negodiy/openclaw
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
17,213 Commits 1 Branch 0 Tags
ca49372a8d3efe62eb0fa2da816aeff5cbfda7da
Commit Graph

182 Commits

Author SHA1 Message Date
Josh Avant
646817dd80 fix(outbound): unify resolved cfg threading across send paths (#33987) 2026-03-04 00:20:44 -06:00
Peter Steinberger
47083460ea refactor: unify inbound debounce policy and split gateway/models helpers 2026-03-03 00:54:33 +00:00
Peter Steinberger
ea3b7dfde5 fix(channels): normalize MIME kind parsing and reaction fallbacks 2026-03-02 23:48:11 +00:00
Peter Steinberger
b782ecb7eb refactor: harden plugin install flow and main DM route pinning 2026-03-02 21:22:38 +00:00
Peter Steinberger
08f8aea32e fix(signal): land #31138 syncMessage presence filtering (@Sid-Qin) 
Landed from contributor PR #31138 by @Sid-Qin.

Co-authored-by: Sid-Qin <sidqin0410@gmail.com>
 2026-03-02 03:28:25 +00:00
Shawn
654f63e8f8 fix(signal): prevent sentTranscript sync messages from bypassing loop protection (#31093) 
* fix(signal): prevent sentTranscript sync messages from bypassing loop protection

Issue: #31084

On daemon restart, sentTranscript sync messages could bypass loop protection
because the syncMessage check happened before the sender validation. This
reorganizes the checks to:

1. First resolve the sender (phone or UUID)
2. Check if the message is from our own account (both phone and UUID)
3. Only skip sync messages from other sources after confirming not own account

This ensures that sync messages from the own account are properly filtered
to prevent self-reply loops, while still allowing messages synced from other
devices to be processed.

Added optional accountUuid config field for UUID-based account identification.

* fix(signal): cover UUID-only own-message loop protection

* build: regenerate host env security policy swift

---------

Co-authored-by: Kevin Wang <kevin@example.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
 2026-03-02 01:11:22 +00:00
Peter Steinberger
8e48520d74 fix(channels): align command-body parsing sources 2026-03-01 23:11:48 +00:00
Peter Steinberger
564be6b402 refactor(channels): unify dm pairing policy flows 2026-02-26 22:36:20 +01:00
Peter Steinberger
bce643a0bd refactor(security): enforce account-scoped pairing APIs 2026-02-26 21:57:52 +01:00
Peter Steinberger
dc6e4a5b13 fix: harden dm command authorization in open mode 2026-02-26 19:49:36 +01:00
Peter Steinberger
64de4b6d6a fix: enforce explicit group auth boundaries across channels 2026-02-26 18:49:16 +01:00
Peter Steinberger
cd80c7e7ff refactor: unify dm policy store reads and reason codes 2026-02-26 17:47:57 +01:00
Peter Steinberger
8f8e46d898 refactor: unify reaction ingress policy guards across channels 2026-02-26 01:34:47 +01:00
Peter Steinberger
c6dfa26f03 refactor(signal): unify reaction auth flow and table-drive tests 2026-02-26 01:02:05 +01:00
Peter Steinberger
2aa7842ade fix(signal): enforce auth before reaction notification enqueue 2026-02-26 00:44:46 +01:00
Peter Steinberger
d42ef2ac62 refactor: consolidate typing lifecycle and queue policy 2026-02-25 02:16:03 +00:00
Peter Steinberger
e0201c2774 fix: keep channel typing active during long inference (#25886, thanks @stakeswky) 
Co-authored-by: stakeswky <stakeswky@users.noreply.github.com>
 2026-02-25 02:03:27 +00:00
Peter Steinberger
f97c0922e1 fix(security): harden account-key handling against prototype pollution 2026-02-24 01:09:31 +00:00
Peter Steinberger
b3c78e5e05 refactor(outbound): reuse signal uuid detection and payload types 2026-02-22 17:54:51 +00:00
Peter Steinberger
24ea941e28 test: dedupe auto-reply web and signal flows 2026-02-22 17:11:54 +00:00
Peter Steinberger
a0d0104a86 test: speed up signal reconnect and temp path guard scans 2026-02-22 14:44:19 +00:00
Peter Steinberger
ac3ac6a83a refactor(signal): extract rpc parse helper and validate response envelope 2026-02-22 15:29:56 +01:00
Peter Steinberger
184844e50c fix: add signal rpc malformed-json regression test (#22995) (thanks @adhitShet) 2026-02-22 15:23:37 +01:00
adhitShet
4b78e91acd fix(signal): guard JSON.parse of Signal RPC response with try-catch 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-22 15:23:37 +01:00
Peter Steinberger
adfbbcf1f6 chore: merge origin/main into main 2026-02-22 13:42:52 +00:00
Peter Steinberger
494bb685f8 test: merge signal typing-read-receipt coverage into inbound contract suite 2026-02-22 13:24:53 +00:00
Peter Steinberger
a395479d8b test: merge signal sender-prefix coverage into typing suite 2026-02-22 13:12:57 +00:00
Peter Steinberger
6dd36a6b77 refactor(channels): reuse runtime group policy helpers 2026-02-22 12:44:23 +01:00
Peter Steinberger
85e5ed3f78 refactor(channels): centralize runtime group policy handling 2026-02-22 12:35:41 +01:00
Peter Steinberger
777817392d fix: fail closed missing provider group policy across message channels (#23367) (thanks @bmendonca3) 2026-02-22 12:21:04 +01:00
Peter Steinberger
585a143f21 test: reclassify config and channel monitor behavior suites 2026-02-22 11:04:58 +00:00
Peter Steinberger
5a0032de3e refactor(signal): extract daemon lifecycle and typed exit handling 2026-02-22 11:09:10 +01:00
Peter Steinberger
602a1ebd55 fix: handle intentional signal daemon shutdown on abort (#23379) (thanks @frankekn) 2026-02-22 10:59:34 +01:00
Frank Yang
1051f42f96 fix(stability): patch regex retries and timeout abort handling 2026-02-22 10:59:34 +01:00
Peter Steinberger
6c2e999776 refactor(security): unify secure id paths and guard weak patterns 2026-02-22 10:16:19 +01:00
Peter Steinberger
df35829810 test(inbound): share dispatch capture mock across channels 2026-02-22 07:44:57 +00:00
Peter Steinberger
a9b14df1e3 test(signal): use lightweight clears in sender-prefix and receipts setup 2026-02-22 07:35:55 +00:00
Peter Steinberger
14d6b3741c test(channels): use lightweight clears in probe and reaction setup 2026-02-22 07:35:55 +00:00
Peter Steinberger
0bd9f0d4ac fix: enforce strict allowlist across pairing stores (#23017) 2026-02-22 00:00:23 +01:00
Peter Steinberger
58254b3b57 test: dedupe channel and transport adapters 2026-02-21 21:44:01 +00:00
Peter Steinberger
8588183abe test: stabilize docker e2e suites for pairing and model updates 2026-02-21 16:38:48 +01:00
Peter Steinberger
4e62bdf78d refactor(signal): reuse shared reaction types 2026-02-18 23:34:15 +00:00
Peter Steinberger
e1b491d961 test(channels): dedupe inbound contract dispatch capture setup 2026-02-18 13:13:43 +00:00
Peter Steinberger
bb84452c62 fix(signal): restore mention-gating helper map typing 2026-02-18 12:43:46 +00:00
Peter Steinberger
37b5c92928 test(signal): dedupe mention-gating handler setup 2026-02-18 12:38:44 +00:00
Peter Steinberger
9b68af5f4f test(signal): dedupe receive event fixtures and add mention clamp case 2026-02-18 12:37:38 +00:00
Peter Steinberger
9c2b82362e test(signal): dedupe monitor tool-result test payload fixtures 2026-02-18 12:28:35 +00:00
Peter Steinberger
b8b43175c5 style: align formatting with oxfmt 0.33 2026-02-18 01:34:35 +00:00
Peter Steinberger
31f9be126c style: run oxfmt and fix gate failures 2026-02-18 01:29:02 +00:00
Josh Avant
b20339a232 fix(signal): canonicalize message targets in tool and inbound flows 2026-02-17 14:17:22 -08:00