negodiy/openclaw
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
13,225 Commits 1 Branch 0 Tags
cc2ff689477d0dff057f445a3527d6433ca20dec
Commit Graph

21 Commits

Author SHA1 Message Date
Peter Steinberger
cc2ff68947 test: optimize gateway infra memory and security coverage 2026-02-21 21:44:50 +00:00
Peter Steinberger
947e11c33a test(gateway): dedupe agent payload and stream fixtures 2026-02-19 09:22:16 +00:00
cpojer
e02feaff83 chore: Fix types in tests 11/N. 2026-02-17 11:22:49 +09:00
Peter Steinberger
93ca0ed54f refactor(channels): dedupe transport and gateway test scaffolds 2026-02-16 14:59:31 +00:00
Peter Steinberger
8ba16a894f refactor(test): reuse withGatewayServer in auth/http suites 2026-02-15 23:06:34 +00:00
Harald Buerbaumer
30b6eccae5 feat(gateway): add auth rate-limiting & brute-force protection (#15035) 
* feat(gateway): add auth rate-limiting & brute-force protection

Add a per-IP sliding-window rate limiter to Gateway authentication
endpoints (HTTP, WebSocket upgrade, and WS message-level auth).

When gateway.auth.rateLimit is configured, failed auth attempts are
tracked per client IP. Once the threshold is exceeded within the
sliding window, further attempts are blocked with HTTP 429 + Retry-After
until the lockout period expires. Loopback addresses are exempt by
default so local CLI sessions are never locked out.

The limiter is only created when explicitly configured (undefined
otherwise), keeping the feature fully opt-in and backward-compatible.

* fix(gateway): isolate auth rate-limit scopes and normalize 429 responses

---------

Co-authored-by: buerbaumer <buerbaumer@users.noreply.github.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
 2026-02-13 15:32:38 +01:00
cpojer
f06dd8df06 chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts. 2026-02-01 10:03:47 +09:00
Peter Steinberger
9a7160786a refactor: rename to openclaw 2026-01-30 03:16:21 +01:00
Peter Steinberger
6d16a658e5 refactor: rename clawdbot to moltbot with legacy compat 2026-01-27 12:21:02 +00:00
Peter Steinberger
c7ca312f97 test(gateway): consolidate server suites for speed 2026-01-23 06:22:09 +00:00
Peter Steinberger
64be2b2cd1 test: speed up gateway suite setup 2026-01-23 04:28:02 +00:00
Peter Steinberger
94af5a72fc fix: prevent duplicate agent event emission 2026-01-20 09:25:20 +00:00
Peter Steinberger
ba2514fc4c fix: stabilize windows test timeouts 2026-01-19 12:35:58 +00:00
Peter Steinberger
9e06d945a2 fix: stabilize gateway tests on windows 2026-01-19 12:12:51 +00:00
Peter Steinberger
ac1b2d8c40 chore(gate): fix lint and protocol 2026-01-18 06:31:02 +00:00
Peter Steinberger
436c5fd751 fix(openai-http): reuse history markers for chat prompts 
Co-authored-by: Andrew Lauppe <andy@t5tele.com>
 2026-01-18 06:07:59 +00:00
Peter Steinberger
c379191f80 chore: migrate to oxlint and oxfmt 
Co-authored-by: Christoph Nakazawa <christoph.pojer@gmail.com>
 2026-01-14 15:02:19 +00:00
Peter Steinberger
1c257f170a Gateway: disable OpenAI HTTP chat completions by default (#686) 
* feat(gateway): disable OpenAI chat completions HTTP by default

* test(gateway): deflake mock OpenAI tool-calling

* docs(changelog): note OpenAI HTTP endpoint default-off
 2026-01-10 21:55:54 +00:00
Peter Steinberger
1110d96769 feat(gateway): add config toggle for chat completions endpoint 2026-01-10 22:39:06 +01:00
Peter Steinberger
6546a1a23a feat(gateway): allow agent via model 2026-01-10 22:11:12 +01:00
Peter Steinberger
dafa8a2881 feat(gateway): add OpenAI-compatible HTTP endpoint 2026-01-10 22:11:04 +01:00