tqcq/openclaw
0
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-02-19 08:37:27 +00:00
Code Issues Packages Projects Releases Wiki Activity
9,921 Commits 397 Branches 54 Tags
docs/trusted-proxy-auth-nav
Commit Graph

9921 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Peter Steinberger
05c1e56da2 fix(infra): harden tmp dir selection 2026-02-14 13:32:12 +01:00
Peter Steinberger
9f7446210c refactor(browser): centralize upload path confinement 2026-02-14 13:32:12 +01:00
Peter Steinberger
04e7da5056 docs(browser): update upload example path 2026-02-14 13:32:12 +01:00
Peter Steinberger
ca70bb67bf test(browser): cover absolute escape paths 2026-02-14 13:32:12 +01:00
Peter Steinberger
8779ad7f98 chore(lint): avoid control regex in download sanitizer 2026-02-14 13:32:12 +01:00
Peter Steinberger
eec5dd898e fix(browser): sanitize suggested download filenames 2026-02-14 13:32:12 +01:00
Peter Steinberger
1e94fce22f fix(browser): confine upload paths for file chooser 2026-02-14 13:32:12 +01:00
Peter Steinberger
a2b45e1c13 fix(gateway): relax http tool deny typing 2026-02-14 13:30:05 +01:00
Aldo
7b39543e8d fix(reply): honour explicit [[reply_to_*]] tags when replyToMode is off (#16174) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 778fc2559a
Co-authored-by: aldoeliacim <17973757+aldoeliacim@users.noreply.github.com>
Co-authored-by: steipete <58493+steipete@users.noreply.github.com>
Reviewed-by: @steipete
 2026-02-14 13:29:42 +01:00
Peter Steinberger
0af76f5f0e refactor(gateway): centralize node.invoke param sanitization 2026-02-14 13:27:45 +01:00
Peter Steinberger
c15946274e fix(gateway): allowlist system.run params 2026-02-14 13:27:45 +01:00
Peter Steinberger
a7af646fdf fix(gateway): bind approval ids to device identity 2026-02-14 13:27:45 +01:00
Peter Steinberger
318379cdba fix(gateway): bind system.run approvals to exec approvals 2026-02-14 13:27:45 +01:00
Peter Steinberger
233483d2b9 refactor(security): centralize dangerous tool lists 2026-02-14 13:27:05 +01:00
Peter Steinberger
0cfea46293 fix: wire minimax-api-key-cn onboarding (#15191) (thanks @liuy) 2026-02-14 13:25:54 +01:00
Liu Yuan
9bb099736b feat: add minimax-api-key-cn option for China API endpoint 
- Add 'minimax-api-key-cn' auth choice for Chinese users
- Reuse existing --minimax-api-key CLI option
- Use MINIMAX_CN_API_BASE_URL (https://api.minimaxi.com/anthropic)
- Similar to how moonshot supports moonshot-api-key-cn

Tested: build , check , test
2026-02-14 13:25:54 +01:00
Peter Steinberger
586176730c perf(gateway): optimize sessions/ws/routing 2026-02-14 12:21:44 +00:00
Peter Steinberger
c90b3e4d5e perf(cli): speed up startup 2026-02-14 12:21:44 +00:00
Peter Steinberger
a7a08b6650 test(gateway): cover tools allow/deny precedence 2026-02-14 13:18:49 +01:00
Peter Steinberger
153a7644ea fix(acp): tighten safe kind inference 2026-02-14 13:18:49 +01:00
Peter Steinberger
eb4215d570 perf(test): speed up Vitest bootstrap 2026-02-14 12:13:27 +00:00
Mariano Belinky
626a225c08 docs: fix merge-pr comment variable expansion 2026-02-14 12:07:00 +00:00
Nicholas
f8ba8f7699 fix(docs): update outdated hooks documentation URLs (#16165) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 8ed13fb02f
Co-authored-by: nicholascyh <188132635+nicholascyh@users.noreply.github.com>
Co-authored-by: steipete <58493+steipete@users.noreply.github.com>
Reviewed-by: @steipete
 2026-02-14 13:05:37 +01:00
Mariano
01d2ad2050 docs: harden maintainer and advisory workflow (#16173) 2026-02-14 11:59:19 +00:00
Peter Steinberger
79e78cff3b docs(changelog): thank reporter for ACP hardening 2026-02-14 12:54:47 +01:00
Peter Steinberger
bb1c3dfe10 fix(acp): prompt for non-read/search permissions 2026-02-14 12:53:27 +01:00
Peter Steinberger
9e24eee52c docs(changelog): note audit warning for gateway tools override 2026-02-14 12:48:48 +01:00
Peter Steinberger
539689a2f2 feat(security): warn when gateway.tools.allow re-enables dangerous HTTP tools 2026-02-14 12:48:02 +01:00
Peter Steinberger
fba19fe942 docs: link trusted-proxy auth from gateway docs (#16172) 2026-02-14 12:44:25 +01:00
Peter Steinberger
3b56a6252b chore!: remove moltbot legacy state/config support 2026-02-14 12:40:47 +01:00
Peter Steinberger
e21a7aad54 docs: recommend loopback-only gateway bind 2026-02-14 12:36:32 +01:00
Nick Taylor
1fb52b4d7b feat(gateway): add trusted-proxy auth mode (#15940) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 279d4b304f
Co-authored-by: nickytonline <833231+nickytonline@users.noreply.github.com>
Co-authored-by: steipete <58493+steipete@users.noreply.github.com>
Reviewed-by: @steipete
 2026-02-14 12:32:17 +01:00
Artale
3a330e681b fix(feishu): remove typing indicator on NO_REPLY cleanup (openclaw#15508) thanks @arosstale 
Verified:
- pnpm build
- pnpm check
- pnpm test

Co-authored-by: arosstale <117890364+arosstale@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-14 05:24:27 -06:00
Peter Steinberger
6182d3ef85 test: increase live-model retry token budget for reasoning-first providers 2026-02-14 12:23:51 +01:00
Pejman Pour-Moezzi
9475791d98 fix: update remaining replyToMode "first" defaults to "off" 
- src/channels/dock.ts: core channel dock fallback
- src/auto-reply/reply/reply-routing.test.ts: test expectation
- docs/zh-CN/channels/telegram.md: Chinese docs reference

Comprehensive grep confirms no remaining Telegram-specific "first"
defaults after this commit.
 2026-02-13 23:31:17 -08:00
Pejman Pour-Moezzi
c17a109daa fix: align extension plugin and docs with new replyToMode default 
Update the Telegram extension channel plugin fallback and documentation
to reflect the new "off" default, as flagged by Greptile review.
 2026-02-13 23:31:17 -08:00
Pejman Pour-Moezzi
ad96c126ed fix(telegram): change default replyToMode from "first" to "off" 
In 2026.2.13, the combination of implicit reply threading (#14976) and
the existing Telegram default replyToMode="first" causes every bot
response in DMs to be sent as a native Telegram reply (quoted message
bubble), even for simple exchanges like "Hi" → "Hey".

This is a UX regression: prior to 2026.2.13, reply threading was less
consistent so the "first" default rarely produced visible quote bubbles
in DMs. Now that implicit threading works reliably, the default
effectively means every first message in a response gets quoted —
which feels noisy and unexpected in 1:1 conversations.

Changing the default to "off" restores the pre-2026.2.13 DM experience.
Users who want reply threading can still opt in via config:

  channels.telegram.replyToMode: "first" | "all"

Tested by toggling replyToMode on a live 2026.2.13 instance:
- replyToMode="first" → every response quotes the user message
- replyToMode="off" → clean responses without quote bubbles

No test changes needed: existing tests explicitly set replyToMode
rather than relying on the default.
 2026-02-13 23:31:17 -08:00
Vignesh Natarajan
4c79a63eb8 fix: default QMD search mode (#16047) (thanks @togotago) 2026-02-13 23:14:34 -08:00
vignesh07
e38ed4f640 fix(memory): default qmd searchMode to search + scope search/vsearch to collections 2026-02-13 23:14:34 -08:00
Peter Steinberger
a50638eead perf(test): disable vector index in OpenAI batch tests 2026-02-14 05:25:40 +00:00
Peter Steinberger
0e5e72edb4 perf(test): shrink memory embedding batch fixtures 2026-02-14 05:25:40 +00:00
Peter Steinberger
98bb4225fd perf(test): minimize gateway startup in vitest 2026-02-14 05:25:40 +00:00
Peter Steinberger
db72184de6 perf(test): speed up Matrix send tests 2026-02-14 05:25:40 +00:00
Tyler Yust
45e12d2388 bluebubbles: gracefully handle disabled private API with action/tool filtering and fallbacks (#16002) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 243cc0cc9a
Co-authored-by: tyler6204 <243?+tyler6204@users.noreply.github.com>
Co-authored-by: tyler6204 <64381258+tyler6204@users.noreply.github.com>
Reviewed-by: @tyler6204
 2026-02-13 21:15:56 -08:00
Peter Steinberger
d8beddc8b7 refactor(onboard): unify auth-choice aliases and provider flags 2026-02-14 05:58:26 +01:00
Peter Steinberger
2f4cef2021 perf(test): remove last-route polling in partial reply gating 2026-02-14 04:57:28 +00:00
Peter Steinberger
4335668d28 chore(test): fix cron every-jobs-fire unused import 2026-02-14 04:57:28 +00:00
Peter Steinberger
e6d5b5fb11 perf(test): remove slow port inspection and reconnect sleeps 2026-02-14 04:57:28 +00:00
Peter Steinberger
1f432ffb93 docs(changelog): clarify Hugging Face support in 2026.2.13 2026-02-14 05:51:52 +01:00
Peter Steinberger
eab9dc538a refactor(onboard): unify auth-choice catalog for CLI help 2026-02-14 05:51:17 +01:00