Ayuriel/openclaw
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
openclaw/src/commands
History
Aether AI 3967ece625
fix(security): OC-25 — Validate OAuth state parameter to prevent CSRF attacks (#16058) 
* fix(security): validate OAuth state parameter to prevent CSRF attacks (OC-25)

The parseOAuthCallbackInput() function in the Chutes OAuth flow had two
critical bugs that completely defeated CSRF state validation:

1. State extracted from callback URL was never compared against the
   expected cryptographic nonce, allowing attacker-controlled state values
2. When URL parsing failed (bare authorization code input), the catch block
   fabricated a matching state using expectedState, making the caller's
   CSRF check always pass

## Attack Flow

1. Victim runs `openclaw login chutes --manual`
2. System generates cryptographic state: randomBytes(16).toString("hex")
3. Browser opens: https://api.chutes.ai/idp/authorize?state=abc123...
4. Attacker obtains their OWN OAuth authorization code (out of band)
5. Attacker tricks victim into pasting just "EVIL_CODE" (not full URL)
6. parseOAuthCallbackInput("EVIL_CODE", "abc123...") is called
7. new URL("EVIL_CODE") throws → catch block executes
8. catch returns { code: "EVIL_CODE", state: "abc123..." } ← FABRICATED
9. Caller checks: parsed.state !== state → "abc123..." !== "abc123..." → FALSE
10. CSRF check passes! System calls exchangeChutesCodeForTokens()
11. Attacker's code exchanged for access + refresh tokens
12. Victim's account linked to attacker's OAuth session

Fix:
- Add explicit state validation against expectedState before returning
- Remove state fabrication from catch block; always return error for
  non-URL input
- Add comprehensive unit tests for state validation

Remediated by Aether AI Agent security analysis.

* fix(security): harden chutes manual oauth state check (#16058) (thanks @aether-ai-agent)

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-02-14 15:28:52 +01:00
..
agent
perf(test): reduce hot-suite import and setup overhead
2026-02-13 20:26:39 +00:00
channels
test: migrate suites to e2e coverage layout
2026-02-13 14:28:22 +00:00
gateway-status
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
models
fix(gateway): prune expired entries instead of clearing all hook auth failure state (#15848)
2026-02-14 01:46:12 +01:00
onboard-non-interactive
refactor: split minimax-cn provider
2026-02-14 13:37:47 +01:00
onboarding
test: migrate suites to e2e coverage layout
2026-02-13 14:28:22 +00:00
status-all
Centralize date/time formatting utilities (#11831)
2026-02-08 04:53:31 -08:00
agent-via-gateway.e2e.test.ts
test: migrate suites to e2e coverage layout
2026-02-13 14:28:22 +00:00
agent-via-gateway.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
agent.delivery.e2e.test.ts
test: migrate suites to e2e coverage layout
2026-02-13 14:28:22 +00:00
agent.e2e.test.ts
test: migrate suites to e2e coverage layout
2026-02-13 14:28:22 +00:00
agent.ts
fix: preserve inter-session input provenance (thanks @anbecker)
2026-02-13 02:02:01 +01:00
agents.add.e2e.test.ts
test: migrate suites to e2e coverage layout
2026-02-13 14:28:22 +00:00
agents.bindings.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
agents.command-shared.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
agents.commands.add.ts
fix(security): prevent String(undefined) coercion in credential inputs (#12287)
2026-02-13 04:25:05 +01:00
agents.commands.delete.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
agents.commands.identity.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
agents.commands.list.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
agents.config.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
agents.e2e.test.ts
test: migrate suites to e2e coverage layout
2026-02-13 14:28:22 +00:00
agents.identity.e2e.test.ts
test: migrate suites to e2e coverage layout
2026-02-13 14:28:22 +00:00
agents.providers.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
agents.ts
fix: add agents identity helper
2026-01-19 10:44:18 +00:00
auth-choice-legacy.ts
refactor(onboard): unify auth-choice aliases and provider flags
2026-02-14 05:58:26 +01:00
auth-choice-options.e2e.test.ts
fix: wire minimax-api-key-cn onboarding (#15191) (thanks @liuy)
2026-02-14 13:25:54 +01:00
auth-choice-options.ts
fix: wire minimax-api-key-cn onboarding (#15191) (thanks @liuy)
2026-02-14 13:25:54 +01:00
auth-choice-prompt.ts
feat(onboard): add custom/local API configuration flow (#11106)
2026-02-10 07:31:02 -05:00
auth-choice.api-key.ts
chore: Enable "curly" rule to avoid single-statement if confusion/errors.
2026-01-31 16:19:20 +09:00
auth-choice.apply.anthropic.ts
fix(security): prevent String(undefined) coercion in credential inputs (#12287)
2026-02-13 04:25:05 +01:00
auth-choice.apply.api-providers.ts
feat(agents) : Hugging Face Inference provider first-class support and Together API fix and Direct Injection Refactor Auths [AI-assisted] (#13472)
2026-02-13 16:18:16 +01:00
auth-choice.apply.copilot-proxy.ts
feat(onboarding): wire plugin-backed auth choices
2026-01-18 16:35:52 +00:00
auth-choice.apply.github-copilot.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
auth-choice.apply.google-antigravity.ts
feat(onboarding): wire plugin-backed auth choices
2026-01-18 16:35:52 +00:00
auth-choice.apply.google-gemini-cli.ts
feat(onboarding): wire plugin-backed auth choices
2026-01-18 16:35:52 +00:00
auth-choice.apply.huggingface.test.ts
feat(agents) : Hugging Face Inference provider first-class support and Together API fix and Direct Injection Refactor Auths [AI-assisted] (#13472)
2026-02-13 16:18:16 +01:00
auth-choice.apply.huggingface.ts
feat(agents) : Hugging Face Inference provider first-class support and Together API fix and Direct Injection Refactor Auths [AI-assisted] (#13472)
2026-02-13 16:18:16 +01:00
auth-choice.apply.minimax.ts
refactor: split minimax-cn provider
2026-02-14 13:37:47 +01:00
auth-choice.apply.oauth.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
auth-choice.apply.openai.ts
Auth: land codex oauth onboarding flow (#15406)
2026-02-13 17:18:49 +00:00
auth-choice.apply.openrouter.ts
feat(agents) : Hugging Face Inference provider first-class support and Together API fix and Direct Injection Refactor Auths [AI-assisted] (#13472)
2026-02-13 16:18:16 +01:00
auth-choice.apply.plugin-provider.ts
refactor(models): share auth helpers and forward-compat list fallbacks
2026-02-14 01:07:35 +01:00
auth-choice.apply.qwen-portal.ts
feat(onboarding): wire plugin-backed auth choices
2026-01-18 16:35:52 +00:00
auth-choice.apply.ts
Onboarding: add vLLM provider support
2026-02-13 15:48:37 +01:00
auth-choice.apply.vllm.ts
fix code review
2026-02-13 15:48:37 +01:00
auth-choice.apply.xai.ts
fix(onboard): align xAI default model to grok-4
2026-02-05 15:14:50 -08:00
auth-choice.default-model.ts
chore: apply local workspace updates (#9911)
2026-02-05 16:54:44 -05:00
auth-choice.e2e.test.ts
refactor: split minimax-cn provider
2026-02-14 13:37:47 +01:00
auth-choice.model-check.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
auth-choice.moonshot.e2e.test.ts
test: migrate suites to e2e coverage layout
2026-02-13 14:28:22 +00:00
auth-choice.preferred-provider.ts
refactor: split minimax-cn provider
2026-02-14 13:37:47 +01:00
auth-choice.ts
refactor(commands): split CLI commands
2026-01-14 05:39:47 +00:00
auth-token.ts
chore: Enable "curly" rule to avoid single-statement if confusion/errors.
2026-01-31 16:19:20 +09:00
channels.adds-non-default-telegram-account.e2e.test.ts
test: migrate suites to e2e coverage layout
2026-02-13 14:28:22 +00:00
channels.surfaces-signal-runtime-errors-channels-status-output.e2e.test.ts
perf(test): speed up Vitest bootstrap
2026-02-14 12:13:27 +00:00
channels.ts
feat(channels): add resolve command + defaults
2026-01-18 01:00:24 +00:00
chutes-oauth.e2e.test.ts
test: migrate suites to e2e coverage layout
2026-02-13 14:28:22 +00:00
chutes-oauth.ts
fix(security): OC-25 — Validate OAuth state parameter to prevent CSRF attacks (#16058)
2026-02-14 15:28:52 +01:00
cleanup-utils.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
configure.channels.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
configure.commands.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
configure.daemon.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
configure.gateway-auth.e2e.test.ts
feat(gateway): add trusted-proxy auth mode (#15940)
2026-02-14 12:32:17 +01:00
configure.gateway-auth.ts
feat(gateway): add trusted-proxy auth mode (#15940)
2026-02-14 12:32:17 +01:00
configure.gateway.e2e.test.ts
feat(gateway): add trusted-proxy auth mode (#15940)
2026-02-14 12:32:17 +01:00
configure.gateway.ts
feat(gateway): add trusted-proxy auth mode (#15940)
2026-02-14 12:32:17 +01:00
configure.shared.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
configure.ts
chore: migrate to oxlint and oxfmt
2026-01-14 15:02:19 +00:00
configure.wizard.e2e.test.ts
test: migrate suites to e2e coverage layout
2026-02-13 14:28:22 +00:00
configure.wizard.ts
fix(cli): exit with non-zero code when configure/agents-add wizards are cancelled (#14156)
2026-02-11 13:07:30 -05:00
daemon-install-helpers.e2e.test.ts
test: migrate suites to e2e coverage layout
2026-02-13 14:28:22 +00:00
daemon-install-helpers.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
daemon-runtime.ts
chore: migrate to oxlint and oxfmt
2026-01-14 15:02:19 +00:00
dashboard.e2e.test.ts
test: migrate suites to e2e coverage layout
2026-02-13 14:28:22 +00:00
dashboard.ts
fix(dashboard): restore tokenized control ui links
2026-02-06 22:17:09 -08:00
docs.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
doctor-auth.deprecated-cli-profiles.e2e.test.ts
test: migrate suites to e2e coverage layout
2026-02-13 14:28:22 +00:00
doctor-auth.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
doctor-completion.ts
doctor: add shell completion check module
2026-02-04 19:51:06 +00:00
doctor-config-flow.e2e.test.ts
test: migrate suites to e2e coverage layout
2026-02-13 14:28:22 +00:00
doctor-config-flow.ts
chore!: remove moltbot legacy state/config support
2026-02-14 12:40:47 +01:00
doctor-format.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
doctor-gateway-daemon-flow.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
doctor-gateway-health.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
doctor-gateway-services.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
doctor-install.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
doctor-legacy-config.e2e.test.ts
test: migrate suites to e2e coverage layout
2026-02-13 14:28:22 +00:00
doctor-legacy-config.ts
refactor: rename to openclaw
2026-01-30 03:16:21 +01:00
doctor-platform-notes.launchctl-env-overrides.e2e.test.ts
chore!: remove moltbot legacy state/config support
2026-02-14 12:40:47 +01:00
doctor-platform-notes.ts
chore!: remove moltbot legacy state/config support
2026-02-14 12:40:47 +01:00
doctor-prompter.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
doctor-sandbox.ts
chore: Enable typescript/no-explicit-any rule.
2026-02-02 16:18:09 +09:00
doctor-security.e2e.test.ts
fix: remove any from doctor-security dmScope regression test (#13129) (thanks @VintLin)
2026-02-13 16:43:39 +01:00
doctor-security.ts
fix(security): clarify dmScope remediation path with explicit CLI command
2026-02-13 16:43:39 +01:00
doctor-state-integrity.ts
fix(paths): respect OPENCLAW_HOME for all internal path resolution (#12091)
2026-02-08 16:20:13 -05:00
doctor-state-migrations.e2e.test.ts
chore!: remove moltbot legacy state/config support
2026-02-14 12:40:47 +01:00
doctor-state-migrations.ts
fix: migrate legacy state/config paths
2026-01-28 00:16:00 +00:00
doctor-ui.ts
Update: harden control UI asset handling in update flow (#10146)
2026-02-06 01:14:00 -05:00
doctor-update.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
doctor-workspace-status.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
doctor-workspace.e2e.test.ts
test: migrate suites to e2e coverage layout
2026-02-13 14:28:22 +00:00
doctor-workspace.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
doctor.falls-back-legacy-sandbox-image-missing.e2e.test.ts
test: migrate suites to e2e coverage layout
2026-02-13 14:28:22 +00:00
doctor.migrates-routing-allowfrom-channels-whatsapp-allowfrom.e2e.test.ts
test: migrate suites to e2e coverage layout
2026-02-13 14:28:22 +00:00
doctor.runs-legacy-state-migrations-yes-mode-without.e2e.test.ts
test: migrate suites to e2e coverage layout
2026-02-13 14:28:22 +00:00
doctor.ts
doctor: integrate shell completion check into doctor command
2026-02-04 19:51:06 +00:00
doctor.warns-per-agent-sandbox-docker-browser-prune.e2e.test.ts
test: migrate suites to e2e coverage layout
2026-02-13 14:28:22 +00:00
doctor.warns-state-directory-is-missing.e2e.test.ts
test: migrate suites to e2e coverage layout
2026-02-13 14:28:22 +00:00
gateway-status.e2e.test.ts
test: migrate suites to e2e coverage layout
2026-02-13 14:28:22 +00:00
gateway-status.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
google-gemini-model-default.ts
chore: Enable "curly" rule to avoid single-statement if confusion/errors.
2026-01-31 16:19:20 +09:00
health-format.e2e.test.ts
test: migrate suites to e2e coverage layout
2026-02-13 14:28:22 +00:00
health-format.ts
chore: Enable "curly" rule to avoid single-statement if confusion/errors.
2026-01-31 16:19:20 +09:00
health.command.coverage.e2e.test.ts
test: migrate suites to e2e coverage layout
2026-02-13 14:28:22 +00:00
health.e2e.test.ts
test: migrate suites to e2e coverage layout
2026-02-13 14:28:22 +00:00
health.snapshot.e2e.test.ts
test: migrate suites to e2e coverage layout
2026-02-13 14:28:22 +00:00
health.ts
perf: honor low timeout budgets in health telegram probes
2026-02-13 19:22:25 +00:00
message-format.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
message.e2e.test.ts
perf(test): remove extra module resets in cli and message suites
2026-02-13 16:08:38 +00:00
message.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
model-allowlist.ts
chore: apply local workspace updates (#9911)
2026-02-05 16:54:44 -05:00
model-picker.e2e.test.ts
tests: fix vLLM onboarding selection
2026-02-13 15:48:37 +01:00
model-picker.ts
fix code review
2026-02-13 15:48:37 +01:00
models.auth.provider-resolution.test.ts
fix(models): antigravity opus 4.6 availability follow-up (#12845)
2026-02-14 00:54:46 +01:00
models.list.test.ts
perf(test): trim browser and models suite overhead
2026-02-14 00:38:55 +00:00
models.set.e2e.test.ts
test: migrate suites to e2e coverage layout
2026-02-13 14:28:22 +00:00
models.ts
feat: add provider auth plugins
2026-01-16 00:42:28 +00:00
node-daemon-install-helpers.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
node-daemon-runtime.ts
feat: add exec host routing + node daemon
2026-01-18 07:46:00 +00:00
oauth-env.ts
fix: improve WSL2 systemd daemon hints
2026-01-17 18:19:55 +00:00
oauth-flow.ts
chore: Enable "curly" rule to avoid single-statement if confusion/errors.
2026-01-31 16:19:20 +09:00
onboard-auth.config-core.ts
feat(agents) : Hugging Face Inference provider first-class support and Together API fix and Direct Injection Refactor Auths [AI-assisted] (#13472)
2026-02-13 16:18:16 +01:00
onboard-auth.config-gateways.ts
feat(agents) : Hugging Face Inference provider first-class support and Together API fix and Direct Injection Refactor Auths [AI-assisted] (#13472)
2026-02-13 16:18:16 +01:00
onboard-auth.config-litellm.ts
feat(agents) : Hugging Face Inference provider first-class support and Together API fix and Direct Injection Refactor Auths [AI-assisted] (#13472)
2026-02-13 16:18:16 +01:00
onboard-auth.config-minimax.ts
refactor: split minimax-cn provider
2026-02-14 13:37:47 +01:00
onboard-auth.config-opencode.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
onboard-auth.credentials.ts
refactor: split minimax-cn provider
2026-02-14 13:37:47 +01:00
onboard-auth.e2e.test.ts
test: migrate suites to e2e coverage layout
2026-02-13 14:28:22 +00:00
onboard-auth.models.ts
feat: add minimax-api-key-cn option for China API endpoint
2026-02-14 13:25:54 +01:00
onboard-auth.ts
feat: add minimax-api-key-cn option for China API endpoint
2026-02-14 13:25:54 +01:00
onboard-channels.e2e.test.ts
fix: add dmScope guidance regression coverage (#13129) (thanks @VintLin)
2026-02-13 16:43:39 +01:00
onboard-channels.ts
fix(security): clarify dmScope remediation path with explicit CLI command
2026-02-13 16:43:39 +01:00
onboard-custom.e2e.test.ts
test: migrate suites to e2e coverage layout
2026-02-13 14:28:22 +00:00
onboard-custom.ts
onboard: support custom provider in non-interactive flow (#14223)
2026-02-11 14:48:45 -05:00
onboard-helpers.e2e.test.ts
fix(configure): reject literal "undefined" and "null" gateway auth tokens (#13767)
2026-02-13 17:04:41 +01:00
onboard-helpers.ts
fix(configure): reject literal "undefined" and "null" gateway auth tokens (#13767)
2026-02-13 17:04:41 +01:00
onboard-hooks.e2e.test.ts
test: migrate suites to e2e coverage layout
2026-02-13 14:28:22 +00:00
onboard-hooks.ts
fix(docs): update outdated hooks documentation URLs (#16165)
2026-02-14 13:05:37 +01:00
onboard-interactive.e2e.test.ts
test: migrate suites to e2e coverage layout
2026-02-13 14:28:22 +00:00
onboard-interactive.ts
fix(cli): exit with non-zero code when configure/agents-add wizards are cancelled (#14156)
2026-02-11 13:07:30 -05:00
onboard-non-interactive.gateway.e2e.test.ts
perf(test): eliminate resetModules via injectable seams
2026-02-13 16:20:37 +00:00
onboard-non-interactive.provider-auth.e2e.test.ts
refactor: split minimax-cn provider
2026-02-14 13:37:47 +01:00
onboard-non-interactive.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
onboard-provider-auth-flags.ts
refactor(onboard): unify auth-choice aliases and provider flags
2026-02-14 05:58:26 +01:00
onboard-remote.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
onboard-skills.e2e.test.ts
test: migrate suites to e2e coverage layout
2026-02-13 14:28:22 +00:00
onboard-skills.ts
fix: reduce brew noise in onboarding
2026-02-09 13:27:21 -06:00
onboard-types.ts
feat: add minimax-api-key-cn option for China API endpoint
2026-02-14 13:25:54 +01:00
onboard.ts
refactor(onboard): unify auth-choice aliases and provider flags
2026-02-14 05:58:26 +01:00
openai-codex-model-default.ts
chore: apply local workspace updates (#9911)
2026-02-05 16:54:44 -05:00
openai-codex-oauth.test.ts
Auth: land codex oauth onboarding flow (#15406)
2026-02-13 17:18:49 +00:00
openai-codex-oauth.ts
Auth: land codex oauth onboarding flow (#15406)
2026-02-13 17:18:49 +00:00
openai-model-default.e2e.test.ts
perf(test): reduce test startup overhead
2026-02-13 14:48:45 +00:00
openai-model-default.ts
chore: apply local workspace updates (#9911)
2026-02-05 16:54:44 -05:00
opencode-zen-model-default.ts
chore: apply local workspace updates (#9911)
2026-02-05 16:54:44 -05:00
provider-auth-helpers.ts
refactor(models): share auth helpers and forward-compat list fallbacks
2026-02-14 01:07:35 +01:00
reset.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
sandbox-display.ts
Centralize date/time formatting utilities (#11831)
2026-02-08 04:53:31 -08:00
sandbox-explain.e2e.test.ts
test: migrate suites to e2e coverage layout
2026-02-13 14:28:22 +00:00
sandbox-explain.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
sandbox-formatters.e2e.test.ts
test: migrate suites to e2e coverage layout
2026-02-13 14:28:22 +00:00
sandbox-formatters.ts
Centralize date/time formatting utilities (#11831)
2026-02-08 04:53:31 -08:00
sandbox.e2e.test.ts
test: migrate suites to e2e coverage layout
2026-02-13 14:28:22 +00:00
sandbox.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
sessions.e2e.test.ts
test: migrate suites to e2e coverage layout
2026-02-13 14:28:22 +00:00
sessions.ts
fix: /status shows incorrect context percentage — totalTokens clamped to contextTokens (#15114) (#15133)
2026-02-12 23:52:19 -05:00
setup.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
signal-install.test.ts
fix(security): harden archive extraction (#16203)
2026-02-14 14:42:08 +01:00
signal-install.ts
fix(security): harden archive extraction (#16203)
2026-02-14 14:42:08 +01:00
status-all.ts
Centralize date/time formatting utilities (#11831)
2026-02-08 04:53:31 -08:00
status.agent-local.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
status.command.ts
Plugin API: compaction/reset hooks, bootstrap file globs, memory plugin status (#13287)
2026-02-14 00:45:45 +01:00
status.daemon.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
status.e2e.test.ts
test: migrate suites to e2e coverage layout
2026-02-13 14:28:22 +00:00
status.format.ts
fix: /status shows incorrect context percentage — totalTokens clamped to contextTokens (#15114) (#15133)
2026-02-12 23:52:19 -05:00
status.gateway-probe.ts
chore: Enable "curly" rule to avoid single-statement if confusion/errors.
2026-01-31 16:19:20 +09:00
status.link-channel.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
status.scan.ts
chore: fix lint warnings
2026-02-02 23:45:05 -08:00
status.summary.ts
fix: /status shows incorrect context percentage — totalTokens clamped to contextTokens (#15114) (#15133)
2026-02-12 23:52:19 -05:00
status.ts
refactor(commands): split CLI commands
2026-01-14 05:39:47 +00:00
status.types.ts
fix: /status shows incorrect context percentage — totalTokens clamped to contextTokens (#15114) (#15133)
2026-02-12 23:52:19 -05:00
status.update.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
systemd-linger.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
uninstall.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
zai-endpoint-detect.e2e.test.ts
test: migrate suites to e2e coverage layout
2026-02-13 14:28:22 +00:00
zai-endpoint-detect.ts
feat(zai): auto-detect endpoint + default glm-5 (#14786)
2026-02-12 19:16:04 +01:00