negodiy/openclaw
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
11,223 Commits 1 Branch 0 Tags
bc65e787c81673de9a33f2f7c4e77edacfec61d7
Commit Graph

37 Commits

Author SHA1 Message Date
Peter Steinberger
75f33e92bf fix(web): disallow workspace-* roots without explicit localRoots 2026-02-15 19:40:27 +00:00
Mr. Guy
e927fd1e35 fix: allow agent workspace directories in media local roots (#17136) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 7545ef1e1901a5bfd33aaa55a2320e003ea39126
Co-authored-by: MisterGuy420 <255743668+MisterGuy420@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-02-15 10:53:45 -05:00
Peter Steinberger
683aa09b55 refactor(media): harden localRoots bypass (#16739) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 89dce69f5094bef7247b2510d27165e504cb820c
Co-authored-by: steipete <58493+steipete@users.noreply.github.com>
Co-authored-by: steipete <58493+steipete@users.noreply.github.com>
Reviewed-by: @steipete
 2026-02-15 03:27:01 +01:00
Vignesh Natarajan
9f368ac9e6 fix: media allowlist finalize (#16697) (thanks @tyler6204) 2026-02-14 17:46:36 -08:00
Tyler Yust
edb06170f5 fix(image): allow workspace and sandbox media paths (#15541) 2026-02-14 17:46:36 -08:00
Vignesh Natarajan
6863b9dbe1 Media: include state workspace/sandbox in local path allowlist 2026-02-14 17:10:53 -08:00
Marcus Castro
07850e8a93 fix(media): strip MEDIA: prefix in loadWebMediaInternal (#13107) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 9d95e6af5aad7fb18f0ab3f941a0043ec18ca604
Co-authored-by: mcaxtr <7562095+mcaxtr@users.noreply.github.com>
Co-authored-by: steipete <58493+steipete@users.noreply.github.com>
Reviewed-by: @steipete
 2026-02-14 21:41:26 +01:00
davidbors-snyk
29d7839582 fix: execute sandboxed file ops inside containers (#4026) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 795ec6aa2f311fcda6660876dbadb4ef356bc0ac
Co-authored-by: davidbors-snyk <240482518+davidbors-snyk@users.noreply.github.com>
Co-authored-by: steipete <58493+steipete@users.noreply.github.com>
Reviewed-by: @steipete
 2026-02-13 16:29:10 +01:00
buddyh
4baa43384a fix(media): guard local media reads + accept all path types in MEDIA directive 2026-02-11 15:01:18 -08:00
Peter Steinberger
81c68f582d fix: guard remote media fetches with SSRF checks 2026-02-02 04:07:29 -08:00
David Iach
4e4ed2ea17 fix(security): cap Slack media downloads and validate Slack file URLs (#6639) 
* Security: cap Slack media downloads and validate Slack file URLs

* Security: relax web media fetch cap for compression

* Fixes: sync pi-coding-agent options

* Fixes: align system prompt override type

* Slack: clarify fetchImpl assumptions

* fix: respect raw media fetch cap (#6639) (thanks @davidiach)

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
 2026-02-02 00:48:07 -08:00
cpojer
f06dd8df06 chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts. 2026-02-01 10:03:47 +09:00
cpojer
5ceff756e1 chore: Enable "curly" rule to avoid single-statement if confusion/errors. 2026-01-31 16:19:20 +09:00
cpojer
15792b153f chore: Enable more lint rules, disable some that trigger a lot. Will clean up later. 2026-01-31 16:04:04 +09:00
Peter Steinberger
350131b4d7 fix: improve web image optimization 2026-01-24 01:18:58 +00:00
Peter Steinberger
e817c0cee5 fix: preserve PNG alpha fallback (#1491) (thanks @robbyczgw-cla) 2026-01-23 08:45:50 +00:00
Robby
e634791585 fix(media): preserve alpha channel for transparent PNGs (#1473) 2026-01-23 08:43:01 +00:00
Peter Steinberger
0f7f7bb95f fix: msteams attachments + plugin prompt hints 
Co-authored-by: Christof <10854026+Evizero@users.noreply.github.com>
 2026-01-22 03:37:29 +00:00
Tyler Yust
199fef2a5e feat: enhance BlueBubbles group message handling by adding account-specific logging and improving typing signal conditions 2026-01-20 12:07:54 +00:00
Tyler Yust
14a072f5fa feat: add support for setting group icons in BlueBubbles, enhancing group management capabilities 2026-01-20 12:07:54 +00:00
Peter Steinberger
65bed815a8 fix: resolve ci failures 2026-01-18 08:45:29 +00:00
Tyler Yust
ddcc05f5f4 fix: improve error handling for file URL processing 
- Enhanced error handling in image reference detection to skip malformed file URLs without crashing.
- Updated media loading logic to throw an error for invalid file URLs, ensuring better feedback for users.
 2026-01-18 08:15:21 +00:00
Tyler Yust
8c0e290db1 fix: enhance image reference detection and optimize image processing 
- Added support for detecting file URLs in prompts using fileURLToPath for accurate path resolution.
- Updated image loading logic to default to JPEG format for optimized image processing.
- Improved error handling in image optimization to continue processing on failures.
 2026-01-18 08:15:21 +00:00
Tyler Yust
7bfc77db25 fix: improve file URL handling and enhance image loading logic 
- Added handling for file URLs using fileURLToPath for proper resolution.
- Updated logic to skip relative path resolution if ref.resolved is already absolute.
- Enhanced cap calculation for image loading to handle undefined maxBytes more gracefully.
 2026-01-18 08:15:21 +00:00
Peter Steinberger
c379191f80 chore: migrate to oxlint and oxfmt 
Co-authored-by: Christoph Nakazawa <christoph.pojer@gmail.com>
 2026-01-14 15:02:19 +00:00
Peter Steinberger
f28a4a34ad refactor: unify inline directives and media fetch 2026-01-10 03:01:04 +01:00
Peter Steinberger
4075895c4c refactor: consolidate reply/media helpers 2026-01-10 02:41:16 +01:00
Peter Steinberger
60b282cf1d fix: improve web media fetch errors 2026-01-09 07:09:15 +00:00
Peter Steinberger
cc0ef4d012 fix(telegram): improve gif handling 2026-01-06 02:22:19 +00:00
Shadow
3a28e3562c Discord: tools for uploading emojis and stickers! 2026-01-03 21:20:01 -06:00
Peter Steinberger
bb54e60179 fix(logging): decouple file logs from console verbose 2026-01-03 12:32:14 +00:00
Peter Steinberger
76e24653e9 fix(media): preserve GIF animation, skip JPEG optimization 
- Skip JPEG optimization for image/gif content type (both local and URL)
- Preserves animation in uploaded GIFs to Discord/other providers
- Added tests for GIF preservation from local files and URLs
- Updated changelog
 2026-01-02 00:56:04 +00:00
Peter Steinberger
36c85a617a fix: use file-type for mime sniffing 2025-12-20 19:13:50 +01:00
Peter Steinberger
bb7f4abd4b feat(gateway): support bun-compiled embedded gateway 2025-12-19 19:21:26 +01:00
Peter Steinberger
b172b538fc perf(pi): reuse tau rpc for command auto-replies 2025-12-02 20:09:51 +00:00
Peter Steinberger
7d6a4f5204 fix(media): sniff mime and keep extensions 2025-11-28 08:07:53 +01:00
Peter Steinberger
4dd2f3b7f7 refactor(web): split provider module 2025-11-26 01:16:54 +01:00