Ayuriel/openclaw
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
17,804 Commits 756 Branches 79 Tags
Commit Graph

1326 Commits

Author SHA1 Message Date
Radek Sienkiewicz
4f42c03a49
gateway: fix global Control UI 404s for symlinked wrappers and bundled package roots (#40385) 
Merged via squash.

Prepared head SHA: 567b3ed68434220bb319a940fa1b834a2f520ff5
Co-authored-by: velvet-shark <126378+velvet-shark@users.noreply.github.com>
Co-authored-by: velvet-shark <126378+velvet-shark@users.noreply.github.com>
Reviewed-by: @velvet-shark
 2026-03-09 01:50:42 +01:00
Peter Steinberger
32a6eae576 refactor: share gateway argv parsing 2026-03-08 23:38:24 +00:00
Peter Steinberger
0692f71c6f fix: wait for extension relay tab reconnects (#32461) (thanks @AaronWander) 2026-03-08 19:11:58 +00:00
Peter Steinberger
3ada30e670 fix: restore gate after rebase 2026-03-08 18:40:15 +00:00
Peter Steinberger
dd7470730d test: isolate git commit resolution fallbacks 2026-03-08 18:40:14 +00:00
Vincent Koc
d23d36a2f9 Tests: lower entropy git commit fixtures 2026-03-08 11:16:03 -07:00
yuweuii
6c9b49a10b
fix(sessions): clear stale contextTokens on model switch (#38044) 
Merged via squash.

Prepared head SHA: bac2df4b7f920ce271f0a15f1db9ed99b35300f3
Co-authored-by: yuweuii <82372187+yuweuii@users.noreply.github.com>
Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com>
Reviewed-by: @jalehman
 2026-03-08 10:59:16 -07:00
Altay
ca5e352c53
CLI: include commit hash in --version output (#39712) 
* CLI: include commit hash in --version output

* fix(version): harden commit SHA resolution and keep output consistent

* CLI: keep install checks compatible with commit-tagged version output

* fix(cli): include commit hash in root version fast path

* test(cli): allow null commit-hash mocks

* Installer: share version parser across install scripts

* Installer: avoid sourcing helpers from stdin cwd

* CLI: note commit-tagged version output

* CLI: anchor commit hash resolution to module root

* CLI: harden commit hash resolution

* CLI: fix commit hash lookup edge cases

* CLI: prefer live git metadata in dev builds

* CLI: keep git lookup inside package root

* Infra: tolerate invalid moduleUrl hints

* CLI: cache baked commit metadata fallbacks

* CLI: align changelog attribution with prep gate

* CLI: restore changelog contributor credit

---------

Co-authored-by: echoVic <echovic@163.com>
Co-authored-by: echoVic <echoVic@users.noreply.github.com>
 2026-03-08 19:10:48 +03:00
daymade
f930fcbd3f Add regression test and CHANGELOG entry 
- Add test ensuring launchd path never returns "failed" status
- Add CHANGELOG.md entry documenting the fix with issue/PR references
- Reference ThrottleInterval evolution (#27650#29078 → current 1s)
 2026-03-08 13:42:50 +00:00
daymade
03aea082d0 chore: condense inline comments per code review 
Remove redundant rationale from test body (test names already convey it)
and trim the production comment to what/consequence/link (mechanism
details live in #39760).
 2026-03-08 13:42:50 +00:00
daymade
5f45e76d61 fix(darwin): remove self-kickstart from launchd gateway restart; rely on KeepAlive 
When the gateway needs a config-triggered restart under launchd, calling
`launchctl kickstart -k` from within the service itself races with
launchd's async bootout state machine:

1. `kickstart -k` initiates a launchd bootout → SIGTERM to self
2. Gateway ignores SIGTERM during shutdown → process doesn't exit
3. 2s `spawnSync` timeout kills the launchctl child, but launchd
   continues the bootout asynchronously
4. Fallback `launchctl bootstrap` fails with EIO (service mid-bootout)
5. In-process restart runs on the same PID that launchd will SIGKILL
6. LaunchAgent is permanently unloaded — no auto-restart

Fix: on darwin/launchd, skip `triggerOpenClawRestart()` entirely.
The caller already calls `exitProcess(0)` for supervised mode, and
`KeepAlive=true` (always set in the plist template) restarts the
service within ~1 second.

The schtasks (Windows) path is unchanged — Windows doesn't have an
equivalent KeepAlive mechanism.
 2026-03-08 13:42:50 +00:00
Peter Steinberger
2646739d23 refactor: centralize strict numeric parsing 2026-03-08 03:02:25 +00:00
Peter Steinberger
44e7c1142e refactor(doctor): model legacy file copies as plans 2026-03-08 02:16:03 +00:00
Peter Steinberger
01cff3a7a6 refactor(pairing): share allowFrom path resolution 2026-03-08 02:16:03 +00:00
Peter Steinberger
189cd99377 refactor(discord): require explicit outbound target hints 2026-03-08 01:15:29 +00:00
Peter Steinberger
3987ca4099 refactor(retry): simplify telegram shouldRetry composition 2026-03-08 01:14:16 +00:00
Peter Steinberger
eb09d8dd71 fix(telegram): land #34238 from @hal-crackbot 
Landed from contributor PR #34238 by @hal-crackbot.

Co-authored-by: Hal Crackbot <hal@crackbot.dev>
 2026-03-08 00:56:58 +00:00
Vincent Koc
a56841b98c
Daemon: harden WSL2 systemctl install checks (#39294) 
* Daemon: harden WSL2 systemctl install checks

* Changelog: note WSL2 daemon install hardening

* Daemon: tighten systemctl failure classification
 2026-03-07 16:43:19 -08:00
Peter Steinberger
9d2b292998 fix(exec-approvals): honor allow-always for bash script invocations 
Landed from contributor PR #35137 by @yuweuii.

Co-authored-by: yuweuii <82372187+yuweuii@users.noreply.github.com>
 2026-03-08 00:39:54 +00:00
Peter Steinberger
8a469a12b2 test(exec): dedupe wrapper boundary regressions 2026-03-08 00:12:08 +00:00
Peter Steinberger
5f50823abf refactor(exec): share wrapper depth classification 2026-03-08 00:12:08 +00:00
Peter Steinberger
2fc95a7cfc fix(exec): close dispatch-wrapper boundary drift 2026-03-07 23:40:38 +00:00
Peter Steinberger
939b18475d fix(exec): honor shell comments in allow-always analysis 2026-03-07 23:31:25 +00:00
Peter Steinberger
c5bd84309a refactor: share allowFrom stringification helpers 2026-03-07 23:27:51 +00:00
Peter Steinberger
1d1757b16f fix(exec): recognize PowerShell encoded commands 2026-03-07 23:15:46 +00:00
Peter Steinberger
5b27b0cecf refactor(outbound,agents): extract shared payload and queue helpers 2026-03-07 23:07:16 +00:00
Peter Steinberger
7ab49a7fb7 test(regression): cover recent landed fix paths 2026-03-07 23:07:16 +00:00
Peter Steinberger
c76d29208b fix(node-host): bind approved script operands 2026-03-07 23:04:00 +00:00
Peter Steinberger
708187f28c fix(outbound): prevent replay after ack crash windows (#38668, thanks @Gundam98) 
Co-authored-by: Gundam98 <huhanwen98@gmail.com>
 2026-03-07 22:53:27 +00:00
Peter Steinberger
733f7af92b fix(heartbeat): keep requests-in-flight retries from drifting schedule (#39182, thanks @MumuTW) 
Co-authored-by: MumuTW <clothl47364@gmail.com>
 2026-03-07 22:10:51 +00:00
Peter Steinberger
cc7e61612a fix(gateway): harden service-mode stale process cleanup (#38463, thanks @spirittechie) 
Co-authored-by: Jesse Paul <drzin69@gmail.com>
 2026-03-07 21:36:24 +00:00
Altay
97f9e25525
fix(ci): restore strip-ansi and typecheck fixtures (#39146) 
* fix: restore strip-ansi and typecheck fixtures

* test: normalize windows install path assertions
 2026-03-07 23:13:13 +03:00
Peter Steinberger
d72734946a fix(security): harden install base drift cleanup 2026-03-07 19:23:01 +00:00
Peter Steinberger
e27bbe4982 fix(exec): block dangerous override-only env pivots 2026-03-07 19:18:05 +00:00
Peter Steinberger
6aa80844b8 fix(security): stage installs before publish 2026-03-07 19:11:07 +00:00
Peter Steinberger
74ecdec9ba fix(security): harden fs-safe copy writes 2026-03-07 19:10:27 +00:00
Peter Steinberger
8928aba7ee refactor: dedupe minimax provider auth test setup 2026-03-07 19:02:01 +00:00
Peter Steinberger
31acad4e8f fix: harden zip extraction writes 2026-03-07 19:01:35 +00:00
Peter Steinberger
8bd0eb5424 fix(outbound): land #38944 from @Narcooo 
Co-authored-by: Narcooo <Narcooo@users.noreply.github.com>
 2026-03-07 18:46:48 +00:00
Vincent Koc
e4d80ed556
CI: restore main detect-secrets scan (#38438) 
* Tests: stabilize detect-secrets fixtures

* Tests: fix rebased detect-secrets false positives

* Docs: keep snippets valid under detect-secrets

* Tests: finalize detect-secrets false-positive fixes

* Tests: reduce detect-secrets false positives

* Tests: keep detect-secrets pragmas inline

* Tests: remediate next detect-secrets batch

* Tests: tighten detect-secrets allowlists

* Tests: stabilize detect-secrets formatter drift
 2026-03-07 10:06:35 -08:00
Peter Steinberger
a31d3cad96 refactor(fetch-guard): clarify cross-origin redirect header filtering 2026-03-07 17:58:05 +00:00
Peter Steinberger
46715371b0 fix(security): strip custom auth headers on cross-origin redirects 2026-03-07 17:34:42 +00:00
Josh Avant
8e20dd22d8
Secrets: harden SecretRef-safe models.json persistence (#38955) 2026-03-07 11:28:39 -06:00
Ayaan Zaidi
05c240fad6
fix: restart Windows gateway via Scheduled Task (#38825) (#38825) 2026-03-07 18:00:38 +05:30
Peter Steinberger
3c71e2bd48 refactor(core): extract shared dedup helpers 2026-03-07 10:41:05 +00:00
Xinhua Gu
1a022a31de
fix(gateway): classify wrapped "fetch failed" messages as transient network errors (openclaw#38530) 
Verified:
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: xinhuagu <562450+xinhuagu@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-03-06 21:47:32 -06:00
Vincent Koc
42e3d8d693
Secrets: add inline allowlist review set (#38314) 
* Secrets: add inline allowlist review set

* Secrets: narrow detect-secrets file exclusions

* Secrets: exclude Docker fingerprint false positive

* Secrets: allowlist test and docs false positives

* Secrets: refresh baseline after allowlist updates

* Secrets: fix gateway chat fixture pragma

* Secrets: format pre-commit config

* Android: keep talk mode fixture JSON valid

* Feishu: rely on client timeout injection

* Secrets: allowlist provider auth test fixtures

* Secrets: allowlist onboard search fixtures

* Secrets: allowlist onboard mode fixture

* Secrets: allowlist gateway auth mode fixture

* Secrets: allowlist APNS wake test key

* Secrets: allowlist gateway reload fixtures

* Secrets: allowlist moonshot video fixture

* Secrets: allowlist auto audio fixture

* Secrets: allowlist tiny audio fixture

* Secrets: allowlist embeddings fixtures

* Secrets: allowlist resolve fixtures

* Secrets: allowlist target registry pattern fixtures

* Secrets: allowlist gateway chat env fixture

* Secrets: refresh baseline after fixture allowlists

* Secrets: reapply gateway chat env allowlist

* Secrets: reapply gateway chat env allowlist

* Secrets: stabilize gateway chat env allowlist

* Secrets: allowlist runtime snapshot save fixture

* Secrets: allowlist oauth profile fixtures

* Secrets: allowlist compaction identifier fixture

* Secrets: allowlist model auth fixture

* Secrets: allowlist model status fixtures

* Secrets: allowlist custom onboarding fixture

* Secrets: allowlist mattermost token summary fixtures

* Secrets: allowlist gateway auth suite fixtures

* Secrets: allowlist channel summary fixture

* Secrets: allowlist provider usage auth fixtures

* Secrets: allowlist media proxy fixture

* Secrets: allowlist secrets audit fixtures

* Secrets: refresh baseline after final fixture allowlists

* Feishu: prefer explicit client timeout

* Feishu: test direct timeout precedence
 2026-03-06 19:35:26 -05:00
Vincent Koc
455430a6f8
Dead code: remove unused helper modules (#38318) 
* Dead code: remove unused provider runtime policy helper

* Dead code: remove unused shared env writer

* Dead code: remove unused auth store path collector
 2026-03-06 17:53:02 -05:00
Vincent Koc
f392b81e95
Infra: require explicit opt-in for prerelease npm installs (#38117) 
* Infra: tighten npm registry spec parsing

* Infra: block implicit prerelease npm installs

* Plugins: cover prerelease install policy

* Infra: add npm registry spec tests

* Hooks: cover prerelease install policy

* Docs: clarify plugin guide version policy

* Docs: clarify plugin install version policy

* Docs: clarify hooks install version policy

* Docs: clarify hook pack version policy
 2026-03-06 11:13:30 -05:00
Octane
777af476cb
Respect source channel for agent event surfacing (#36030) 2026-03-06 01:14:00 -05:00