Ayuriel/openclaw
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
openclaw/src
History
Andrew Demczuk f84a41dcb8
fix(security): block JVM, Python, and .NET env injection vectors in host exec sandbox (#49025) 
Add JAVA_TOOL_OPTIONS, _JAVA_OPTIONS, JDK_JAVA_OPTIONS, PYTHONBREAKPOINT, and
DOTNET_STARTUP_HOOKS to blockedKeys in the host exec security policy.

Closes #22681
2026-03-17 15:37:55 +01:00
..
acp
fix(plugins): forward plugin subagent overrides (#48277)
2026-03-17 07:20:27 -07:00
agents
fix(plugins): forward plugin subagent overrides (#48277)
2026-03-17 07:20:27 -07:00
auto-reply
refactor(command-tests): share workspace harness
2026-03-17 07:23:44 +00:00
browser
Browser: support non-Chrome existing-session profiles via userDataDir (#48170)
2026-03-16 14:21:22 +01:00
canvas-host
fix: drop stray a2ui bundle
2026-03-15 21:39:49 -07:00
channels
refactor: consolidate lazy runtime surfaces
2026-03-17 00:59:20 -07:00
cli
refactor: consolidate lazy runtime surfaces
2026-03-17 00:59:20 -07:00
commands
fix(plugins): forward plugin subagent overrides (#48277)
2026-03-17 07:20:27 -07:00
compat
config
fix(plugins): forward plugin subagent overrides (#48277)
2026-03-17 07:20:27 -07:00
context-engine
Plugins: harden context engine ownership
2026-03-15 13:51:15 -07:00
cron
test: cover invalid main job store load
2026-03-17 07:06:25 +00:00
daemon
fix(daemon): accept 'Last Result' schtasks key variant on Windows (#47726)
2026-03-15 22:20:34 -07:00
docs
gateway
fix(plugins): forward plugin subagent overrides (#48277)
2026-03-17 07:20:27 -07:00
hooks
test: fix stale web search and boot-md contracts
2026-03-16 20:04:30 +05:30
i18n
image-generation
test(image-generation): add live variant coverage
2026-03-17 01:09:58 -07:00
infra
fix(security): block JVM, Python, and .NET env injection vectors in host exec sandbox (#49025)
2026-03-17 15:37:55 +01:00
interactive
refactor: unify reply content checks
2026-03-16 05:54:16 +00:00
line
fix: resolve current ci regressions
2026-03-14 00:51:12 +00:00
link-understanding
logging
fix(logging): make logger import browser-safe
2026-03-16 23:08:21 +03:00
markdown
media
refactor(media-tests): share telegram redaction assertion
2026-03-17 07:23:44 +00:00
media-understanding
fix(plugins): forward plugin subagent overrides (#48277)
2026-03-17 07:20:27 -07:00
memory
fix: restore full gate
2026-03-17 07:47:28 +00:00
node-host
!refactor(browser): remove Chrome extension path and add MCP doctor migration (#47893)
2026-03-15 23:56:08 -07:00
pairing
fix: stabilize full gate
2026-03-17 07:06:25 +00:00
plugin-sdk
feat(image-generation): add image_generate tool
2026-03-17 01:09:58 -07:00
plugins
fix(plugins): forward plugin subagent overrides (#48277)
2026-03-17 07:20:27 -07:00
process
fix: stabilize full gate
2026-03-17 07:06:25 +00:00
providers
refactor: move provider auth helpers into plugin layer
2026-03-16 21:21:17 -07:00
routing
scripts
secrets
Secrets: honor caller env during runtime validation
2026-03-16 12:31:44 +00:00
security
refactor: consolidate lazy runtime surfaces
2026-03-17 00:59:20 -07:00
sessions
shared
refactor: consolidate lazy runtime surfaces
2026-03-17 00:59:20 -07:00
terminal
refactor: share terminal note wrapping
2026-03-14 01:41:16 +00:00
test-helpers
test: share whatsapp outbound poll fixtures
2026-03-14 01:41:17 +00:00
test-utils
feat(plugins): add image generation capability
2026-03-16 22:58:55 -07:00
tts
fix: stabilize full gate
2026-03-17 07:06:25 +00:00
tui
Add /btw side questions (#45444)
2026-03-14 17:27:54 +02:00
types
feat(tts): add microsoft voice listing
2026-03-16 20:24:13 -07:00
utils
fix: stabilize full gate
2026-03-17 07:06:25 +00:00
web-search
feat(plugins): add web search runtime capability
2026-03-16 21:31:00 -07:00
whatsapp
fix: stabilize full gate
2026-03-17 07:06:25 +00:00
wizard
refactor: isolate provider sdk auth and model helpers
2026-03-16 21:47:28 -07:00
channel-web.ts
refactor: untangle remaining plugin sdk boundaries
2026-03-16 21:16:32 -07:00
docker-build-cache.test.ts
Tests: align Docker cache checks with non-root images
2026-03-16 12:31:51 +00:00
docker-image-digests.test.ts
docker-setup.e2e.test.ts
refactor: make setup the primary wizard surface
2026-03-15 22:01:04 -07:00
dockerfile.test.ts
entry.test.ts
CLI: restore lightweight root help and scoped status plugin preload
2026-03-15 17:38:39 -07:00
entry.ts
Fix launcher startup regressions (#48501)
2026-03-16 17:21:18 -05:00
entry.version-fast-path.test.ts
globals.ts
index.test.ts
fix: keep gaxios compat off the package root (#47914) (thanks @pdd-cli)
2026-03-16 08:22:39 +00:00
index.ts
Fix launcher startup regressions (#48501)
2026-03-16 17:21:18 -05:00
install-sh-version.test.ts
library.ts
refactor(core): land plugin auth and startup cleanup
2026-03-15 20:12:37 -07:00
logger.test.ts
logger.ts
logging.ts
param-key.ts
poll-params.test.ts
poll-params.ts
polls.test.ts
polls.ts
runtime.ts
utils.test.ts
Fix full local gate on main
2026-03-14 15:52:11 -05:00
utils.ts
version.test.ts
version.ts