negodiy/openclaw
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
15,838 Commits 1 Branch 0 Tags
3002f13ca72c03dbbf16dc281956c9d7bdab1d60
Commit Graph

15838 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Sid
3002f13ca7 feat(config): add openclaw config validate and improve startup error messages (#31220) 
Merged via squash.

Prepared head SHA: 4598f2a541f0bde300a096ef51638408d273c4bd
Co-authored-by: Sid-Qin <201593046+Sid-Qin@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-03-02 00:45:51 -05:00
Vincent Koc
5a2200b280 fix(sessions): harden recycled PID lock recovery follow-up (#31320) 
* fix: detect PID recycling in session write lock staleness check

The session lock uses isPidAlive() to determine if a lock holder is
still running. In containers, PID recycling can cause a different
process to inherit the same PID, making the lock appear valid when
the original holder is dead.

Record the process start time (field 22 of /proc/pid/stat) in the
lock file and compare it during staleness checks. If the PID is alive
but its start time differs from the recorded value, the lock is
treated as stale and reclaimed immediately.

Backward compatible: lock files without starttime are handled with
the existing PID-alive + age-based logic. Non-Linux platforms skip
the starttime check entirely (getProcessStartTime returns null).

* shared: harden pid starttime parsing

* sessions: validate lock pid/starttime payloads

* changelog: note recycled PID lock recovery fix

* changelog: credit hiroki and vincent on lock recovery fix

---------

Co-authored-by: HirokiKobayashi-R <hiroki@rhems-japan.co.jp>
 2026-03-01 21:42:22 -08:00
Ayaan Zaidi
548a502c69 docs: sync android node docs with current pairing and capabilities 2026-03-02 11:08:51 +05:30
Nikolay Petrov
a9f1188785 sessions_spawn: inline attachments with redaction, lifecycle cleanup, and docs (#16761) 
Add inline file attachment support for sessions_spawn (subagent runtime only):

- Schema: attachments[] (name, content, encoding, mimeType) and attachAs.mountPath hint
- Materialization: files written to .openclaw/attachments/<uuid>/ with manifest.json
- Validation: strict base64 decode, filename checks, size limits, duplicate detection
- Transcript redaction: sanitizeToolCallInputs redacts attachment content from persisted transcripts
- Lifecycle cleanup: safeRemoveAttachmentsDir with symlink-safe path containment check
- Config: tools.sessions_spawn.attachments (enabled, maxFiles, maxFileBytes, maxTotalBytes, retainOnSessionKeep)
- Registry: attachmentsDir/attachmentsRootDir/retainAttachmentsOnKeep on SubagentRunRecord
- ACP rejection: attachments rejected for runtime=acp with clear error message
- Docs: updated tools/index.md, concepts/session-tool.md, configuration-reference.md
- Tests: 85 new/updated tests across 5 test files

Fixes:
- Guard fs.rm in materialization catch block with try/catch (review concern #1)
- Remove unreachable fallback in safeRemoveAttachmentsDir (review concern #7)
- Move attachment cleanup out of retry path to avoid timing issues with announce loop

Co-authored-by: Tyler Yust <TYTYYUST@YAHOO.COM>
Co-authored-by: napetrov <napetrov@users.noreply.github.com>
 2026-03-01 21:33:51 -08:00
Peter Steinberger
842deefe5d test: split fast lane from channel and gateway suites 2026-03-02 05:33:07 +00:00
Peter Steinberger
a13586619b test: move integration-heavy suites to e2e lane 2026-03-02 05:33:07 +00:00
Peter Steinberger
656121a12b test: micro-optimize hot unit test files 2026-03-02 05:33:07 +00:00
Peter Steinberger
1de3200973 refactor(infra): centralize boundary traversal and root path checks 2026-03-02 05:20:19 +00:00
Peter Steinberger
7fcec6ca3e refactor(streaming): share approval and stream message builders 2026-03-02 05:20:19 +00:00
Peter Steinberger
6b78544f82 refactor(commands): unify repeated ACP and routing flows 2026-03-02 05:20:19 +00:00
Peter Steinberger
2d31126e6a refactor(shared): extract reused path and normalization helpers 2026-03-02 05:20:19 +00:00
Peter Steinberger
264599cc1d refactor(core): share JSON utf8 byte counting helper 2026-03-02 05:20:19 +00:00
Peter Steinberger
4a1be98254 fix(diffs): harden viewer security and docs 2026-03-02 05:07:09 +00:00
Peter Steinberger
0ab2c82624 docs: dedupe 2026.3.1 changelog entries 2026-03-02 05:04:28 +00:00
Peter Steinberger
6ba7238ac6 build: bump versions to 2026.3.2 2026-03-02 04:55:53 +00:00
Umut CAN
d2472af724 Chore: add Dockerfile HEALTHCHECK and debug-log silent catch blocks (#11478) 
* Docker: add /healthz-based container HEALTHCHECK

* Docs/Docker: document built-in image HEALTHCHECK

* Changelog: note Dockerfile healthcheck probe

* Docs/Docker: explain HEALTHCHECK behavior in plain language

* Docker: relax HEALTHCHECK interval to 3m

---------

Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
 2026-03-01 20:52:14 -08:00
Peter Steinberger
2a8ac974e1 build: prepare 2026.3.1 latest release 2026-03-02 04:50:11 +00:00
Alberto Leal
449511484d fix(gateway): allow ws:// to private network addresses (#28670) 
* fix(gateway): allow ws:// to RFC 1918 private network addresses

resolve ws-private-network conflicts

* gateway: keep ws security strict-by-default with private opt-in

* gateway: apply private ws opt-in in connection detail guard

* gateway: apply private ws opt-in in websocket client

* onboarding: gate private ws urls behind explicit opt-in

* gateway tests: enforce strict ws defaults with private opt-in

* onboarding tests: validate private ws opt-in behavior

* gateway client tests: cover private ws env override

* gateway call tests: cover private ws env override

* changelog: add ws strict-default security entry for pr 28670

* docs(onboard): document private ws break-glass env

* docs(gateway): add private ws env to remote guide

* docs(docker): add private ws break-glass env var

* docs(security): add private ws break-glass guidance

* docs(config): document OPENCLAW_ALLOW_PRIVATE_WS

* Update CHANGELOG.md

* gateway: normalize private-ws host classification

* test(gateway): cover non-unicast ipv6 private-ws edges

* changelog: rename insecure private ws break-glass env

* docs(onboard): rename insecure private ws env

* docs(gateway): rename insecure private ws env in config reference

* docs(gateway): rename insecure private ws env in remote guide

* docs(security): rename insecure private ws env

* docs(docker): rename insecure private ws env

* test(onboard): rename insecure private ws env

* onboard: rename insecure private ws env

* test(gateway): rename insecure private ws env in call tests

* gateway: rename insecure private ws env in call flow

* test(gateway): rename insecure private ws env in client tests

* gateway: rename insecure private ws env in client

* docker: pass insecure private ws env to services

* docker-setup: persist insecure private ws env

---------

Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
 2026-03-01 20:49:45 -08:00
Peter Steinberger
d76b224e20 docs: update appcast for 2026.3.1 2026-03-02 04:41:39 +00:00
Peter Steinberger
92ad89da00 build: prepare 2026.3.1-beta.1 release 2026-03-02 04:38:03 +00:00
Vincent Koc
eeb72097ba Gateway: add healthz/readyz probe endpoints for container checks (#31272) 
* Gateway: add HTTP liveness/readiness probe routes

* Gateway tests: cover probe route auth bypass and methods

* Docker Compose: add gateway /healthz healthcheck

* Docs: document Docker probe endpoints

* Dockerfile: note built-in probe endpoints

* Gateway: make probe routes fallback-only to avoid shadowing

* Gateway tests: verify probe paths do not shadow plugin routes

* Changelog: note gateway container probe endpoints
 2026-03-01 20:36:58 -08:00
Peter Steinberger
0a1eac6b0b fix(ios): eliminate voice wake and xcode build warnings 2026-03-02 04:36:49 +00:00
Peter Steinberger
7073f63610 fix(ios): enforce main-actor device status APIs 2026-03-02 04:36:49 +00:00
Peter Steinberger
cb484f44e9 fix: resolve i18n merge conflict and test hoist failure 2026-03-02 04:36:11 +00:00
cyb1278588254
96ffbb5aaf CLI: add config path subcommand to print active config file path (#26256) 
Merged via squash.

Prepared head SHA: b11c593a34c5730f4244c054e1d1ab536953b0ef
Co-authored-by: cyb1278588254 <48212932+cyb1278588254@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-03-01 23:33:20 -05:00
Peter Steinberger
dc2290aeb1 fix(ci): drop redundant env assertions in daemon status 2026-03-02 04:32:35 +00:00
Peter Steinberger
8b05e4091c fix(discord): prefer names in allowlist resolution logs 2026-03-02 04:31:10 +00:00
Vincent Koc
b7615e0ce3 Exec/ACP: inject OPENCLAW_SHELL into child shell env (#31271) 
* exec: mark runtime shell context in exec env

* tests(exec): cover OPENCLAW_SHELL in gateway exec

* tests(exec): cover OPENCLAW_SHELL in pty mode

* acpx: mark runtime shell context for spawned process

* tests(acpx): log OPENCLAW_SHELL in runtime fixture

* tests(acpx): assert OPENCLAW_SHELL in runtime prompt

* docs(env): document OPENCLAW_SHELL runtime markers

* docs(exec): describe OPENCLAW_SHELL exec marker

* docs(acp): document OPENCLAW_SHELL acp marker

* docs(gateway): note OPENCLAW_SHELL for background exec

* tui: tag local shell runs with OPENCLAW_SHELL

* tests(tui): assert OPENCLAW_SHELL in local shell runner

* acp client: tag spawned bridge env with OPENCLAW_SHELL

* tests(acp): cover acp client OPENCLAW_SHELL env helper

* docs(env): include acp-client and tui-local shell markers

* docs(acp): document acp-client OPENCLAW_SHELL marker

* docs(tui): document tui-local OPENCLAW_SHELL marker

* exec: keep shell runtime env string-only for docker args

* changelog: note OPENCLAW_SHELL runtime markers
 2026-03-01 20:31:06 -08:00
Peter Steinberger
aeb817353f style(changelog): apply oxfmt 2026-03-02 04:30:05 +00:00
Peter Steinberger
1c0d36eed0 fix(ci): resolve i18n typing and generated-policy drift 2026-03-02 04:29:18 +00:00
Peter Steinberger
fa9148400e fix(android): align lint gates and photo permission handling 2026-03-02 04:28:17 +00:00
Peter Steinberger
37d036714e fix(thinking): default Claude 4.6 to adaptive 2026-03-02 04:27:26 +00:00
Sid
4691aab019 fix(cron): guard against year-rollback in croner nextRun (#30777) 
* fix(cron): guard against year-rollback in croner nextRun

Croner can return a past-year timestamp for some timezone/date
combinations (e.g. Asia/Shanghai).  When nextRun returns a value at or
before nowMs, retry from the next whole second and, if still stale,
from midnight-tomorrow UTC before giving up.

Closes #30351

* googlechat: guard API calls with SSRF-safe fetch

* test: fix hoisted plugin context mock setup

---------

Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-03-01 22:22:59 -06:00
Peter Steinberger
6fc0787bf0 chore(deps): bump workspace dependencies 2026-03-02 04:22:33 +00:00
Peter Steinberger
8208f5e822 docs: reorder unreleased changelog by user impact 2026-03-02 04:19:56 +00:00
Peter Steinberger
619dfa88cb fix(discord): enrich allowlist resolution logs 2026-03-02 04:19:37 +00:00
Peter Steinberger
d17f4432b3 chore: fix gate formatting and raw-fetch allowlist lines 2026-03-02 04:18:48 +00:00
Peter Steinberger
7b3f506e64 style(swift): apply swiftformat and swiftlint fixes 2026-03-02 04:15:43 +00:00
Peter Steinberger
e1f3ded033 refactor: split telegram delivery and unify media/frontmatter/i18n pipelines 2026-03-02 04:14:06 +00:00
Peter Steinberger
706cfcd54f fix: isolate docker onboard e2e config env 2026-03-02 04:10:28 +00:00
Peter Steinberger
f46bd2e0cc refactor(feishu): split monitor startup and transport concerns 2026-03-02 04:09:24 +00:00
Peter Steinberger
c0bf42f2a8 refactor: centralize delivery/path/media/version lifecycle 2026-03-02 04:04:36 +00:00
Peter Steinberger
f4f094fc3b test(mattermost): cover defaultAccount resolution 2026-03-02 04:03:55 +00:00
Peter Steinberger
41537e9303 fix(channels): add optional defaultAccount routing 2026-03-02 04:03:46 +00:00
Peter Steinberger
0437ac1a89 fix(gateway): raise health-monitor restart cap 2026-03-02 04:03:04 +00:00
Mark L
0f2dce0483 fix(agents): prioritize per-model thinking defaults (#30439) 
* fix(agents): honor per-model thinking defaults

* fix(agents): preserve thinking fallback with model defaults

---------

Co-authored-by: Mark L <73659136+markliuyuxiang@users.noreply.github.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
 2026-03-02 04:00:02 +00:00
Peter Steinberger
3fc19ed7d7 fix: harden feishu startup probe sequencing (#29941) (thanks @bmendonca3) 2026-03-02 03:59:23 +00:00
bmendonca3
abc7b6fbec Feishu: skip duplicate bot-info retries after preflight 2026-03-02 03:59:23 +00:00
bmendonca3
bdca44693c Feishu: serialize startup bot-info probes 2026-03-02 03:59:23 +00:00
Peter Steinberger
02b1958760 fix(feishu): suppress stale replay typing indicators (#30709) (thanks @arkyu2077) 2026-03-02 03:53:24 +00:00