Ayuriel/openclaw
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
20,043 Commits 756 Branches 79 Tags
Commit Graph

1781 Commits

Author SHA1 Message Date
Peter Steinberger
ccf16cd889
fix(gateway): clear trusted-proxy control ui scopes 2026-03-17 10:07:53 -07:00
Peter Steinberger
6d9bf6de93
refactor: narrow extension public seams 2026-03-17 09:58:33 -07:00
Peter Steinberger
4b125762f6
refactor: clean extension api boundaries 2026-03-17 09:38:21 -07:00
Bob
ea15819ecf
ACP: harden startup and move configured routing behind plugin seams (#48197) 
* ACPX: keep plugin-local runtime installs out of dist

* Gateway: harden ACP startup and service PATH

* ACP: reinitialize error-state configured bindings

* ACP: classify pre-turn runtime failures as session init failures

* Plugins: move configured ACP routing behind channel seams

* Telegram tests: align startup probe assertions after rebase

* Discord: harden ACP configured binding recovery

* ACP: recover Discord bindings after stale runtime exits

* ACPX: replace dead sessions during ensure

* Discord: harden ACP binding recovery

* Discord: fix review follow-ups

* ACP bindings: load channel snapshots across workspaces

* ACP bindings: cache snapshot channel plugin resolution

* Experiments: add ACP pluginification holy grail plan

* Experiments: rename ACP pluginification plan doc

* Experiments: drop old ACP pluginification doc path

* ACP: move configured bindings behind plugin services

* Experiments: update bindings capability architecture plan

* Bindings: isolate configured binding routing and targets

* Discord tests: fix runtime env helper path

* Tests: fix channel binding CI regressions

* Tests: normalize ACP workspace assertion on Windows

* Bindings: isolate configured binding registry

* Bindings: finish configured binding cleanup

* Bindings: finish generic cleanup

* Bindings: align runtime approval callbacks

* ACP: delete residual bindings barrel

* Bindings: restore legacy compatibility

* Revert "Bindings: restore legacy compatibility"

This reverts commit ac2ed68fa2426ecc874d68278c71c71ad363fcfe.

* Tests: drop ACP route legacy helper names

* Discord/ACP: fix binding regressions

---------

Co-authored-by: Onur <2453968+osolmaz@users.noreply.github.com>
 2026-03-17 17:27:52 +01:00
Josh Lehman
1399ca5fcb
fix(plugins): forward plugin subagent overrides (#48277) 
Merged via squash.

Prepared head SHA: ffa45893e0ea72bc21b48d0ea227253ba207eec0
Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com>
Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com>
Reviewed-by: @jalehman
 2026-03-17 07:20:27 -07:00
Peter Steinberger
e5919bc524
docs(gateway): clarify URL allowlist semantics 2026-03-17 00:03:27 -07:00
Peter Steinberger
57204b4fa9
fix(gateway): surface env override keys in exec approvals 2026-03-16 23:24:32 -07:00
Peter Steinberger
43838b1b14 refactor(device): share missing-scope helper 2026-03-17 06:24:01 +00:00
Peter Steinberger
aa2d5aaa0c
feat(plugins): add image generation capability 2026-03-16 22:58:55 -07:00
Peter Steinberger
00b57145ff
refactor: move agent runtime into agents layer 2026-03-16 22:53:16 -07:00
Peter Steinberger
9ebe38b6e3
refactor: untangle remaining plugin sdk boundaries 2026-03-16 21:16:32 -07:00
Peter Steinberger
3e010e280a
feat(plugins): add media understanding provider registration 2026-03-16 20:42:00 -07:00
Peter Steinberger
fe4368cbca fix: align thinking defaults and plugin sdk exports 2026-03-17 03:16:39 +00:00
Peter Steinberger
1ffe8fde84 fix: stabilize docker test suite 2026-03-17 03:02:03 +00:00
Peter Steinberger
662031a88e
feat(plugins): add speech provider registration 2026-03-16 18:50:09 -07:00
Josh Lehman
eeb140b4f0
fix(plugins): late-binding subagent runtime for non-gateway load paths (#46648) 
Merged via squash.

Prepared head SHA: 44742652c9ac2eec82a6d958fd77f84ba1d29c0a
Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com>
Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com>
Reviewed-by: @jalehman
 2026-03-16 14:27:54 -07:00
Gustavo Madeira Santana
13894ec5aa
Gateway tests: share ordered client teardown helper 2026-03-16 14:36:04 +00:00
Gustavo Madeira Santana
d352be8e99
Gateway tests: centralize mock responses provider setup 2026-03-16 14:36:04 +00:00
Gustavo Madeira Santana
771fbeae79
Gateway: simplify startup and stabilize mock responses tests 2026-03-16 14:32:55 +00:00
Gustavo Madeira Santana
96ed010a37
Gateway: gate deferred channel startup behind opt-in 2026-03-16 13:55:53 +00:00
Gustavo Madeira Santana
1b234b910b
Gateway: defer full channel plugins until after listen 2026-03-16 13:31:20 +00:00
Ayaan Zaidi
ccba943738
test(gateway): restore agent request route mock 2026-03-16 17:17:03 +05:30
Vincent Koc
9ee0fb52e9 Gateway: cover lazy channel runtime resolution 2026-03-16 01:43:47 -07:00
Vincent Koc
776e5d8a08 Gateway: lazily resolve channel runtime 2026-03-16 01:43:47 -07:00
Peter Steinberger
7e74adef91
refactor: shrink public channel plugin sdk surfaces 2026-03-16 01:34:22 -07:00
Peter Steinberger
a73d6620b3
refactor: route remaining channel imports through plugin sdk 2026-03-16 01:17:13 -07:00
Vincent Koc
7a09255361 Runtime: lazy-load channel runtime singletons 2026-03-16 01:02:19 -07:00
Peter Steinberger
74d0c39b32
refactor: move session lifecycle and outbound fallbacks into plugins 2026-03-16 00:40:43 -07:00
Peter Steinberger
4ab016a9bd fix: preserve loopback gateway scopes for local auth 2026-03-16 06:22:15 +00:00
Vincent Koc
7b2a7da549 Gateway: import normalizeAgentId in hooks 2026-03-15 23:20:11 -07:00
Vincent Koc
c4b18ab3c9 Status: split lightweight gateway agent list 2026-03-15 22:55:27 -07:00
Vincent Koc
4cb46f223c Security: trim audit policy import surfaces 2026-03-15 22:55:26 -07:00
Joey Krug
304703f165 fix: resume orphaned subagent sessions after SIGUSR1 reload 
Closes #47711

After a SIGUSR1 gateway reload aborts in-flight subagent LLM calls, the gateway now scans for orphaned sessions and sends a synthetic resume message to restart their work. Also makes the deferral timeout configurable via gateway.reload.deferralTimeoutMs (default: 5 minutes, up from 90s).
 2026-03-15 22:32:36 -07:00
Peter Steinberger
5c120cb36c
refactor: make setup the primary wizard surface 2026-03-15 22:01:04 -07:00
Peter Steinberger
a69f6190ab
fix(gateway): pin plugin webhook route registry (#47902) 2026-03-15 21:53:05 -07:00
Peter Steinberger
656848dcd7
refactor: rename setup wizard surfaces 2026-03-15 21:40:31 -07:00
Vincent Koc
d8e138c743 Gateway: add presence-only probe mode for status 2026-03-15 19:56:08 -07:00
Josh Avant
a2cb81199e
secrets: harden read-only SecretRef command paths and diagnostics (#47794) 
* secrets: harden read-only SecretRef resolution for status and audit

* CLI: add SecretRef degrade-safe regression coverage

* Docs: align SecretRef status and daemon probe semantics

* Security audit: close SecretRef review gaps

* Security audit: preserve source auth SecretRef configuredness

* changelog

Signed-off-by: joshavant <830519+joshavant@users.noreply.github.com>

---------

Signed-off-by: joshavant <830519+joshavant@users.noreply.github.com>
 2026-03-15 21:55:24 -05:00
Peter Steinberger
d56559bad7 fix: repair node24 ci type drift 2026-03-16 01:15:31 +00:00
Peter Steinberger
74c762beb0
refactor: decouple channel setup discovery 2026-03-15 16:26:09 -07:00
Vincent Koc
c9a8b6f82f chore(fmt): format changes and broken types 2026-03-15 12:03:35 -07:00
Vincent Koc
fc2d29ea92
Gateway: tighten forwarded client and pairing guards (#46800) 
* Gateway: tighten forwarded client and pairing guards

* Gateway: make device approval scope checks atomic

* Gateway: preserve device approval baseDir compatibility
 2026-03-15 10:50:49 -07:00
Peter Steinberger
7c0a849ed7
fix: harden device token rotation denial paths 2026-03-15 09:05:45 -07:00
Vincent Koc
a60fd3feed Nodes tests: prove pull-time policy revalidation 2026-03-15 09:05:22 -07:00
Vincent Koc
ec2c6d83b9
Nodes: recheck queued actions before delivery (#46815) 
* Nodes: recheck queued actions before delivery

* Nodes tests: cover pull-time policy recheck

* Nodes tests: type node policy mocks explicitly
 2026-03-15 08:47:17 -07:00
Andrew Demczuk
26e0a3ee9a
fix(gateway): skip Control UI pairing when auth.mode=none (closes #42931) (#47148) 
When auth is completely disabled (mode=none), requiring device pairing
for Control UI operator sessions adds friction without security value
since any client can already connect without credentials.

Add authMode parameter to shouldSkipControlUiPairing so the bypass
fires only for Control UI + operator role + auth.mode=none. This avoids
the #43478 regression where a top-level OR disabled pairing for ALL
websocket clients.
 2026-03-15 13:03:39 +01:00
Ace Lee
d7ac16788e
fix(android): support android node calllog.search (#44073) 
* fix(android): support android node  `calllog.search`

* fix(android): support android node calllog.search

* fix(android): wire callLog through shared surfaces

* fix: land Android callLog support (#44073) (thanks @lxk7280)

---------

Co-authored-by: lixuankai <lixuankai@oppo.com>
Co-authored-by: Ayaan Zaidi <hi@obviy.us>
 2026-03-15 14:54:32 +05:30
Tak Hoffman
29fec8bb9f
fix(gateway): harden health monitor account gating (#46749) 
* gateway: harden health monitor account gating

* gateway: tighten health monitor account-id guard
 2026-03-14 21:58:28 -05:00
rstar327
ba6064cc22
feat(gateway): make health monitor stale threshold and max restarts configurable (openclaw#42107) 
Verified:
- pnpm exec vitest --run src/config/config-misc.test.ts -t "gateway.channelHealthCheckMinutes"
- pnpm exec vitest --run src/gateway/server-channels.test.ts -t "health monitor"
- pnpm exec vitest --run src/gateway/channel-health-monitor.test.ts src/gateway/server/readiness.test.ts
- pnpm exec vitest --run extensions/feishu/src/outbound.test.ts
- pnpm exec tsc --noEmit

Co-authored-by: rstar327 <114364448+rstar327@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-03-14 21:21:56 -05:00
Andrew Demczuk
92fc8065e9
fix(gateway): remove re-introduced auth.mode=none pairing bypass 
The revert of #43478 (commit 39b4185d0b) was silently undone by
3704293e6f which was based on a branch that included the original
change. This removes the auth.mode=none skipPairing condition again.

The blanket skip was too broad - it disabled pairing for ALL websocket
clients, not just Control UI behind reverse proxies.
 2026-03-15 00:46:24 +01:00