negodiy/openclaw
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
15,226 Commits 1 Branch 0 Tags
2c6b078ff0597278613748e70be6c846eacbb069
Commit Graph

1299 Commits

Author SHA1 Message Date
Peter Steinberger
45d868685f fix: enforce dm allowFrom inheritance across account channels (#27936) (thanks @widingmarcus-cyber) 2026-02-26 22:04:16 +00:00
Marcus Widing
cbed0e065c fix: reject dmPolicy="allowlist" with empty allowFrom across all channels 
When dmPolicy is set to "allowlist" but allowFrom is missing or empty,
all DMs are silently dropped because no sender can match the empty
allowlist. This is a common pitfall after upgrades that change how
allowlist files are handled (e.g., external allowlist-dm.json files
being deprecated in favor of inline allowFrom arrays).

Changes:
- Add requireAllowlistAllowFrom schema refinement (zod-schema.core.ts)
- Apply validation to all channel schemas: Telegram, Discord, Slack,
  Signal, IRC, iMessage, BlueBubbles, MS Teams, Google Chat, WhatsApp
- Add detectEmptyAllowlistPolicy to doctor-config-flow.ts so
  "openclaw doctor" surfaces a clear warning with remediation steps
- Add 12 test cases covering reject/accept for multiple channels

Fixes #27892
 2026-02-26 22:04:16 +00:00
Peter Steinberger
7ef6623bf3 fix: forward resolved session key in agent delivery (follow-up #27584 by @qualiobra) 
Co-authored-by: Lucas Teixeira Campos Araujo <lucas@MacBook-Pro-de-Lucas.local>
 2026-02-26 21:18:15 +00:00
Peter Steinberger
712e231725 fix(agent): forward resolved outbound session context for delivery 2026-02-26 22:14:22 +01:00
Peter Steinberger
bce643a0bd refactor(security): enforce account-scoped pairing APIs 2026-02-26 21:57:52 +01:00
Vincent Koc
5a453eacbd chore(onboarding): add explicit account-risk warning for Gemini CLI OAuth and docs (#16683) 
* docs: add account-risk caution to Google OAuth provider docs

* docs(plugin): add Gemini CLI account safety caution

* CLI: add risk hint for Gemini CLI auth choice

* Onboarding: require confirmation for Gemini CLI OAuth

* Tests: cover Gemini CLI OAuth risk confirmation flow
 2026-02-26 15:25:42 -05:00
Peter Steinberger
a1628d89ec refactor: unify outbound session context wiring 2026-02-26 21:03:28 +01:00
Lucas Teixeira Campos Araujo
a4408a917e fix: pass sessionKey to deliverOutboundPayloads for message:sent hook dispatch 
Several call sites of deliverOutboundPayloads() were not passing the
sessionKey parameter, causing the internal message:sent hook to never
fire (the guard `if (!sessionKeyForInternalHooks) return` in deliver.ts
silently skipped the triggerInternalHook call).

Fixed call sites:
- commands/agent/delivery.ts (agent loop replies — main fix)
- infra/heartbeat-runner.ts (heartbeat OK + alert delivery)
- infra/outbound/message.ts (message tool sends)
- cron/isolated-agent/delivery-dispatch.ts (cron job delivery)
- gateway/server-node-events.ts (node event forwarding)

The sessionKey parameter already existed in DeliverOutboundPayloadsCoreParams
and was used by deliver.ts to emit the message:sent internal hook event,
but was simply not being passed from most callers.
 2026-02-26 19:56:27 +00:00
Peter Steinberger
344f54b84d refactor(config): dedupe model api definitions 2026-02-26 20:00:11 +01:00
Shakker
f7041fbee3 fix(windows): normalize namespaced path containment checks 2026-02-26 18:49:48 +00:00
Peter Steinberger
53e30475e2 test(agents): add compaction and workspace reset regressions 2026-02-26 17:41:25 +01:00
Peter Steinberger
0ec7711bc2 fix(agents): harden compaction and reset safety 
Co-authored-by: jaden-clovervnd <91520439+jaden-clovervnd@users.noreply.github.com>
Co-authored-by: Sid <201593046+Sid-Qin@users.noreply.github.com>
Co-authored-by: Marcus Widing <245375637+widingmarcus-cyber@users.noreply.github.com>
 2026-02-26 17:41:24 +01:00
riccoyuanft
60bb475355 fix: set authHeader: true by default for MiniMax API provider (#27622) 
* Update onboard-auth.config-minimax.ts

fix issue #27600

* fix(minimax): default authHeader for implicit + onboarding providers (#27600)

Landed from contributor PR #27622 by @riccoyuanft and PR #27631 by @kevinWangSheng.
Includes a small TS nullability guard in lane delivery to keep build green on rebased head.

Co-authored-by: riccoyuanft <riccoyuan@gmail.com>
Co-authored-by: Kevin Shenghui <shenghuikevin@github.com>

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
Co-authored-by: Kevin Shenghui <shenghuikevin@github.com>
 2026-02-26 15:53:51 +00:00
Peter Steinberger
5c0255477c fix: tolerate missing pi-coding-agent backend export 2026-02-26 16:11:37 +01:00
joshavant
06290b49b2 feat(secrets): finalize mode rename and validated exec docs 2026-02-26 14:47:22 +00:00
joshavant
8944b75e16 fix(secrets): align ref contracts and non-interactive ref persistence 2026-02-26 14:47:22 +00:00
joshavant
4e7a833a24 feat(security): add provider-based external secrets management 2026-02-26 14:47:22 +00:00
joshavant
5e3a86fd2f feat(secrets): expand onboarding secret-ref flows and custom-provider parity 2026-02-26 14:47:22 +00:00
joshavant
0e69660c41 feat(secrets): finalize external secrets runtime and migration hardening 2026-02-26 14:47:22 +00:00
joshavant
cb119874dc Onboard: require explicit mode for env secret refs 2026-02-26 14:47:22 +00:00
joshavant
13b4993289 Onboard non-interactive: avoid rewriting profile-backed keys 2026-02-26 14:47:22 +00:00
joshavant
59e5f12bf9 Onboard: move volcengine/byteplus auth from .env to profiles 2026-02-26 14:47:22 +00:00
joshavant
2ef109f00a Onboard OpenAI: explicit secret-input-mode behavior 2026-02-26 14:47:22 +00:00
joshavant
e8d1725187 Onboard auth: remove leftover merge marker 2026-02-26 14:47:22 +00:00
joshavant
fce4d76a78 Tests: narrow OpenAI default model assertion typing 2026-02-26 14:47:22 +00:00
joshavant
68b9d89ee7 Onboard: store OpenAI auth in profiles instead of .env 2026-02-26 14:47:22 +00:00
joshavant
09c7cb5d34 Tests: update onboard credential expectations for explicit ref mode 2026-02-26 14:47:22 +00:00
joshavant
b50d2ce93c Tests: align auth-choice helper expectations with secret mode 2026-02-26 14:47:22 +00:00
joshavant
04aa856fc0 Onboard: require explicit mode for env secret refs 2026-02-26 14:47:22 +00:00
joshavant
103d02f98c Auth choice tests: expect env-backed key refs 2026-02-26 14:47:22 +00:00
joshavant
56f73ae080 Auth choice tests: assert env-backed keyRef persistence 2026-02-26 14:47:22 +00:00
joshavant
58590087de Onboard auth: use shared secret-ref helpers 2026-02-26 14:47:22 +00:00
joshavant
7e1557b8c9 Onboard: persist env-backed API keys as secret refs 2026-02-26 14:47:22 +00:00
joshavant
cec404225d Auth labels: handle token refs and share Pi credential conversion 2026-02-26 14:47:22 +00:00
joshavant
4c5a2c3c6d Agents: inject pi auth storage from runtime profiles 2026-02-26 14:47:22 +00:00
joshavant
b50c4c2c44 Gateway: add eager secrets runtime snapshot activation 2026-02-26 14:47:22 +00:00
SidQin-cyber
71e45ceecc fix(sessions): add fix-missing cleanup path for orphaned store entries 
Introduce a sessions cleanup flag to prune entries whose transcript files are missing and surface the exact remediation command from doctor to resolve missing-transcript deadlocks.

Made-with: Cursor
(cherry picked from commit 690d3d596bf8e7347f0f0dc14e357268f2e7c441)
 2026-02-26 13:40:58 +00:00
Gustavo Madeira Santana
e273b9851e Tests: tighten discord work account type in doctor config flow 2026-02-26 05:38:53 -05:00
Gustavo Madeira Santana
1ffc319831 Doctor: keep allowFrom account-scoped in multi-account configs 2026-02-26 05:34:58 -05:00
Onur Solmaz
a7d56e3554 feat: ACP thread-bound agents (#23580) 
* docs: add ACP thread-bound agents plan doc

* docs: expand ACP implementation specification

* feat(acp): route ACP sessions through core dispatch and lifecycle cleanup

* feat(acp): add /acp commands and Discord spawn gate

* ACP: add acpx runtime plugin backend

* fix(subagents): defer transient lifecycle errors before announce

* Agents: harden ACP sessions_spawn and tighten spawn guidance

* Agents: require explicit ACP target for runtime spawns

* docs: expand ACP control-plane implementation plan

* ACP: harden metadata seeding and spawn guidance

* ACP: centralize runtime control-plane manager and fail-closed dispatch

* ACP: harden runtime manager and unify spawn helpers

* Commands: route ACP sessions through ACP runtime in agent command

* ACP: require persisted metadata for runtime spawns

* Sessions: preserve ACP metadata when updating entries

* Plugins: harden ACP backend registry across loaders

* ACPX: make availability probe compatible with adapters

* E2E: add manual Discord ACP plain-language smoke script

* ACPX: preserve streamed spacing across Discord delivery

* Docs: add ACP Discord streaming strategy

* ACP: harden Discord stream buffering for thread replies

* ACP: reuse shared block reply pipeline for projector

* ACP: unify streaming config and adopt coalesceIdleMs

* Docs: add temporary ACP production hardening plan

* Docs: trim temporary ACP hardening plan goals

* Docs: gate ACP thread controls by backend capabilities

* ACP: add capability-gated runtime controls and /acp operator commands

* Docs: remove temporary ACP hardening plan

* ACP: fix spawn target validation and close cache cleanup

* ACP: harden runtime dispatch and recovery paths

* ACP: split ACP command/runtime internals and centralize policy

* ACP: harden runtime lifecycle, validation, and observability

* ACP: surface runtime and backend session IDs in thread bindings

* docs: add temp plan for binding-service migration

* ACP: migrate thread binding flows to SessionBindingService

* ACP: address review feedback and preserve prompt wording

* ACPX plugin: pin runtime dependency and prefer bundled CLI

* Discord: complete binding-service migration cleanup and restore ACP plan

* Docs: add standalone ACP agents guide

* ACP: route harness intents to thread-bound ACP sessions

* ACP: fix spawn thread routing and queue-owner stall

* ACP: harden startup reconciliation and command bypass handling

* ACP: fix dispatch bypass type narrowing

* ACP: align runtime metadata to agentSessionId

* ACP: normalize session identifier handling and labels

* ACP: mark thread banner session ids provisional until first reply

* ACP: stabilize session identity mapping and startup reconciliation

* ACP: add resolved session-id notices and cwd in thread intros

* Discord: prefix thread meta notices consistently

* Discord: unify ACP/thread meta notices with gear prefix

* Discord: split thread persona naming from meta formatting

* Extensions: bump acpx plugin dependency to 0.1.9

* Agents: gate ACP prompt guidance behind acp.enabled

* Docs: remove temp experiment plan docs

* Docs: scope streaming plan to holy grail refactor

* Docs: refactor ACP agents guide for human-first flow

* Docs/Skill: add ACP feature-flag guidance and direct acpx telephone-game flow

* Docs/Skill: add OpenCode and Pi to ACP harness lists

* Docs/Skill: align ACP harness list with current acpx registry

* Dev/Test: move ACP plain-language smoke script and mark as keep

* Docs/Skill: reorder ACP harness lists with Pi first

* ACP: split control-plane manager into core/types/utils modules

* Docs: refresh ACP thread-bound agents plan

* ACP: extract dispatch lane and split manager domains

* ACP: centralize binding context and remove reverse deps

* Infra: unify system message formatting

* ACP: centralize error boundaries and session id rendering

* ACP: enforce init concurrency cap and strict meta clear

* Tests: fix ACP dispatch binding mock typing

* Tests: fix Discord thread-binding mock drift and ACP request id

* ACP: gate slash bypass and persist cleared overrides

* ACPX: await pre-abort cancel before runTurn return

* Extension: pin acpx runtime dependency to 0.1.11

* Docs: add pinned acpx install strategy for ACP extension

* Extensions/acpx: enforce strict local pinned startup

* Extensions/acpx: tighten acp-router install guidance

* ACPX: retry runtime test temp-dir cleanup

* Extensions/acpx: require proactive ACPX repair for thread spawns

* Extensions/acpx: require restart offer after acpx reinstall

* extensions/acpx: remove workspace protocol devDependency

* extensions/acpx: bump pinned acpx to 0.1.13

* extensions/acpx: sync lockfile after dependency bump

* ACPX: make runtime spawn Windows-safe

* fix: align doctor-config-flow repair tests with default-account migration (#23580) (thanks @osolmaz)
 2026-02-26 11:00:09 +01:00
Gustavo Madeira Santana
a690b62391 Doctor: ignore slash sessions in transcript integrity check 
Merged via deterministic merge flow.

Prepared head SHA: e5cee7a2eca80e9a61021b323190786ef6a016bd

Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
 2026-02-26 04:35:08 -05:00
Gustavo Madeira Santana
dfa0b5b4fc Channels: move single-account config into accounts.default (#27334) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 50b57718085368d302680ec93fab67f5ed6140a4
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-02-26 04:06:03 -05:00
Gustavo Madeira Santana
96c7702526 Agents: add account-scoped bind and routing commands (#27195) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: ad35a458a55427614a35c9d0713a7386172464ad
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-02-26 02:36:56 -05:00
Gustavo Madeira Santana
f08fe02a1b Onboarding: support plugin-owned interactive channel flows (#27191) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 53872cf8e75562db012b66f888928524daff08d2
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-02-26 01:14:57 -05:00
Aleksandrs Tihenko
c0026274d9 fix(auth): distinguish revoked API keys from transient auth errors (#25754) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 8f9c07a200644284e11adae76368adab40c5fa4e
Co-authored-by: rrenamed <87486610+rrenamed@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-02-25 19:47:16 -05:00
byungsker
177386ed73 fix(tui): resolve wrong provider prefix when session has model without modelProvider (#25874) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: f0953a72845fb3f9e8745cb6ab476cea7a5cd98b
Co-authored-by: lbo728 <72309817+lbo728@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-02-25 00:36:27 -05:00
Peter Steinberger
52d933b3a9 refactor: replace bot.molt identifiers with ai.openclaw 2026-02-25 05:03:24 +00:00
Peter Steinberger
885452f5c1 fix: fail-closed shared-session reply routing (#24571) (thanks @brandonwise) 2026-02-25 02:11:34 +00:00
suko
b3e6653503 fix(onboard): avoid false 'telegram plugin not available' block 2026-02-24 23:55:27 +00:00
Peter Steinberger
4355e08262 refactor: harden safe-bin trusted dir diagnostics 2026-02-24 23:29:44 +00:00