github/openclaw
1
1
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-02-19 18:39:20 -05:00
Code Issues Packages Projects Releases Wiki Activity
11,464 Commits 404 Branches 56 Tags
split/gateway-cli-pairing
Commit Graph

2718 Commits

Author SHA1 Message Date
pierreeurope
fec4be8dec fix(cron): prevent daily jobs from skipping days (48h jump) #17852 (#17903) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 1ffe6a45af
Co-authored-by: pierreeurope <248892285+pierreeurope@users.noreply.github.com>
Co-authored-by: sebslight <19554889+sebslight@users.noreply.github.com>
Reviewed-by: @sebslight
 2026-02-16 08:35:49 -05:00
brandonwise
095d522099 fix(security): create session transcript files with 0o600 permissions (#18066) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 962f497d24
Co-authored-by: brandonwise <21148772+brandonwise@users.noreply.github.com>
Co-authored-by: sebslight <19554889+sebslight@users.noreply.github.com>
Reviewed-by: @sebslight
 2026-02-16 08:33:40 -05:00
sebslight
f4b2fd00bc fix(config): harden object-array merge-by-id fallback 2026-02-16 08:24:55 -05:00
Hongwei Ma
dddb1bc942 fix(telegram): fix streaming with extended thinking models overwriting previous messages/ also happens to Execution error (#17973) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 34b52eead8
Co-authored-by: Marvae <11957602+Marvae@users.noreply.github.com>
Co-authored-by: obviyus <22031114+obviyus@users.noreply.github.com>
Reviewed-by: @obviyus
 2026-02-16 18:54:34 +05:30
Jackten
e3e8046a93 fix(infra): avoid detached finally unhandled rejection in fetch wrapper (#18014) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 4ec21c89cb
Co-authored-by: Jackten <2895479+Jackten@users.noreply.github.com>
Co-authored-by: sebslight <19554889+sebslight@users.noreply.github.com>
Reviewed-by: @sebslight
 2026-02-16 08:17:23 -05:00
不做了睡大觉
cb391f4bdc fix(config): prevent config.patch from destroying arrays when patch entries lack id (#18030) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: a857df9e32
Co-authored-by: stakeswky <64798754+stakeswky@users.noreply.github.com>
Co-authored-by: sebslight <19554889+sebslight@users.noreply.github.com>
Reviewed-by: @sebslight
 2026-02-16 08:13:51 -05:00
zerone0x
c2a0cf0c28 fix(tts): update tool description to prevent duplicate audio delivery (#18046) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 70c096abaa
Co-authored-by: zerone0x <39543393+zerone0x@users.noreply.github.com>
Co-authored-by: sebslight <19554889+sebslight@users.noreply.github.com>
Reviewed-by: @sebslight
 2026-02-16 08:09:02 -05:00
Ítalo Souza
39bb1b3322 fix: auto-recover primary model after rate-limit cooldown expires (#17478) (#18045) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: f7a7865727
Co-authored-by: PlayerGhost <28265945+PlayerGhost@users.noreply.github.com>
Co-authored-by: sebslight <19554889+sebslight@users.noreply.github.com>
Reviewed-by: @sebslight
 2026-02-16 08:03:35 -05:00
yinghaosang
244ed9db39 fix(telegram): draft stream preview not threaded when replyToMode is on (#17880) (#17928) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: cfd4181a23
Co-authored-by: yinghaosang <261132136+yinghaosang@users.noreply.github.com>
Co-authored-by: obviyus <22031114+obviyus@users.noreply.github.com>
Reviewed-by: @obviyus
 2026-02-16 18:10:24 +05:30
Ayaan Zaidi
b2aa6e094d fix(telegram): prevent non-abort slash commands from racing chat replies (#17899) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 5c2f6f2c96
Co-authored-by: obviyus <22031114+obviyus@users.noreply.github.com>
Co-authored-by: obviyus <22031114+obviyus@users.noreply.github.com>
Reviewed-by: @obviyus
 2026-02-16 16:21:10 +05:30
Advait Paliwal
bc67af6ad8 cron: separate webhook POST delivery from announce (#17901) 
* cron: split webhook delivery from announce mode

* cron: validate webhook delivery target

* cron: remove legacy webhook fallback config

* fix: finalize cron webhook delivery prep (#17901) (thanks @advaitpaliwal)

---------

Co-authored-by: Tyler Yust <TYTYYUST@YAHOO.COM>
 2026-02-16 02:36:00 -08:00
Peter Steinberger
39fa81dc96 chore: bump version to 2026.2.16 2026-02-16 06:08:47 +01:00
Varun Kruthiventi
c62b90a2b7 fix(telegram): stop block streaming from splitting messages when streamMode is off (#17704) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 847162caad
Co-authored-by: saivarunk <2976867+saivarunk@users.noreply.github.com>
Co-authored-by: obviyus <22031114+obviyus@users.noreply.github.com>
Reviewed-by: @obviyus
 2026-02-16 09:57:29 +05:30
Vignesh Natarajan
3e1986f119 chore (changelog): note qmd collection isolation fix 2026-02-15 20:15:12 -08:00
Peter Steinberger
3fe22ea2fd chore(release): align .15 changelog ordering and release notes 2026-02-16 04:50:24 +01:00
Peter Steinberger
41ded303b4 fix(sandbox): preserve array order in config hashing 2026-02-16 04:32:03 +01:00
Vignesh Natarajan
cbf58d2e1c fix(memory): harden context window cache collisions 2026-02-15 19:31:52 -08:00
Peter Steinberger
559c8d9930 fix: replace deprecated SHA-1 in sandbox config hash 2026-02-16 04:30:59 +01:00
Vignesh Natarajan
18c6f40d32 chore (changelog): credit LINE webhook fail-closed hardening 2026-02-15 19:25:33 -08:00
McRolly NWANGWU
d19b746928 feat(skills): add cross-platform install fallback for non-brew environments (#17687) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 3ed4850838
Co-authored-by: mcrolly <60803337+mcrolly@users.noreply.github.com>
Co-authored-by: sebslight <19554889+sebslight@users.noreply.github.com>
Reviewed-by: @sebslight
 2026-02-15 22:25:26 -05:00
Vignesh Natarajan
9df21da129 chore (changelog): credit memory flush runtime date fix 2026-02-15 19:20:38 -08:00
Shadow
a61c2dc4bd Discord: add component v2 UI tool support (#17419) 2026-02-15 21:19:25 -06:00
Vignesh Natarajan
7089885ac4 chore (changelog): credit unicode FTS tokenization fix 2026-02-15 19:17:06 -08:00
Vignesh Natarajan
82631d225c chore (changelog): credit sandbox prompt path guidance fix 2026-02-15 19:16:02 -08:00
Vignesh Natarajan
0b3d4b8e57 chore (changelog): credit control-ui scope bypass fix 2026-02-15 19:12:10 -08:00
Vignesh Natarajan
a203430aa3 chore (changelog): credit pairing account isolation fix 2026-02-15 19:10:06 -08:00
Peter Steinberger
e1e46dc11b docs: reorder 2026.2.15 changelog entries by impact 2026-02-16 04:06:46 +01:00
Vignesh Natarajan
e7a053b4dd chore (changelog): credit qmd session collection rebind fix 2026-02-15 19:03:59 -08:00
Vignesh Natarajan
8e162d9319 chore (changelog): credit inbound metadata id fix 2026-02-15 19:01:08 -08:00
Tag
6802b155a8 fix: stop LLM retry loop when browser control service is unavailable (#17673) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 90f47fe132
Co-authored-by: tag-assistant <260167501+tag-assistant@users.noreply.github.com>
Co-authored-by: sebslight <19554889+sebslight@users.noreply.github.com>
Reviewed-by: @sebslight
 2026-02-15 21:53:49 -05:00
Peter Steinberger
2363e1b085 fix(security): restrict skill download target paths 2026-02-16 03:47:28 +01:00
Peter Steinberger
c6c53437f7 fix(security): scope session tools and webhook secret fallback 2026-02-16 03:47:10 +01:00
seewhy
ddcc7a1a5d fix(discord): dedupe native skill commands by skillName (#17365) 
* fix(discord): dedupe native skill commands by skill name

* Changelog: credit Discord skill dedupe

---------

Co-authored-by: yume <yume@yumedeMacBook-Pro.local>
Co-authored-by: Shadow <hi@shadowing.dev>
 2026-02-15 20:33:51 -06:00
Peter Steinberger
cf69907015 fix(security): redact Telegram bot tokens in errors 2026-02-16 03:30:53 +01:00
Shakker
09566b1693 fix(discord): preserve channel session keys via channel_id fallbacks (#17622) 
* fix(discord): preserve channel session keys via channel_id fallbacks

* docs(changelog): add discord session continuity note

* Tests: cover discord channel_id fallback

---------

Co-authored-by: Shadow <hi@shadowing.dev>
 2026-02-15 20:30:17 -06:00
Peter Steinberger
ba84b12535 fix: harden pre-commit hook against option injection 2026-02-16 03:23:45 +01:00
Peter Steinberger
cbc3de6c97 docs(changelog): fix conflict marker 2026-02-16 03:15:57 +01:00
Peter Steinberger
01b1e350b2 docs: note Control UI XSS fix 2026-02-16 03:15:57 +01:00
Peter Steinberger
887b209db4 fix(security): harden sandbox docker config validation 2026-02-16 03:04:06 +01:00
Peter Steinberger
93b9f1ec5f docs(changelog): note prompt path injection hardening 2026-02-16 02:53:40 +01:00
Onur
cd44a0d01e fix: codex and similar processes keep dying on pty, solved by refactoring process spawning (#14257) 
* exec: clean up PTY resources on timeout and exit

* cli: harden resume cleanup and watchdog stalled runs

* cli: productionize PTY and resume reliability paths

* docs: add PTY process supervision architecture plan

* docs: rewrite PTY supervision plan as pre-rewrite baseline

* docs: switch PTY supervision plan to one-go execution

* docs: add one-line root cause to PTY supervision plan

* docs: add OS contracts and test matrix to PTY supervision plan

* docs: define process-supervisor package placement and scope

* docs: tie supervisor plan to existing CI lanes

* docs: place PTY supervisor plan under src/process

* refactor(process): route exec and cli runs through supervisor

* docs(process): refresh PTY supervision plan

* wip

* fix(process): harden supervisor timeout and PTY termination

* fix(process): harden supervisor adapters env and wait handling

* ci: avoid failing formal conformance on comment permissions

* test(ui): fix cron request mock argument typing

* fix(ui): remove leftover conflict marker

* fix: supervise PTY processes (#14257) (openclaw#14257) (thanks @onutc)
 2026-02-16 02:32:05 +01:00
Advait Paliwal
14fb2c05b1 Gateway/Control UI: preserve partial output on abort (#15026) 
* Gateway/Control UI: preserve partial output on abort

* fix: finalize abort partial handling and tests (#15026) (thanks @advaitpaliwal)

---------

Co-authored-by: Tyler Yust <TYTYYUST@YAHOO.COM>
 2026-02-15 16:55:28 -08:00
Peter Steinberger
166cf6a3e0 fix(web_fetch): cap response body before parsing 2026-02-16 01:21:11 +01:00
Advait Paliwal
115cfb4430 gateway: add cron finished-run webhook (#14535) 
* gateway: add cron finished webhook delivery

* config: allow cron webhook in runtime schema

* cron: require notify flag for webhook posts

* ui/docs: add cron notify toggle and webhook docs

* fix: harden cron webhook auth and fill notify coverage (#14535) (thanks @advaitpaliwal)

---------

Co-authored-by: Tyler Yust <TYTYYUST@YAHOO.COM>
 2026-02-15 16:14:17 -08:00
Peter Steinberger
e3445f59c9 docs(changelog): note inter-session provenance security fix 2026-02-16 00:31:51 +01:00
David Harmeyer
7c822d039b feat(plugins): expose llm input/output hook payloads (openclaw#16724) thanks @SecondThread 
Verified:
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: SecondThread <18317476+SecondThread@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-15 16:01:00 -06:00
Tak Hoffman
0c77851516 fix(agents): mark required-param tool errors as non-retryable (#17533) 
* Agents: mark missing tool params as non-retryable

* Agents: include all missing required params in tool errors

* Agents: change required-param errors to retry guidance

* Docs: align changelog text for issue #14729 guidance wording
 2026-02-15 15:50:44 -06:00
Vignesh Natarajan
059573a48d chore (changelog): attribute issues #17515 #17466 #17505 #17404 2026-02-15 13:12:10 -08:00
Gustavo Madeira Santana
b4f14d6f7a Gateway: hide BOOTSTRAP in agent files after onboarding completes (#17491) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: f95f6dd052
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-02-15 15:42:43 -05:00
Xinhua Gu
c682634188 fix(discord): role-based allowlist never matches (Carbon Role objects stringify to mentions) (#16369) 
* fix(discord): role-based allowlist never matches because Carbon Role objects stringify to mentions

Carbon's GuildMember.roles getter returns Role[] objects, not raw ID strings.
String(Role) produces '<@&123456>' which never matches the plain role IDs
in the guild allowlist config.

Use data.rawMember.roles (raw Discord API string array) instead of
data.member.roles (Carbon Role[] objects) for role ID extraction.

Fixes #16207

* Docs: add discord role allowlist changelog entry

---------

Co-authored-by: Shadow <hi@shadowing.dev>
 2026-02-15 13:05:46 -06:00