negodiy/openclaw
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
18,225 Commits 1 Branch 0 Tags
c25e46a433310a77143e5a4c9c1258d9b5397b9f
Commit Graph

4794 Commits

Author SHA1 Message Date
Peter Steinberger
c25e46a433 chore: prepare 2026.3.12 release 2026-03-13 01:38:20 +00:00
Nachx639
e951a42bcb fix(mac): adopt canonical session key and add reset triggers (#10898) 
Add shared native chat handling for /new, /reset, and /clear.

This also aligns main session key handling in the shared chat UI and includes follow-up test and CI fixes needed to keep the branch mergeable.

Co-authored-by: Nachx639 <71144023+Nachx639@users.noreply.github.com>
Co-authored-by: Luke <92253590+ImLukeF@users.noreply.github.com>
 2026-03-13 12:35:39 +11:00
Peter Steinberger
b14a5c6713 fix(zalouser): require ids for group allowlist auth 2026-03-13 01:31:17 +00:00
Peter Steinberger
d5b3f2ed71 fix(models): keep codex spark codex-only 2026-03-13 00:53:21 +00:00
Vincent Koc
d4f535b203 fix(hooks): fail closed on unreadable loader paths (#44437) 
* Hooks: fail closed on unreadable loader paths

* Changelog: note hooks loader hardening

* Tests: cover sanitized hook loader logs

* Hooks: use realpath containment for legacy loaders

* Hooks: sanitize unreadable workspace log path
 2026-03-12 20:47:30 -04:00
Vincent Koc
2649c03cdb fix(hooks): dedupe repeated agent deliveries by idempotency key (#44438) 
* Hooks: add hook idempotency key resolution

* Hooks: dedupe repeated agent deliveries by idempotency key

* Tests: cover hook idempotency dedupe

* Changelog: note hook idempotency dedupe

* Hooks: cap hook idempotency key length

* Gateway: hash hook replay cache keys

* Tests: cover hook replay key hardening
 2026-03-12 20:43:38 -04:00
Peter Steinberger
91b701e183 fix: harden windows native updates 2026-03-12 23:42:14 +00:00
Peter Steinberger
35aafd7ca8 feat: add Anthropic fast mode support 2026-03-12 23:39:03 +00:00
Peter Steinberger
d5bffcdeab feat: add fast mode toggle for OpenAI models 2026-03-12 23:31:31 +00:00
Peter Steinberger
ddcaec89e9 fix(node-host): fail closed on ruby approval preload flags 2026-03-12 23:23:54 +00:00
Peter Steinberger
2c8f31135b test: cover provider plugin boundaries 2026-03-12 22:43:55 +00:00
Peter Steinberger
9692dc7668 fix(security): harden nodes owner-only tool gating 2026-03-12 22:27:52 +00:00
Peter Steinberger
bf89947a8e fix: switch pairing setup codes to bootstrap tokens 2026-03-12 22:23:07 +00:00
ToToKr
9cd54ea882 fix: skip cache-ttl append after compaction to prevent double compaction (#28548) 
Merged via squash.

Prepared head SHA: a4114a52bcff6ed4057cc54d3c629bd723f3d420
Co-authored-by: MoerAI <26067127+MoerAI@users.noreply.github.com>
Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com>
Reviewed-by: @jalehman
 2026-03-12 15:17:18 -07:00
jnMetaCode
7332e6d609 fix(failover): classify HTTP 422 as format and OpenRouter credits as billing (#43823) 
Merged via squash.

Prepared head SHA: 4f48e977fe06c5662753d3900fe94f1835cc2dce
Co-authored-by: jnMetaCode <12096460+jnMetaCode@users.noreply.github.com>
Co-authored-by: altaywtf <9790196+altaywtf@users.noreply.github.com>
Reviewed-by: @altaywtf
 2026-03-13 00:50:28 +03:00
Peter Steinberger
904db27019 fix(security): audit unrestricted hook agent routing 2026-03-12 21:36:19 +00:00
Rodrigo Uroz
143e593ab8 Compaction Runner: wire post-compaction memory sync (#25561) 
Merged via squash.

Prepared head SHA: 6d2bc02cc16429a19b041acd353c08dd2404335f
Co-authored-by: rodrigouroz <384037+rodrigouroz@users.noreply.github.com>
Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com>
Reviewed-by: @jalehman
 2026-03-12 14:24:29 -07:00
bwjoke
fd568c4f74 fix(failover): classify ZenMux quota-refresh 402 as rate_limit (#43917) 
Merged via squash.

Prepared head SHA: 1d58a36a774d06b1493971e8f14f9abc806be6b0
Co-authored-by: bwjoke <1284814+bwjoke@users.noreply.github.com>
Co-authored-by: altaywtf <9790196+altaywtf@users.noreply.github.com>
Reviewed-by: @altaywtf
 2026-03-13 00:06:43 +03:00
Wayne
d93db0fc13 fix(failover): classify z.ai network_error stop reason as retryable timeout (#43884) 
Merged via squash.

Prepared head SHA: 9660f6cd5bcb8d073fc5575bbba2bf3792b29de3
Co-authored-by: hougangdev <105773686+hougangdev@users.noreply.github.com>
Co-authored-by: altaywtf <9790196+altaywtf@users.noreply.github.com>
Reviewed-by: @altaywtf
 2026-03-13 00:00:44 +03:00
Josh Lehman
50cc375c11 feat(context-engine): plumb sessionKey into all ContextEngine methods (#44157) 
Merged via squash.

Prepared head SHA: 0b341f6f4ce487055d8bc0c0d335c42577941592
Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com>
Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com>
Reviewed-by: @jalehman
 2026-03-12 12:43:36 -07:00
Marcus Castro
e525957b4f fix(sandbox): restore spawned workspace handoff (#44307) 2026-03-12 16:12:08 -03:00
Vincent Koc
08aa57a3de Commands: require owner for /config and /debug (#44305) 
* Commands: add non-owner gate helper

* Commands: enforce owner-only config and debug

* Commands/test: cover owner-only config and debug

* Changelog: add owner-only config debug entry

* Commands/test: split config owner gating section

* Commands: redact sender ids in verbose command logs

* Commands: preserve internal read-only config access

* Commands/test: keep operator.write config show coverage non-owner
 2026-03-12 14:58:14 -04:00
Vincent Koc
5e389d5e7c Gateway/ws: clear unbound scopes for shared-token auth (#44306) 
* Gateway/ws: clear unbound shared-auth scopes

* Gateway/auth: cover shared-token scope stripping

* Changelog: add shared-token scope stripping entry

* Gateway/ws: preserve allowed control-ui scopes

* Gateway/auth: assert control-ui admin scopes survive allowed device-less auth

* Gateway/auth: cover shared-password scope stripping
 2026-03-12 14:52:24 -04:00
Vincent Koc
1492ad20a9 Ollama/Kimi: apply Moonshot payload compatibility (#44274) 
* Runner: extend Moonshot payload compat to Ollama Kimi

* Changelog: note Ollama Kimi tool routing

* Tests: cover Ollama Kimi payload compat

* Runner: narrow Ollama Kimi payload compat
 2026-03-12 14:17:01 -04:00
Val Alexander
2d42588a18 chore(changelog): update CHANGELOG.md to include new features in dashboard-v2, highlighting the refreshed gateway dashboard with modular views and enhanced chat tools (#41503) 2026-03-12 12:56:24 -05:00
Josh Lehman
9cb0fa58c2 fix: restore protocol outputs and stabilize Windows path CI (#44266) 
* fix(ci): restore protocol outputs and stabilize Windows path test

Regenerate the Swift protocol models so protocol:check stops failing on main.
Align the session target test helper with the sync production realpath behavior so Windows does not compare runneradmin and RUNNER~1 spellings for the same file.

Regeneration-Prompt: |
  Investigate the failing checks from merged PR #34485 and confirm whether they still affect current main before changing code. Keep the fix tight: do not alter runtime behavior beyond what is required to clear the reproduced CI regressions. Commit the generated Swift protocol outputs for the PushTestResult transport field because protocol:check was failing from stale generated files on main. Also fix the Windows-only session target test by making its helper use the same synchronous realpath behavior as production discovery, so path spelling differences like runneradmin versus RUNNER~1 do not cause a false assertion failure.

* fix(ci): align session target realpath behavior on Windows

Use native realpath for sync session target discovery so it matches the async path on Windows, and update the session target test helper to assert against the same canonical path form.

Regeneration-Prompt: |
  After opening the follow-up PR for the CI regressions from merged PR #34485, inspect the new failing Windows shard instead of assuming the first fix covered every case. Keep scope limited to the session target path mismatch exposed by CI. Fix the inconsistency at the source by making sync session target discovery use the same native realpath canonicalization as the async discovery path on Windows, then update the test helper to match that shared behavior and verify the touched file with targeted tests and file-scoped lint/format checks.

* test: make merge config fixtures satisfy provider type

After rebasing the PR onto current origin/main, the merge helper test fixtures no longer satisfied ProviderConfig because the anthropic provider examples were missing required provider and model fields. Add a shared fully-typed model fixture and explicit anthropic baseUrl values so the test keeps full type coverage under tsgo.

Regeneration-Prompt: |
  Rebase the PR branch for #44266 onto the current origin/main because the failing CI error only reproduced on the merge ref. Re-run the type-check path and inspect src/agents/models-config.merge.test.ts at the exact compiler lines instead of weakening types globally. Keep the fix test-only: make the anthropic ProviderConfig fixtures structurally valid by supplying the required baseUrl and full model definition fields, and keep the shared fixture typed so tsgo accepts it without unknown casts.

* fix: align Windows session store test expectations
 2026-03-12 10:55:29 -07:00
Vincent Koc
86135d5889 Kimi Coding: set default subscription user agent (#44248) 
* Providers: set default Kimi coding user agent

* Tests: cover Kimi coding header overrides

* Changelog: note Kimi coding user agent

* Tests: satisfy Kimi provider fixture type

* Update CHANGELOG.md

* Providers: preserve Kimi headers through models merge
 2026-03-12 13:30:07 -04:00
Vincent Koc
33ba3ce951 fix(node-host): harden ambiguous approval operand binding (#44247) 
* fix(node-host): harden approval operand binding

* test(node-host): cover approval parser hardening

* docs(changelog): note approval hardening GHSA cluster

* Update CHANGELOG.md

* fix(node-host): remove dead approval parser entries

* test(node-host): cover bunx approval wrapper

* fix(node-host): unwrap pnpm shim exec forms

* test(node-host): cover pnpm shim wrappers
 2026-03-12 13:28:35 -04:00
Peter Steinberger
136adb4c02 docs: reorder unreleased changelog 2026-03-12 17:11:31 +00:00
yuweuii
b3e6f92fd2 runner: infer names from malformed toolCallId variants (#34485) 
Merged via squash.

Prepared head SHA: 150ea1a7c90de3232f72498d851719c4dfb00b43
Co-authored-by: yuweuii <82372187+yuweuii@users.noreply.github.com>
Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com>
Reviewed-by: @jalehman
 2026-03-12 09:58:23 -07:00
Peter Steinberger
0b34671de3 fix: canonicalize openrouter native model keys 2026-03-12 16:51:00 +00:00
Peter Steinberger
115f24819e fix: make node-llama-cpp optional for npm installs 2026-03-12 16:45:59 +00:00
Gustavo Madeira Santana
46f0bfc55b Gateway: harden custom session-store discovery (#44176) 
Merged via squash.

Prepared head SHA: 52ebbf5188b47386f2a78ac4715993bc082e911b
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-03-12 16:44:46 +00:00
Vincent Koc
f96ba87f03 Zalo: rate limit invalid webhook secret guesses before auth (#44173) 
* Zalo: rate limit webhook guesses before auth

* Tests: cover pre-auth Zalo webhook rate limiting

* Changelog: note Zalo pre-auth rate limiting

* Zalo: preserve auth-before-content-type response ordering

* Tests: cover auth-before-content-type webhook ordering

* Zalo: split auth and unauth webhook rate-limit buckets

* Tests: cover auth bucket split for Zalo webhook rate limiting

* Zalo: use trusted proxy client IP for webhook rate limiting

* Tests: cover trusted proxy client IP rate limiting for Zalo
 2026-03-12 12:30:50 -04:00
Nimrod Gutman
b77b7485e0 feat(push): add iOS APNs relay gateway (#43369) 
* feat(push): add ios apns relay gateway

* fix(shared): avoid oslog string concatenation

# Conflicts:
#	apps/shared/OpenClawKit/Sources/OpenClawKit/GatewayChannel.swift

* fix(push): harden relay validation and invalidation

* fix(push): persist app attest state before relay registration

* fix(push): harden relay invalidation and url handling

* feat(push): use scoped relay send grants

* feat(push): configure ios relay through gateway config

* feat(push): bind relay registration to gateway identity

* fix(push): tighten ios relay trust flow

* fix(push): bound APNs registration fields (#43369) (thanks @ngutman)
 2026-03-12 18:15:35 +02:00
2233admin
9342739d71 fix(providers): respect user-configured baseUrl for kimi-coding (#36647) 
* fix(providers): respect user-configured baseUrl for kimi-coding

The kimi-coding provider was built exclusively from
`buildKimiCodingProvider()` defaults, ignoring any user-specified
`baseUrl` or other overrides in `openclaw.json` providers config.
This caused 404 errors when users configured a custom endpoint.

Now merge `explicitProviders["kimi-coding"]` on top of defaults,
matching the pattern used by ollama/vllm. User's `baseUrl`, `api`,
and `models` take precedence; env/profile API key still wins.

Fixes #36353

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* Tests: use Kimi implicit provider harness

---------

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
 2026-03-12 12:14:07 -04:00
Vincent Koc
3e28e10c2f Plugins: require explicit trust for workspace-discovered plugins (#44174) 
* Plugins: disable implicit workspace plugin auto-load

* Tests: cover workspace plugin trust gating

* Changelog: note workspace plugin trust hardening

* Plugins: keep workspace trust gate ahead of memory slot defaults

* Tests: cover workspace memory-slot trust bypass
 2026-03-12 12:12:41 -04:00
chengzhichao-xydt
0a8fa0e001 Moonshot: respect explicit baseUrl for CN endpoint so platform.moonshot.cn keys authenticate (#33637) (#33696) 
* Moonshot: respect explicit baseUrl for CN endpoint so platform.moonshot.cn keys authenticate (#33637)

* Moonshot: address review - remove dead constant, import canonical URLs (#33696)
 2026-03-12 12:10:38 -04:00
Jacob Riff
3fa91cd69d feat: add sessions_yield tool for cooperative turn-ending (#36537) 
Merged via squash.

Prepared head SHA: 75d9204c863792226389a4d33eeb40c4e842528d
Co-authored-by: jriff <50276+jriff@users.noreply.github.com>
Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com>
Reviewed-by: @jalehman
 2026-03-12 08:46:47 -07:00
Gustavo Madeira Santana
e6897c800b Plugins: fix env-aware root resolution and caching (#44046) 
Merged via squash.

Prepared head SHA: 6e8852a188b0eaa4d6cf0bb71829023e0e0ed82b
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-03-12 15:31:31 +00:00
Rodrigo Uroz
688e3f0863 Compaction Runner: emit transcript updates post-compact (#25558) 
Merged via squash.

Prepared head SHA: 8a858436ed31805124a9d096bd93ab90e5423672
Co-authored-by: rodrigouroz <384037+rodrigouroz@users.noreply.github.com>
Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com>
Reviewed-by: @jalehman
 2026-03-12 08:22:12 -07:00
Vincent Koc
8ad0ca309e Subagents: stop retrying external completion timeouts (#41235) (#43847) 
* Changelog: add subagent announce timeout note

* Tests: cover subagent completion timeout no-retry

* Subagents: stop retrying external completion timeouts

* Config: update subagent announce timeout default docs

* Tests: use fake timers for subagent timeout retry guard
 2026-03-12 11:03:06 -04:00
Vincent Koc
7844bc89a1 Security: require Feishu webhook encrypt key (#44087) 
* Feishu: require webhook encrypt key in schema

* Feishu: cover encrypt key webhook validation

* Feishu: enforce encrypt key at startup

* Feishu: add webhook forgery regression test

* Feishu: collect encrypt key during onboarding

* Docs: require Feishu webhook encrypt key

* Changelog: note Feishu webhook hardening

* Docs: clarify Feishu encrypt key screenshot

* Feishu: treat webhook encrypt key as secret input

* Feishu: resolve encrypt key only in webhook mode
 2026-03-12 11:01:00 -04:00
Vincent Koc
99170e2408 Hardening: normalize Unicode command obfuscation detection (#44091) 
* Exec: cover unicode obfuscation cases

* Exec: normalize unicode obfuscation detection

* Changelog: note exec detection hardening

* Exec: strip unicode tag character obfuscation

* Exec: harden unicode suppression and length guards

* Exec: require path boundaries for safe URL suppressions
 2026-03-12 10:57:49 -04:00
Vincent Koc
eff0d5a947 Hardening: tighten preauth WebSocket handshake limits (#44089) 
* Gateway: tighten preauth handshake limits

* Changelog: note WebSocket preauth hardening

* Gateway: count preauth frame bytes accurately

* Gateway: cap WebSocket payloads before auth
 2026-03-12 10:55:41 -04:00
Vincent Koc
3e730c0332 Security: preserve Feishu reaction chat type (#44088) 
* Feishu: preserve looked-up chat type

* Feishu: fail closed on ambiguous reaction chats

* Feishu: cover reaction chat type fallback

* Changelog: note Feishu reaction hardening

* Feishu: fail closed without resolved chat type

* Feishu: normalize reaction chat type at runtime
 2026-03-12 10:53:40 -04:00
Vincent Koc
48cbfdfac0 Hardening: require LINE webhook signatures (#44090) 
* LINE: require webhook signatures in express handler

* LINE: require webhook signatures in node handler

* LINE: update express signature tests

* LINE: update node signature tests

* Changelog: note LINE webhook hardening

* LINE: validate signatures before parsing webhook bodies

* LINE: reject missing signatures before body reads
 2026-03-12 10:50:36 -04:00
Lyle
c965049dc6 fix(mattermost): pass mediaLocalRoots through reply delivery (#44021) 
Merged via squash.

Prepared head SHA: 856f11f129f7d6a4bc8f23e8d13c786ecb871f52
Co-authored-by: LyleLiu666 <31182860+LyleLiu666@users.noreply.github.com>
Co-authored-by: mukhtharcm <56378562+mukhtharcm@users.noreply.github.com>
Reviewed-by: @mukhtharcm
 2026-03-12 20:13:51 +05:30
0x4C33
f3be1c828c fix(status): resolve context window by provider-qualified key, prefer max on bare-id collision, solve #35976 (#36389) 
Merged via squash.

Prepared head SHA: f8cf752c59708fb388fd200276115277e8b217d6
Co-authored-by: haoruilee <60883781+haoruilee@users.noreply.github.com>
Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com>
Reviewed-by: @jalehman
 2026-03-12 07:00:36 -07:00
rabsef-bicrym
ff47876e61 fix: carry observed overflow token counts into compaction (#40357) 
Merged via squash.

Prepared head SHA: b99eed4329bda45083cdedc2386c2c4041c034be
Co-authored-by: rabsef-bicrym <52549148+rabsef-bicrym@users.noreply.github.com>
Co-authored-by: jalehman <550978+jalehman@users.noreply.github.com>
Reviewed-by: @jalehman
 2026-03-12 06:58:42 -07:00