negodiy/openclaw
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
15,321 Commits 1 Branch 0 Tags
f16ecd1dac5d052d4d6e3f841b8c21ad12da5228
Commit Graph

96 Commits

Author SHA1 Message Date
icesword0760
a509154be5 Feishu: send media payloads as attachments (openclaw#28959) thanks @icesword0760 
Verified:
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: icesword0760 <23316247+icesword0760@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-27 19:06:27 -06:00
Madoka
32ee2f0109 fix(feishu): break infinite typing-indicator retry loop on rate-limit / quota errors (openclaw#28494) thanks @guoqunabc 
Verified:
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: guoqunabc <9532020+guoqunabc@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-27 18:41:08 -06:00
Glucksberg
0e755ad99a fix(feishu): use msg_type "audio" for opus files instead of "media" (openclaw#28269) thanks @Glucksberg 
Verified:
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: Glucksberg <80581902+Glucksberg@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-27 18:23:19 -06:00
Glucksberg
60ef923051 fix(feishu): cache probeFeishu() results with 10-min TTL to reduce API calls (openclaw#28907) thanks @Glucksberg 
Verified:
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: Glucksberg <80581902+Glucksberg@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-27 18:15:28 -06:00
XuHao
56fa05838a feat(feishu): support Docx table create/write + image/file upload actions in feishu_doc (#20304) 
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-27 18:00:56 -06:00
OfflynAI
ad804b0356 fix(feishu): propagate mediaLocalRoots for local file sends (#27884) (openclaw#27928) thanks @joelnishanth 
Verified:
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: joelnishanth <140015627+joelnishanth@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-27 17:43:57 -06:00
zhoulc777
bf9585d056 PR: Feishu Plugin - Auto-grant document permissions to requesting user (openclaw#28295) thanks @zhoulongchao77 
Verified:
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: zhoulongchao77 <65058500+zhoulongchao77@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-27 17:34:18 -06:00
bmendonca3
f943c76cde security(feishu): bound unauthenticated webhook rate-limit state (openclaw#26050) thanks @bmendonca3 
Verified:
- pnpm install --frozen-lockfile
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: bmendonca3 <208517100+bmendonca3@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-27 13:22:24 -06:00
Peter Steinberger
c53b11dccd test: fix pairing/daemon assertion drift 2026-02-26 21:24:50 +00:00
Peter Steinberger
a0c5e28f3b refactor(extensions): use scoped pairing helper 2026-02-26 21:57:52 +01:00
Peter Steinberger
273973d374 refactor: unify typing dispatch lifecycle and policy boundaries 2026-02-26 17:36:16 +01:00
Peter Steinberger
37a138c554 fix: harden typing lifecycle and cross-channel suppression 2026-02-26 17:01:09 +01:00
Peter Steinberger
125dc322f5 refactor(feishu): unify account-aware tool routing and message body 2026-02-26 13:19:25 +01:00
Peter Steinberger
cf4853e2b8 fix: avoid duplicate feishu permission-error dispatch replies (#27381) (thanks @byungsker) 2026-02-26 12:03:41 +00:00
lbo728
736ec9690f fix(feishu): merge permission error notice into main dispatch instead of separate agent turn 
When the sender-name lookup fails with a Feishu permission error (code
99991672), the bot was dispatching two separate agent turns:

  1. A dedicated permission-error notification turn
  2. The regular inbound user message turn

This caused two bot replies for a single user message, degrading UX and
wasting tokens.

Fix: instead of a separate dispatch, append the permission error notice
directly to the main messageBody. The agent receives both the user's
message and the system notice in a single turn, and responds once.

Fixes #27372
 2026-02-26 12:03:41 +00:00
Peter Steinberger
d671d7a0a2 fix: preserve feishu message_id in agent-visible body (#27253) (thanks @xss925175263) 2026-02-26 12:02:00 +00:00
xianshishan
6d52b47076 feishu: send message_id in BodyForAgent (fix #27218) 2026-02-26 12:02:00 +00:00
咸士山 0668001391
db6c513d1e feishu: include message_id in agent message body (fix #27218) 2026-02-26 12:02:00 +00:00
Peter Steinberger
39b5ffdaa6 fix: route feishu doc tools by agent account context (#27338) (thanks @AaronL725) 2026-02-26 12:00:45 +00:00
root
58c100f66f fix(feishu): remove hook registration, fix docx getClient call 2026-02-26 12:00:45 +00:00
root
10d9549764 fix(feishu): fix hook types and docx client call 2026-02-26 12:00:45 +00:00
root
151ee6014a fix(feishu): route doc tools by agent account 
Previously feishu_doc always used accounts[0], so multi-account setups created docs under the first bot regardless of the calling agent.

This change resolves accountId via a before_tool_call hook (defaulting from agentAccountId) and selects the Feishu client per call.

Fixes #27321
 2026-02-26 12:00:45 +00:00
echoVic
d08dafb08f fix(feishu): bitable tools use listEnabledFeishuAccounts for multi-account mode (#27244) 
The bitable tool registration was reading credentials directly from
top-level feishuCfg.appId/appSecret, missing the accounts.* path used
in multi-account mode. Align with drive.ts and wiki.ts by using
listEnabledFeishuAccounts() which handles both legacy and multi-account
configurations.
 2026-02-26 11:56:18 +00:00
Peter Steinberger
53f9b7d4e7 fix(automation): harden announce delivery + cron coding profile (#25813 #25821 #25822) 
Co-authored-by: Shawn <shenghuikevin@shenghuideMac-mini.local>
Co-authored-by: 不做了睡大觉 <user@example.com>
Co-authored-by: Marcus Widing <widing.marcus@gmail.com>
 2026-02-24 23:49:34 +00:00
Shennan
a7518b7589 fix(feishu): pass parentPeer for topic session binding inheritance 
(cherry picked from commit bddeb1fd95d10cf18da9dca129b58828eae84cba)
 2026-02-24 04:33:51 +00:00
Peter Steinberger
75423a00d6 refactor: deduplicate shared helpers and test setup 2026-02-23 20:40:44 +00:00
Peter Steinberger
1bc5ba6e29 fix(feishu): prefer video file_key for inbound media 2026-02-22 19:21:42 +01:00
Peter Steinberger
95e85e627e fix(feishu): restore group command fallback and plugin deps 2026-02-22 19:13:19 +01:00
Peter Steinberger
4ed87a6672 fix(feishu): enforce id-only allowlist matching 2026-02-22 18:55:06 +01:00
Peter Steinberger
6dd36a6b77 refactor(channels): reuse runtime group policy helpers 2026-02-22 12:44:23 +01:00
Peter Steinberger
85e5ed3f78 refactor(channels): centralize runtime group policy handling 2026-02-22 12:35:41 +01:00
Peter Steinberger
5574eb6b35 fix(feishu): harden onboarding and webhook validation 2026-02-22 11:29:31 +00:00
Peter Steinberger
26763d1910 fix: resolve extension type errors and harden probe mocks 2026-02-22 12:25:58 +01:00
Peter Steinberger
777817392d fix: fail closed missing provider group policy across message channels (#23367) (thanks @bmendonca3) 2026-02-22 12:21:04 +01:00
Peter Steinberger
29e41d4c0a fix: land security audit severity + temp-path guard fixes (#23428) (thanks @bmendonca3) 2026-02-22 11:26:17 +01:00
Peter Steinberger
bf56196de3 fix: tighten feishu dedupe boundary (#23377) (thanks @SidQin-cyber) 2026-02-22 11:13:40 +01:00
SidQin-cyber
9e5e555ba3 fix(feishu): address dedup race condition, namespace isolation, and cache staleness 
- Prefix memoryCache keys with namespace to prevent cross-account false
  positives when different accounts receive the same message_id
- Add inflight tracking map to prevent TOCTOU race where concurrent
  async calls for the same message both pass the check and both proceed
- Remove expired-entry deletion from has() to avoid silent cache/disk
  divergence; actual cleanup happens probabilistically inside record()
- Add time-based cache invalidation (30s) to DedupStore.load() so
  external writes are eventually picked up
- Refresh cacheLoadedAt after flush() so we don't immediately re-read
  data we just wrote

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-22 11:13:40 +01:00
SidQin-cyber
9a8179fd59 feat(feishu): persistent message deduplication to prevent duplicate replies 
Closes #23369

Feishu may redeliver the same message during WebSocket reconnects or process
restarts.  The existing in-memory dedup map is lost on restart, so duplicates
slip through.

This adds a dual-layer dedup strategy:
- Memory cache (fast synchronous path, unchanged capacity)
- Filesystem store (~/.openclaw/feishu/dedup/) that survives restarts

TTL is extended from 30 min to 24 h.  Disk writes use atomic rename and
probabilistic cleanup to keep each per-account file under 10 k entries.
Disk errors are caught and logged — message handling falls back to
memory-only behaviour so it is never blocked.
 2026-02-22 11:13:40 +01:00
Peter Steinberger
73804abcec fix(feishu): avoid template tmpdir join in dedup state path (#23398) 2026-02-22 11:12:01 +01:00
Peter Steinberger
59807efa31 refactor(plugin-sdk): unify channel dedupe primitives 2026-02-22 10:46:34 +01:00
Peter Steinberger
0bd9f0d4ac fix: enforce strict allowlist across pairing stores (#23017) 2026-02-22 00:00:23 +01:00
Peter Steinberger
3d7ad1cfca fix(security): centralize owner-only tool gating and scope maps 2026-02-19 15:29:23 +01:00
Peter Steinberger
f4b288b8f7 refactor(feishu): dedupe mention regex escaping 2026-02-19 15:04:40 +01:00
Peter Steinberger
7426848913 test(feishu): add mention regex injection regressions 2026-02-19 14:51:41 +01:00
Jamie
7e67ab75cc fix(feishu): escape regex metacharacters in stripBotMention 
stripBotMention() passed mention.name and mention.key directly into
new RegExp() without escaping, allowing regex injection and ReDoS via
crafted Feishu mention metadata. extractMessageBody() in mention.ts
already escapes correctly — this applies the same pattern.

Ref: GHSA-c6hr-w26q-c636
 2026-02-19 14:51:41 +01:00
Peter Steinberger
0e85380e56 style: format files and fix safe-bins e2e typing 2026-02-19 14:26:12 +01:00
Peter Steinberger
ec232a9e2d refactor(security): harden temp-path handling for inbound media 2026-02-19 14:06:37 +01:00
Peter Steinberger
aa267812d3 test(security): add webhook hardening regressions 2026-02-19 13:31:28 +01:00
Peter Steinberger
a23e0d5140 fix(security): harden feishu and zalo webhook ingress 2026-02-19 13:31:27 +01:00
Peter Steinberger
cdb00fe242 fix(feishu): isolate temp download writes in mkdtemp dirs 2026-02-19 11:05:04 +01:00