Mirrors/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-03-30 13:58:33 +02:00
Code Issues Packages Projects Releases Wiki Activity
21,698 Commits 871 Branches 89 Tags
40071ea23ec2cd5d79cd2cd8146839658fb2ca21
Commit Graph

13852 Commits

Author SHA1 Message Date
Devin Robison
40071ea23e fix: tighten skill slug validation to ASCII-only 2026-03-23 19:34:05 -07:00
Peter Steinberger
462a7a9ae6 test: allow realpath in shell planner assertions 2026-03-24 02:15:14 +00:00
Peter Steinberger
d8cef14eb1 fix: split exec and policy resolution for wrapper trust (#53134) (thanks @vincentkoc) 2026-03-23 19:04:04 -07:00
Peter Steinberger
21d480ed92 fix(infra): preserve blocked dispatch policy target 
# Conflicts:
#	CHANGELOG.md
 2026-03-23 19:04:04 -07:00
Vincent Koc
32e89b4687 Infra: preserve wrapper executable for multiplexer trust 2026-03-23 19:04:04 -07:00
Peter Steinberger
2d5f822ca1 fix: warn on same-base prerelease configs 2026-03-24 02:02:31 +00:00
Peter Steinberger
85ed1a8986 refactor: clean up ClawHub compatibility validation 2026-03-23 18:52:37 -07:00
Peter Steinberger
5b4fd6bf31 fix: use runtime version for ClawHub plugin API checks (#53157) (thanks @futhgar) 2026-03-23 18:41:18 -07:00
futhgar
447e074bf4 fix(plugins): use runtime version for plugin API compatibility check 
OPENCLAW_PLUGIN_API_VERSION was hardcoded to "1.2.0" while ClawHub-published
plugins require >=2026.3.22, making all plugin installs via ClawHub fail with
"requires plugin API >=2026.3.22, but this OpenClaw runtime exposes 1.2.0".

Use resolveRuntimeServiceVersion() (already imported) to read the actual
version from package.json at runtime.

Fixes #53038
 2026-03-23 18:41:18 -07:00
Peter Steinberger
d25ad66069 fix: resolve catalog-backed channel login 2026-03-23 18:25:44 -07:00
Peter Steinberger
69390daa51 test: cover config correction version warnings 2026-03-23 18:23:50 -07:00
Peter Steinberger
b4bda479a4 fix: normalize bundled plugin version reporting 2026-03-23 18:23:50 -07:00
Peter Steinberger
e9905fd696 fix: avoid fd warnings in lock exit cleanup 2026-03-24 01:01:59 +00:00
Val Alexander
6c44b2ea50 fix(cli): guard channel-auth against prototype-chain pollution and control-char injection 
- Use hasOwnProperty + isBlockedObjectKey in isConfiguredAuthPlugin to
  prevent __proto__/constructor/prototype keys from matching config
- Sanitize plugin IDs with sanitizeForLog in ambiguity error messages
- Add regression test for __proto__ plugin ID
 2026-03-23 19:58:16 -05:00
Val Alexander
c8f4b8533d fix(cli): auto-select login-capable auth channels (#53254) thanks @BunsDev 
Co-authored-by: BunsDev <68980965+BunsDev@users.noreply.github.com>
Co-authored-by: Nova <nova@openknot.ai>
 2026-03-23 19:54:46 -05:00
Peter Steinberger
00d586b2ce test: reduce flaky gemini live probe coverage 2026-03-24 00:40:17 +00:00
Peter Steinberger
dc02a7520f test: stabilize moonshot and minimax live probes 2026-03-24 00:40:17 +00:00
Peter Steinberger
9334015262 fix: ship bundled plugin runtime sidecars 2026-03-23 17:38:08 -07:00
Peter Steinberger
ce75f60ae9 fix: canonicalize malformed assistant replay content 2026-03-23 17:37:51 -07:00
Peter Steinberger
90fab48416 ci: stabilize sharded channel lanes 2026-03-24 00:21:50 +00:00
Peter Steinberger
a921b5bdff test: fix update-cli default path assertion 2026-03-23 23:05:25 +00:00
Peter Steinberger
725a2cc2ca test: expand gemini live transcript stripping 2026-03-23 23:01:22 +00:00
Peter Steinberger
67dbb1ad42 test: update command coverage 2026-03-23 23:01:22 +00:00
Peter Steinberger
d67efbfbd3 test: stabilize test isolation 2026-03-23 23:01:22 +00:00
Sally O'Malley
ae336d1602 Doctor: prune stale plugin allowlist and entry refs (#53187) 
Signed-off-by: sallyom <somalley@redhat.com>
 2026-03-23 18:58:54 -04:00
Vincent Koc
03231c0633 fix(auth): prevent stale auth store reverts (#53211) 2026-03-23 15:56:46 -07:00
Peter Steinberger
47bdc36831 test: make update-cli checkout path assertion platform-safe 2026-03-23 22:54:32 +00:00
Robin Waslander
fb6588cb99 fix(diagnostics): redact credentials from cache-trace diagnostic output 
Refs #53103
 2026-03-23 22:59:09 +01:00
George Zhang
ade0182ae0 feat(modelstudio): add standard (pay-as-you-go) DashScope endpoints for Qwen (#43878) 
Add Standard API Key auth methods for China (dashscope.aliyuncs.com)
and Global/Intl (dashscope-intl.aliyuncs.com) pay-as-you-go endpoints
alongside the existing Coding Plan (subscription) endpoints.

Also updates group label to 'Qwen (Alibaba Cloud Model Studio)' and
fixes glm-4.7 -> glm-5 in Coding Plan note messages.

Co-authored-by: wenmeng zhou <wenmengzhou@users.noreply.github.com>
 2026-03-23 14:35:19 -07:00
Ayush Ojha
64f4df1886 fix: generalize api_error detection for fallback model triggering (#49611) 
Co-authored-by: Ayush Ojha <7945279+ayushozha@users.noreply.github.com>
Co-authored-by: altaywtf <9790196+altaywtf@users.noreply.github.com>
 2026-03-24 00:34:27 +03:00
Vincent Koc
3814f956d1 Infra: tighten shell-wrapper positional-argv allowlist matching (#53133) 
* Infra: tighten shell carrier allowlist matching

* fix(security): tighten shell carrier allowlist matcher
 2026-03-23 14:11:38 -07:00
theo674
dbe7da7684 fix: prevent delivery-mirror re-delivery and raise Slack chunk limit (#45489) 
Merged via squash.

Prepared head SHA: c7664c7b6e
Co-authored-by: theo674 <261068216+theo674@users.noreply.github.com>
Co-authored-by: altaywtf <9790196+altaywtf@users.noreply.github.com>
Reviewed-by: @altaywtf
 2026-03-24 00:11:19 +03:00
Altay
a53715e9d0 test(auth): align device scope expectations (#53151) 2026-03-23 23:56:02 +03:00
Vincent Koc
c1131ba7e0 fix(plugins): accept clawhub uninstall specs 2026-03-23 13:52:27 -07:00
Vincent Koc
34c57487b4 fix(subagents): recheck timed-out announce waits (#53127) 
Recheck timed-out subagent announce waits against the latest runtime snapshot before announcing timeout, and keep that recheck best-effort so transient gateway failures do not suppress the announcement.

Co-authored-by: Val Alexander <68980965+BunsDev@users.noreply.github.com>
 2026-03-23 15:36:49 -05:00
Nimrod Gutman
b98f3634c4 fix(memory): bootstrap lancedb runtime on demand (#53111) 
Bootstrap LanceDB into plugin runtime state on first use for packaged/global installs, keep @lancedb/lancedb plugin-local, and add regression coverage for bundled, cached, retry, and Nix fail-fast runtime paths.

Co-authored-by: Val Alexander <68980965+BunsDev@users.noreply.github.com>
 2026-03-23 15:07:24 -05:00
Vincent Koc
13e81870bb fix(agents): prefer runtime snapshot for skill secrets 2026-03-23 13:04:12 -07:00
Peter Steinberger
6c58277577 build: prepare 2026.3.23 2026-03-23 12:58:00 -07:00
Val Alexander
3e2b3bd2c5 Fix Control UI operator.read scope handling (#53110) 
Preserve Control UI scopes through the device-auth bypass path, normalize implied operator device-auth scopes, ignore cached under-scoped operator tokens, and degrade read-backed main pages gracefully when a connection truly lacks operator.read.

Co-authored-by: Val Alexander <68980965+BunsDev@users.noreply.github.com>
 2026-03-23 14:57:21 -05:00
Peter Steinberger
e599c66277 test: harden canvas host undici isolation 2026-03-23 11:54:49 -07:00
Peter Steinberger
870b0d216a build: prepare 2026.3.23-beta.1 2026-03-23 11:54:49 -07:00
Vincent Koc
8fa91d283b fix(cli): preserve posix default git dir 2026-03-23 11:49:55 -07:00
Val Alexander
7a459045de fix packaged control ui asset lookup (#53081) 2026-03-23 13:45:04 -05:00
Peter Steinberger
323ae73b30 fix: bound tracked debounce key accounting 2026-03-23 11:33:06 -07:00
scoootscooob
cdc8bac466 fix(discord): reply on native command auth failures (#53072) 2026-03-23 11:20:58 -07:00
Peter Steinberger
1b69d9ee1a fix: preserve debounce and followup ordering (#52998) (thanks @osolmaz) 2026-03-23 11:11:06 -07:00
Vincent Koc
9b7cfd0bea fix(inbound): bound tracked debounce keys 2026-03-23 11:11:06 -07:00
Vincent Koc
02e07a157d fix(reply): clear idle followup callbacks 2026-03-23 11:11:06 -07:00
Vincent Koc
3de42e946a fix(reply): preserve no-debounce inbound concurrency 2026-03-23 11:11:06 -07:00
Vincent Koc
a35dcf608e fix(reply): refresh followup drain callbacks 2026-03-23 11:11:06 -07:00