter Steinberger
2c14b0cf4c refactor(config): unify streaming config across channels 2026-02-21 19:53:42 +01:00
Peter Steinberger
747bb581b3 fix(discord): canonicalize resolved allowlists to ids 2026-02-21 19:53:29 +01:00
Nimrod Gutman
3ed71d6f76 fix: update changelog for ios talk tts prefetch (#22833) (thanks @ngutman) 2026-02-21 20:52:05 +02:00
Peter Steinberger
9632b9bcf0 fix(security): fail closed parsed chat allowlist 2026-02-21 19:51:36 +01:00
Simone Macario
09d5f508b1
fix(cron): persist delivered flag in job state to surface delivery failures (openclaw#19174) thanks @simonemacario 
Verified:
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: simonemacario <2116609+simonemacario@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-21 12:47:29 -06:00
Peter Steinberger
f97c45c5b5 fix(security): warn on Discord name-based allowlists in audit 2026-02-21 19:45:17 +01:00
Peter Steinberger
4b226b74f5 fix(security): block zip symlink escape in archive extraction 2026-02-21 19:42:33 +01:00
Peter Steinberger
ddcb2d79b1 fix(gateway): block node role when device identity is missing 2026-02-21 19:34:13 +01:00
Peter Steinberger
e371da38aa fix(macos): consolidate exec approval evaluation 2026-02-21 19:30:35 +01:00
Peter Steinberger
9fc6c8b713 fix: hide synthetic untrusted metadata in chat history 2026-02-21 19:26:04 +01:00
Peter Steinberger
c730d4dd72 docs: clarify non-default scope for safeBins sort fix 2026-02-21 19:18:51 +01:00
Peter Steinberger
4c1dd9d068 fix(security): harden macos rawCommand allowlist resolution 2026-02-21 19:17:56 +01:00
niceysam
5e423b596c
fix: remove false-positive billing error rewrite on normal assistant text (openclaw#17834) thanks @niceysam 
Verified:
- pnpm install --frozen-lockfile
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: niceysam <256747835+niceysam@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-21 12:17:39 -06:00
Peter Steinberger
57fbbaebca fix: block safeBins sort --compress-program bypass 2026-02-21 19:13:53 +01:00
Peter Steinberger
bdfb97afad chore: prep 2026.2.22 unreleased and publish new npm plugins 2026-02-21 19:05:35 +01:00
Thorfinn
efdec39254
fix: correct MiniMax M2.5 pricing (was ~50x too high) (openclaw#22755) thanks @miloudbelarebia 
Verified:
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: miloudbelarebia <136994453+miloudbelarebia@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-21 11:26:48 -06:00
Peter Steinberger
35a57bc940 fix: gate doctor oauth-dir repair by channel config 2026-02-21 18:08:15 +01:00
Peter Steinberger
5da03e6221 fix(macos): harden exec allowlist shell-chain checks 2026-02-21 16:27:18 +01:00
Onur
8178ea472d
feat: thread-bound subagents on Discord (#21805) 
* docs: thread-bound subagents plan

* docs: add exact thread-bound subagent implementation touchpoints

* Docs: prioritize auto thread-bound subagent flow

* Docs: add ACP harness thread-binding extensions

* Discord: add thread-bound session routing and auto-bind spawn flow

* Subagents: add focus commands and ACP/session binding lifecycle hooks

* Tests: cover thread bindings, focus commands, and ACP unbind hooks

* Docs: add plugin-hook appendix for thread-bound subagents

* Plugins: add subagent lifecycle hook events

* Core: emit subagent lifecycle hooks and decouple Discord bindings

* Discord: handle subagent bind lifecycle via plugin hooks

* Subagents: unify completion finalizer and split registry modules

* Add subagent lifecycle events module

* Hooks: fix subagent ended context key

* Discord: share thread bindings across ESM and Jiti

* Subagents: add persistent sessions_spawn mode for thread-bound sessions

* Subagents: clarify thread intro and persistent completion copy

* test(subagents): stabilize sessions_spawn lifecycle cleanup assertions

* Discord: add thread-bound session TTL with auto-unfocus

* Subagents: fail session spawns when thread bind fails

* Subagents: cover thread session failure cleanup paths

* Session: add thread binding TTL config and /session ttl controls

* Tests: align discord reaction expectations

* Agent: persist sessionFile for keyed subagent sessions

* Discord: normalize imports after conflict resolution

* Sessions: centralize sessionFile resolve/persist helper

* Discord: harden thread-bound subagent session routing

* Rebase: resolve upstream/main conflicts

* Subagents: move thread binding into hooks and split bindings modules

* Docs: add channel-agnostic subagent routing hook plan

* Agents: decouple subagent routing from Discord

* Discord: refactor thread-bound subagent flows

* Subagents: prevent duplicate end hooks and orphaned failed sessions

* Refactor: split subagent command and provider phases

* Subagents: honor hook delivery target overrides

* Discord: add thread binding kill switches and refresh plan doc

* Discord: fix thread bind channel resolution

* Routing: centralize account id normalization

* Discord: clean up thread bindings on startup failures

* Discord: add startup cleanup regression tests

* Docs: add long-term thread-bound subagent architecture

* Docs: split session binding plan and dedupe thread-bound doc

* Subagents: add channel-agnostic session binding routing

* Subagents: stabilize announce completion routing tests

* Subagents: cover multi-bound completion routing

* Subagents: suppress lifecycle hooks on failed thread bind

* tests: fix discord provider mock typing regressions

* docs/protocol: sync slash command aliases and delete param models

* fix: add changelog entry for Discord thread-bound subagents (#21805) (thanks @onutc)

---------

Co-authored-by: Shadow <hi@shadowing.dev>
 2026-02-21 16:14:55 +01:00
Peter Steinberger
c8466e516f fix(agents): raise dynamic retry cap budget 2026-02-21 15:41:30 +01:00
Peter Steinberger
1bd3f01c17 fix(telegram): guard duplicate bot token accounts 2026-02-21 15:41:03 +01:00
Peter Steinberger
b25d3652e7 fix(agents): cap embedded runner retry loop 2026-02-21 15:35:45 +01:00
Peter Steinberger
3101047234 feat(models): add Gemini 3.1 support 2026-02-21 15:08:06 +01:00
Peter Steinberger
581868365d fix: finish volcengine/byteplus landing polish (#7967) (thanks @funmore123) 2026-02-21 15:05:09 +01:00
Peter Steinberger
95c14d9b5f docs: prune low-signal changelog entries 2026-02-21 15:02:10 +01:00
Peter Steinberger
7bd5c5d5a4 docs(changelog): reorder unreleased fixes by user impact 2026-02-21 14:37:49 +01:00
大猫子
c62a6e7040
fix(models): add kimi-coding implicit provider template (openclaw#22526) thanks @lailoo 
Verified:
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: lailoo <20536249+lailoo@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-21 07:35:09 -06:00
Peter Steinberger
f23da067f6 fix(security): harden heredoc allowlist parsing 2026-02-21 14:27:51 +01:00
Peter Steinberger
2706cbd6d7 fix(agents): include filenames in image resize logs 2026-02-21 13:16:41 +00:00
Peter Steinberger
f48698a50b fix(security): harden sandbox browser network defaults 2026-02-21 14:02:53 +01:00
Peter Steinberger
50a8942c07 docs(changelog): add WhatsApp reaction allowlist security note 2026-02-21 13:57:54 +01:00