Ayuriel/openclaw
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
openclaw/src
History
2233admin 7830366f3c
fix(slack): propagate mediaLocalRoots through Slack send path 
Restore Slack local file upload parity with CVE-era local media allowlist enforcement by threading `mediaLocalRoots` through the Slack send call chain.

- pass `ctx.mediaLocalRoots` from Slack channel action adapter into `handleSlackAction`
- add and forward `mediaLocalRoots` in Slack action context/send path
- pass `mediaLocalRoots` into `sendMessageSlack` for upload allowlist enforcement
- add changelog entry with attribution for this behavior fix

Co-authored-by: 2233admin <1497479966@qq.com>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
2026-03-05 16:52:49 -06:00
..
acp
ACP: add persistent Discord channel and Telegram topic bindings (#34873)
2026-03-05 09:38:12 +01:00
agents
fix(slack): propagate mediaLocalRoots through Slack send path
2026-03-05 16:52:49 -06:00
auto-reply
fix(auth): grant senderIsOwner for internal channels with operator.admin scope (openclaw#35704)
2026-03-05 16:32:42 -06:00
browser
Gateway: add SecretRef support for gateway.auth.token with auth-mode guardrails (#35094)
2026-03-05 12:53:56 -06:00
canvas-host
refactor(tests): dedupe canvas host server setup
2026-03-03 02:53:13 +00:00
channels
fix(slack): propagate mediaLocalRoots through Slack send path
2026-03-05 16:52:49 -06:00
cli
Gateway: add SecretRef support for gateway.auth.token with auth-mode guardrails (#35094)
2026-03-05 12:53:56 -06:00
commands
Gateway: add SecretRef support for gateway.auth.token with auth-mode guardrails (#35094)
2026-03-05 12:53:56 -06:00
compat
config
fix(config): prevent RangeError in merged schema cache key generation
2026-03-05 16:45:07 -06:00
cron
feat: append UTC time alongside local time in shared Current time lines (#32423)
2026-03-06 01:26:34 +03:00
daemon
Fix Linux daemon install checks when systemd user bus env is missing (#34884)
2026-03-04 11:54:03 -08:00
discord
ACP: add persistent Discord channel and Telegram topic bindings (#34873)
2026-03-05 09:38:12 +01:00
docs
gateway
Gateway: add SecretRef support for gateway.auth.token with auth-mode guardrails (#35094)
2026-03-05 12:53:56 -06:00
hooks
refactor(hooks): dedupe install parameter wiring
2026-03-03 01:06:00 +00:00
i18n
ACP: add persistent Discord channel and Telegram topic bindings (#34873)
2026-03-05 09:38:12 +01:00
imessage
refactor: unify inbound debounce policy and split gateway/models helpers
2026-03-03 00:54:33 +00:00
infra
fix: restore auto-reply system events timeline (#34794) (thanks @anisoptera) (#34794)
2026-03-05 07:56:14 +05:30
line
fix(outbound): unify resolved cfg threading across send paths (#33987)
2026-03-04 00:20:44 -06:00
link-understanding
logging
build: fix ineffective dynamic imports with lazy boundaries (#33690)
2026-03-03 20:14:41 -05:00
markdown
refactor: dedupe gateway config and infra flows
2026-03-03 00:15:14 +00:00
media
security: add X-Content-Type-Options nosniff header to media route (#30356)
2026-03-03 13:35:46 -08:00
media-understanding
build: prevent mixed static/dynamic pi-model-discovery imports
2026-03-03 21:27:14 -05:00
memory
Compaction/Safeguard: add summary quality audit retries (#25556)
2026-03-05 13:39:25 -08:00
node-host
fix(node-host): sync rawCommand with hardened argv after executable path pinning (#33137)
2026-03-04 11:30:33 -05:00
pairing
Gateway: add SecretRef support for gateway.auth.token with auth-mode guardrails (#35094)
2026-03-05 12:53:56 -06:00
plugin-sdk
feat(mattermost): add interactive buttons support (#19957)
2026-03-05 20:14:57 +05:30
plugins
add prependSystemContext and appendSystemContext to before_prompt_build (fixes #35131) (#35177)
2026-03-05 13:06:59 -05:00
process
refactor: dedupe cli config cron and install flows
2026-03-02 19:57:33 +00:00
providers
refactor: dedupe agent and browser cli helpers
2026-03-03 00:15:00 +00:00
routing
ACP: add persistent Discord channel and Telegram topic bindings (#34873)
2026-03-05 09:38:12 +01:00
scripts
test(ci): add changed-scope shell-injection regression
2026-03-03 03:34:51 +00:00
secrets
Gateway: add SecretRef support for gateway.auth.token with auth-mode guardrails (#35094)
2026-03-05 12:53:56 -06:00
security
Gateway: add SecretRef support for gateway.auth.token with auth-mode guardrails (#35094)
2026-03-05 12:53:56 -06:00
sessions
fix: add runtime.events regression tests (#16044) (thanks @scifantastic)
2026-03-03 01:37:56 +00:00
shared
add prependSystemContext and appendSystemContext to before_prompt_build (fixes #35131) (#35177)
2026-03-05 13:06:59 -05:00
signal
fix(outbound): unify resolved cfg threading across send paths (#33987)
2026-03-04 00:20:44 -06:00
slack
fix(slack): propagate mediaLocalRoots through Slack send path
2026-03-05 16:52:49 -06:00
telegram
ACP: add persistent Discord channel and Telegram topic bindings (#34873)
2026-03-05 09:38:12 +01:00
terminal
CLI: dedupe config validate errors and expose allowed values
2026-03-02 20:05:12 -05:00
test-helpers
test-utils
plugins: avoid peer auto-install dependency bloat (#34017)
2026-03-03 22:00:15 -08:00
tts
TTS: add baseUrl support to OpenAI TTS config (#34321)
2026-03-05 07:25:04 +00:00
tui
Gateway: add SecretRef support for gateway.auth.token with auth-mode guardrails (#35094)
2026-03-05 12:53:56 -06:00
types
utils
fix(routing): unify session delivery invariants for duplicate suppression (#33786)
2026-03-03 21:40:38 -06:00
web
fix(outbound): unify resolved cfg threading across send paths (#33987)
2026-03-04 00:20:44 -06:00
whatsapp
refactor: dedupe channel outbound and monitor tests
2026-03-03 00:15:15 +00:00
wizard
Gateway: add SecretRef support for gateway.auth.token with auth-mode guardrails (#35094)
2026-03-05 12:53:56 -06:00
channel-web.ts
docker-image-digests.test.ts
docker-setup.e2e.test.ts
feat(docker): add opt-in sandbox support for Docker deployments (#29974)
2026-03-01 23:06:10 -08:00
dockerfile.test.ts
fix(docker): correct awk quoting in Docker GPG fingerprint check (#32153)
2026-03-03 02:32:46 +00:00
entry.ts
CLI: add root --help fast path and lazy channel option resolution (#30975)
2026-03-01 14:23:46 -08:00
extensionAPI.ts
globals.ts
index.ts
logger.test.ts
logger.ts
refactor: dedupe agent and reply runtimes
2026-03-02 19:57:33 +00:00
logging.ts
polls.test.ts
polls.ts
runtime.ts
utils.test.ts
utils.ts
version.test.ts
Gateway: fix stale self version in status output (#32655)
2026-03-03 02:41:52 -05:00
version.ts
Gateway: fix stale self version in status output (#32655)
2026-03-03 02:41:52 -05:00