Ayuriel/openclaw
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
10,373 Commits 756 Branches 79 Tags
Commit Graph

2587 Commits

Author SHA1 Message Date
Gustavo Madeira Santana
a8c30634ac changelog: add workspace onboarding attribution 2026-02-14 19:20:27 -05:00
Gustavo Madeira Santana
28b78b25b7 fix(workspace): persist bootstrap onboarding state 2026-02-14 19:20:27 -05:00
Vignesh Natarajan
3f69607d8c Changelog: configurable LanceDB capture limit 2026-02-14 16:03:40 -08:00
Vignesh Natarajan
53a8f474ee Memory/QMD: handle fallback init failures gracefully 2026-02-14 15:42:02 -08:00
Vignesh Natarajan
c4dbcc3444 Memory/QMD: make status checks side-effect free 2026-02-14 15:42:02 -08:00
Robby
ceb934299b
fix(workspace): create BOOTSTRAP.md regardless of workspace state (#16457) (#16504) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: a57718c09e9b601087edcb3ee15dd7ac6b96fee2
Co-authored-by: robbyczgw-cla <239660374+robbyczgw-cla@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-02-14 18:41:35 -05:00
Charlie Greenman
dec6859702
agents: reduce prompt token bloat from exec and context (#16539) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 8e1635fa3fdfb199a58bd53e816abc41cd400d44
Co-authored-by: CharlieGreenman <8540141+CharlieGreenman@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-02-14 18:32:45 -05:00
Vignesh Natarajan
2547514b47 Memory/QMD: treat prefixed no-results markers as empty 2026-02-14 15:31:52 -08:00
Peter Steinberger
abf42abd41 fix: LINE webhook verification 200; fix tsgo error (#16582) (thanks @arosstale) 2026-02-15 00:27:12 +01:00
Peter Steinberger
90117a3849 docs: consolidate 2026.2.14 changelog 2026-02-15 00:05:51 +01:00
Peter Steinberger
9e2e57458e docs(changelog): soften exec allowlist scope note 2026-02-15 00:03:21 +01:00
Vignesh Natarajan
c0bf6bc24f Memory/QMD: parse scope once in qmd scope checks 2026-02-14 14:59:18 -08:00
Vignesh Natarajan
0fdcb3be43 Memory/QMD: skip unchanged session export writes 2026-02-14 14:59:18 -08:00
Vignesh Natarajan
83e08b3bd5 Memory/QMD: optimize qmd readFile for line-window reads 2026-02-14 14:59:18 -08:00
Vignesh Natarajan
62aae7f69d Memory/QMD: add limit arg to search command 2026-02-14 14:59:18 -08:00
Vignesh Natarajan
19df928e7f Memory/QMD: robustly parse noisy qmd JSON output 2026-02-14 14:59:18 -08:00
Vignesh Natarajan
6bf333bf31 Memory/QMD: prefer exact docid lookup in index 2026-02-14 14:59:18 -08:00
Vignesh Natarajan
f9f816d139 Memory/QMD: cap qmd command output buffering 2026-02-14 14:59:18 -08:00
Bin Deng
c0cd3c3c08
fix: add safety timeout to session.compact() to prevent lane deadlock (#16533) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 21e4045addca7a424828478d84dd5e4b202cbcfd
Co-authored-by: BinHPdev <219093083+BinHPdev@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-02-14 17:54:12 -05:00
Peter Steinberger
7d658410e5 docs(changelog): clarify exec allowlist mode only 2026-02-14 23:51:15 +01:00
Peter Steinberger
db60b424a2 docs(changelog): note exec allowlist command substitution fix 2026-02-14 23:51:15 +01:00
Vishal Doshi
3efb752124
fix(gateway): abort active runs during sessions.reset (#16576) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 43da87f2dfd38133210f98422255705d09ae7922
Co-authored-by: Grynn <212880+Grynn@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-02-14 17:42:33 -05:00
Peter Steinberger
a99ad11a41 fix: validate state for manual Chutes OAuth 2026-02-14 23:33:56 +01:00
Gustavo Madeira Santana
8217d77ece
fix(cli): run plugin gateway_stop hooks before message exit (#16580) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 8542ac77ae183e19a0700c3bb0304ab06bb7d568
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-02-14 17:33:08 -05:00
Peter Steinberger
d02202e765 docs(changelog): note clawtributors updater injection fix 2026-02-14 23:26:39 +01:00
Peter Steinberger
a429380e33 fix(scripts): harden clawtributors updater 2026-02-14 23:25:32 +01:00
Bruno Škvorc
dbdcbe03e7
fix: preserve bootstrap paths and expose failed mutations (#16131) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 385dcbd8a9d3fd1bd67b5cb439b699a98728a679
Co-authored-by: Swader <1430603+Swader@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-02-14 17:01:16 -05:00
Peter Steinberger
c0c0e0f9ae fix(security): block full-form IPv4-mapped IPv6 in SSRF guard 2026-02-14 22:58:38 +01:00
Peter Steinberger
9e7aab9baf docs(changelog): credit logicx24 for plugin install traversal report 2026-02-14 22:54:38 +01:00
yinghaosang
8927c69b3f
fix(cli): stop message send from hanging forever after delivery (#16460) (#16491) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 78dffc9e99533715abf23d40062ed38a0fec4a50
Co-authored-by: yinghaosang <261132136+yinghaosang@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-02-14 16:53:56 -05:00
Peter Steinberger
576f7072a7 docs(changelog): credit @simecek for gateway connect auth fix 2026-02-14 22:42:35 +01:00
Gustavo Madeira Santana
48b3d7096c
fix: harden device pairing token generation and verification (#16535) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: bcbb50e3683b12643d8eb2ef3fde74dd3a3ac4a7
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-02-14 16:23:33 -05:00
Peter Steinberger
0b20ee2722 docs(changelog): note gateway /approve scope fix 2026-02-14 22:14:18 +01:00
Peter Steinberger
938b1dd1e7 docs(changelog): fix gatewayUrl SSRF entry 2026-02-14 22:08:28 +01:00
Peter Steinberger
3513ff09de docs(changelog): note Telegram webhookSecret hard requirement 2026-02-14 22:08:19 +01:00
Peter Steinberger
c5406e1d24 fix(security): prevent gatewayUrl SSRF 2026-02-14 22:01:11 +01:00
Peter Steinberger
e95ce05c1e chore(security): soften gatewayUrl override messaging 2026-02-14 21:53:30 +01:00
Peter Steinberger
2d5647a804 fix(security): restrict tool gatewayUrl overrides 2026-02-14 21:53:14 +01:00
Marcus Castro
07850e8a93
fix(media): strip MEDIA: prefix in loadWebMediaInternal (#13107) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 9d95e6af5aad7fb18f0ab3f941a0043ec18ca604
Co-authored-by: mcaxtr <7562095+mcaxtr@users.noreply.github.com>
Co-authored-by: steipete <58493+steipete@users.noreply.github.com>
Reviewed-by: @steipete
 2026-02-14 21:41:26 +01:00
Peter Steinberger
1bde33c0bc docs(changelog): note browser control path traversal fix 2026-02-14 21:37:34 +01:00
Peter Steinberger
9abf86f7e0 docs(changelog): document Slack/Discord dmPolicy aliases 2026-02-14 21:04:27 +01:00
Bin Deng
b9d14855d0
Fix: Force dashboard command to use localhost URL (#16434) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 3c03b4cc9b1dec96e0541df37910a697493ca285
Co-authored-by: BinHPdev <219093083+BinHPdev@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-02-14 15:00:58 -05:00
Shadow
2fa78c17d1
Changelog: credit cron delivery fix 2026-02-14 13:37:33 -06:00
zerone0x
c60844931b
fix(cron): prevent list/status from silently skipping recurring jobs (openclaw#16201) thanks @zerone0x 
Verified:
- pnpm install --frozen-lockfile
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: zerone0x <39543393+zerone0x@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-14 13:33:29 -06:00
Gustavo Madeira Santana
64b7f3455e
chore: fix changelog attribution 2026-02-14 14:26:27 -05:00
Peter Steinberger
90d1e9cd71 docs(changelog): note iMessage group allowlist auth fix 2026-02-14 20:25:35 +01:00
Michael Verrilli
e6f67d5f31
fix(agent): prevent session lock deadlock on timeout during compaction (#9855) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 64a28900f183941a496a6fd5baaa9efcfb38f0f8
Co-authored-by: mverrilli <816450+mverrilli@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-02-14 14:24:20 -05:00
Glucksberg
f537bd1796
fix(telegram): exclude plugin commands from setMyCommands when native=false (openclaw#15164) thanks @Glucksberg 
Verified:
- pnpm install --frozen-lockfile
- pnpm build
- pnpm check
- pnpm test

Co-authored-by: Glucksberg <80581902+Glucksberg@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-14 13:22:58 -06:00
Mariano
5544646a09
security: block apply_patch path traversal outside workspace (#16405) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 0fcd3f8c3a15993980eb89ecdae3e76de4f3f72d
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
 2026-02-14 19:11:12 +00:00
Bin Deng
4734f99108
Fix: Add type safety to models status command (#16395) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 1554137ae34b8183a924d48e3894e9d60c4e2dde
Co-authored-by: BinHPdev <219093083+BinHPdev@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-02-14 14:07:38 -05:00