Gustavo Madeira Santana
dda86af866
Extensions: migrate zalo plugin-sdk imports
2026-03-04 01:21:30 -05:00
Josh Avant
806803b7ef
feat(secrets): expand SecretRef coverage across user-supplied credentials ( #29580 )
...
* feat(secrets): expand secret target coverage and gateway tooling
* docs(secrets): align gateway and CLI secret docs
* chore(protocol): regenerate swift gateway models for secrets methods
* fix(config): restore talk apiKey fallback and stabilize runner test
* ci(windows): reduce test worker count for shard stability
* ci(windows): raise node heap for test shard stability
* test(feishu): make proxy env precedence assertion windows-safe
* fix(gateway): resolve auth password SecretInput refs for clients
* fix(gateway): resolve remote SecretInput credentials for clients
* fix(secrets): skip inactive refs in command snapshot assignments
* fix(secrets): scope gateway.remote refs to effective auth surfaces
* fix(secrets): ignore memory defaults when enabled agents disable search
* fix(secrets): honor Google Chat serviceAccountRef inheritance
* fix(secrets): address tsgo errors in command and gateway collectors
* fix(secrets): avoid auth-store load in providers-only configure
* fix(gateway): defer local password ref resolution by precedence
* fix(secrets): gate telegram webhook secret refs by webhook mode
* fix(secrets): gate slack signing secret refs to http mode
* fix(secrets): skip telegram botToken refs when tokenFile is set
* fix(secrets): gate discord pluralkit refs by enabled flag
* fix(secrets): gate discord voice tts refs by voice enabled
* test(secrets): make runtime fixture modes explicit
* fix(cli): resolve local qr password secret refs
* fix(cli): fail when gateway leaves command refs unresolved
* fix(gateway): fail when local password SecretRef is unresolved
* fix(gateway): fail when required remote SecretRefs are unresolved
* fix(gateway): resolve local password refs only when password can win
* fix(cli): skip local password SecretRef resolution on qr token override
* test(gateway): cast SecretRef fixtures to OpenClawConfig
* test(secrets): activate mode-gated targets in runtime coverage fixture
* fix(cron): support SecretInput webhook tokens safely
* fix(bluebubbles): support SecretInput passwords across config paths
* fix(msteams): make appPassword SecretInput-safe in onboarding/token paths
* fix(bluebubbles): align SecretInput schema helper typing
* fix(cli): clarify secrets.resolve version-skew errors
* refactor(secrets): return structured inactive paths from secrets.resolve
* refactor(gateway): type onboarding secret writes as SecretInput
* chore(protocol): regenerate swift models for secrets.resolve
* feat(secrets): expand extension credential secretref support
* fix(secrets): gate web-search refs by active provider
* fix(onboarding): detect SecretRef credentials in extension status
* fix(onboarding): allow keeping existing ref in secret prompt
* fix(onboarding): resolve gateway password SecretRefs for probe and tui
* fix(onboarding): honor secret-input-mode for local gateway auth
* fix(acp): resolve gateway SecretInput credentials
* fix(secrets): gate gateway.remote refs to remote surfaces
* test(secrets): cover pattern matching and inactive array refs
* docs(secrets): clarify secrets.resolve and remote active surfaces
* fix(bluebubbles): keep existing SecretRef during onboarding
* fix(tests): resolve CI type errors in new SecretRef coverage
* fix(extensions): replace raw fetch with SSRF-guarded fetch
* test(secrets): mark gateway remote targets active in runtime coverage
* test(infra): normalize home-prefix expectation across platforms
* fix(cli): only resolve local qr password refs in password mode
* test(cli): cover local qr token mode with unresolved password ref
* docs(cli): clarify local qr password ref resolution behavior
* refactor(extensions): reuse sdk SecretInput helpers
* fix(wizard): resolve onboarding env-template secrets before plaintext
* fix(cli): surface secrets.resolve diagnostics in memory and qr
* test(secrets): repair post-rebase runtime and fixtures
* fix(gateway): skip remote password ref resolution when token wins
* fix(secrets): treat tailscale remote gateway refs as active
* fix(gateway): allow remote password fallback when token ref is unresolved
* fix(gateway): ignore stale local password refs for none and trusted-proxy
* fix(gateway): skip remote secret ref resolution on local call paths
* test(cli): cover qr remote tailscale secret ref resolution
* fix(secrets): align gateway password active-surface with auth inference
* fix(cli): resolve inferred local gateway password refs in qr
* fix(gateway): prefer resolvable remote password over token ref pre-resolution
* test(gateway): cover none and trusted-proxy stale password refs
* docs(secrets): sync qr and gateway active-surface behavior
* fix: restore stability blockers from pre-release audit
* Secrets: fix collector/runtime precedence contradictions
* docs: align secrets and web credential docs
* fix(rebase): resolve integration regressions after main rebase
* fix(node-host): resolve gateway secret refs for auth
* fix(secrets): harden secretinput runtime readers
* gateway: skip inactive auth secretref resolution
* cli: avoid gateway preflight for inactive secret refs
* extensions: allow unresolved refs in onboarding status
* tests: fix qr-cli module mock hoist ordering
* Security: align audit checks with SecretInput resolution
* Gateway: resolve local-mode remote fallback secret refs
* Node host: avoid resolving inactive password secret refs
* Secrets runtime: mark Slack appToken inactive for HTTP mode
* secrets: keep inactive gateway remote refs non-blocking
* cli: include agent memory secret targets in runtime resolution
* docs(secrets): sync docs with active-surface and web search behavior
* fix(secrets): keep telegram top-level token refs active for blank account tokens
* fix(daemon): resolve gateway password secret refs for probe auth
* fix(secrets): skip IRC NickServ ref resolution when NickServ is disabled
* fix(secrets): align token inheritance and exec timeout defaults
* docs(secrets): clarify active-surface notes in cli docs
* cli: require secrets.resolve gateway capability
* gateway: log auth secret surface diagnostics
* secrets: remove dead provider resolver module
* fix(secrets): restore gateway auth precedence and fallback resolution
* fix(tests): align plugin runtime mock typings
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com >
2026-03-03 02:58:20 +00:00
Peter Steinberger
7a7eee920a
refactor(gateway): harden plugin http route contracts
2026-03-02 16:48:00 +00:00
Peter Steinberger
2fd8264ab0
refactor(gateway): hard-break plugin wildcard http handlers
2026-03-02 16:24:06 +00:00
Peter Steinberger
b13d48987c
refactor(gateway): unify control-ui and plugin webhook routing
2026-03-02 16:18:12 +00:00
bmendonca3
f39882d57e
zalo: update pairing-store read assertion to scoped params object
2026-03-02 15:38:36 +00:00
bmendonca3
6b7d3fb011
security(zalo): scope pairing store by account
2026-03-02 15:38:36 +00:00
David Friedland
dd3f7d57ee
sendPayload: add chunking, empty-payload guard, and tests
2026-03-02 15:35:47 +00:00
David Friedland
47ef180fb7
sendPayload: explicit text fallback in text-only path
2026-03-02 15:35:47 +00:00
David Friedland
ebe54e6903
fix(adapters): restructure sendPayload media loop to avoid uninitialized lastResult
2026-03-02 15:35:47 +00:00
David Friedland
d06ee86292
feat(adapters): add sendPayload to batch-d adapters
2026-03-02 15:35:47 +00:00
Peter Steinberger
44c50d9a73
fix(types): tighten shared helper typing contracts
2026-03-02 15:21:19 +00:00
Peter Steinberger
ed21b63bb8
refactor(plugin-sdk): share auth, routing, and stream/account helpers
2026-03-02 15:21:19 +00:00
Peter Steinberger
ad8d766f65
refactor(extensions): dedupe channel config, onboarding, and monitors
2026-03-02 08:54:20 +00:00
Peter Steinberger
41537e9303
fix(channels): add optional defaultAccount routing
2026-03-02 04:03:46 +00:00
Peter Steinberger
3a68c56264
refactor(security): unify webhook guardrails across channels
2026-03-02 00:31:42 +00:00
Peter Steinberger
43cad8268d
fix(security): harden webhook memory guards across channels
2026-03-02 00:12:05 +00:00
Clawborn
10f1be1072
fix(feishu): replace console.log with runtime log for typing indicator errors (openclaw#18841) thanks @Clawborn
...
Verified:
- pnpm install --frozen-lockfile
- pnpm build
- pnpm check
- pnpm test:macmini
Co-authored-by: Clawborn <135319479+Clawborn@users.noreply.github.com >
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com >
2026-02-27 22:57:16 -06:00
Peter Steinberger
a0c5e28f3b
refactor(extensions): use scoped pairing helper
2026-02-26 21:57:52 +01:00
Peter Steinberger
64de4b6d6a
fix: enforce explicit group auth boundaries across channels
2026-02-26 18:49:16 +01:00
Peter Steinberger
453664f09d
refactor(zalo): split monitor access and webhook logic
2026-02-24 23:40:51 +00:00
Peter Steinberger
b4010a0b62
fix(zalo): enforce group sender policy in groups
2026-02-24 23:30:43 +00:00
Peter Steinberger
0183610db3
refactor: de-duplicate channel runtime and payload helpers
2026-02-23 21:25:28 +00:00
Peter Steinberger
5c7ab8eae3
test(zalo): broaden webhook monitor coverage
2026-02-22 11:29:31 +00:00
Peter Steinberger
59807efa31
refactor(plugin-sdk): unify channel dedupe primitives
2026-02-22 10:46:34 +01:00
Peter Steinberger
73d93dee64
fix: enforce inbound media max-bytes during remote fetch
2026-02-21 23:02:29 +01:00
Peter Steinberger
283029bdea
refactor(security): unify webhook auth matching paths
2026-02-21 11:52:34 +01:00
Peter Steinberger
aa267812d3
test(security): add webhook hardening regressions
2026-02-19 13:31:28 +01:00
Peter Steinberger
a23e0d5140
fix(security): harden feishu and zalo webhook ingress
2026-02-19 13:31:27 +01:00
Peter Steinberger
b8b43175c5
style: align formatting with oxfmt 0.33
2026-02-18 01:34:35 +00:00
Peter Steinberger
31f9be126c
style: run oxfmt and fix gate failures
2026-02-18 01:29:02 +00:00
cpojer
d0cb8c19b2
chore: wtf.
2026-02-17 13:36:48 +09:00
Sebastian
ed11e93cf2
chore(format)
2026-02-16 23:20:16 -05:00
Sebastian
ca19745fa2
Revert "channels: migrate extension account listing to factory"
...
This reverts commit d24340d75b
2026-02-16 23:17:13 -05:00
cpojer
72f00df95a
chore: Fix more extension test type 1/N.
2026-02-17 10:14:01 +09:00
cpojer
90ef2d6bdf
chore: Update formatting.
2026-02-17 09:18:40 +09:00
Peter Steinberger
94e4631171
refactor(onboarding): simplify zalo allowFrom merge paths
2026-02-16 23:47:57 +00:00
Peter Steinberger
7632e60d70
refactor(onboarding): reuse allowFrom merge helper in extensions
2026-02-16 23:47:57 +00:00
yinghaosang
d24340d75b
channels: migrate extension account listing to factory
2026-02-16 23:53:19 +01:00
Peter Steinberger
544ffbcf7b
refactor(extensions): dedupe connector helper usage
2026-02-16 14:59:30 +00:00
Peter Steinberger
00e63da336
refactor(webhooks): reuse plugin-sdk webhook path helpers
2026-02-15 19:37:40 +00:00
Shadow
c6b3736fe7
fix: dedupe probe/token base types ( #16986 ) (thanks @iyoda)
2026-02-15 11:36:54 -06:00
Peter Steinberger
56bc9b5058
refactor(zalo): share outbound chunker
2026-02-15 01:15:43 +00:00
Peter Steinberger
188c4cd076
fix(security): reject ambiguous webhook target matches
2026-02-14 17:28:28 +01:00
Peter Steinberger
6543ce717c
perf(test): avoid plugin-sdk barrel imports
2026-02-14 12:42:19 +00:00
Peter Steinberger
3cbcba10cf
fix(security): enforce bounded webhook body handling
2026-02-13 19:14:54 +01:00
Peter Steinberger
53273b490b
fix(auto-reply): prevent sender spoofing in group prompts
2026-02-10 00:44:38 -06:00
max
40b11db80e
TypeScript: add extensions to tsconfig and fix type errors ( #12781 )
...
* TypeScript: add extensions to tsconfig and fix type errors
- Add extensions/**/* to tsconfig.json includes
- Export ProviderAuthResult, AnyAgentTool from plugin-sdk
- Fix optional chaining for messageActions across channels
- Add missing type imports (MSTeamsConfig, GroupPolicy, etc.)
- Add type annotations for provider auth handlers
- Fix undici/fetch type compatibility in zalo proxy
- Correct ChannelAccountSnapshot property usage
- Add type casts for tool registrations
- Extract usage view styles and types to separate files
* TypeScript: fix optional debug calls and handleAction guards
2026-02-09 10:05:38 -08:00
max
223eee0a20
refactor: unify peer kind to ChatType, rename dm to direct ( #11881 )
...
* fix: use .js extension for ESM imports of RoutePeerKind
The imports incorrectly used .ts extension which doesn't resolve
with moduleResolution: NodeNext. Changed to .js and added 'type'
import modifier.
* fix tsconfig
* refactor: unify peer kind to ChatType, rename dm to direct
- Replace RoutePeerKind with ChatType throughout codebase
- Change 'dm' literal values to 'direct' in routing/session keys
- Keep backward compat: normalizeChatType accepts 'dm' -> 'direct'
- Add ChatType export to plugin-sdk, deprecate RoutePeerKind
- Update session key parsing to accept both 'dm' and 'direct' markers
- Update all channel monitors and extensions to use ChatType
BREAKING CHANGE: Session keys now use 'direct' instead of 'dm'.
Existing 'dm' keys still work via backward compat layer.
* fix tests
* test: update session key expectations for dmdirect migration
- Fix test expectations to expect :direct: in generated output
- Add explicit backward compat test for normalizeChatType('dm')
- Keep input test data with :dm: keys to verify backward compat
* fix: accept legacy 'dm' in session key parsing for backward compat
getDmHistoryLimitFromSessionKey now accepts both :dm: and :direct:
to ensure old session keys continue to work correctly.
* test: add explicit backward compat tests for dmdirect migration
- session-key.test.ts: verify both :dm: and :direct: keys are valid
- getDmHistoryLimitFromSessionKey: verify both formats work
* feat: backward compat for resetByType.dm config key
* test: skip unix-path Nix tests on Windows
2026-02-09 09:20:52 +09:00
mudrii
5d82c82313
feat: per-channel responsePrefix override ( #9001 )
...
* feat: per-channel responsePrefix override
Add responsePrefix field to all channel config types and Zod schemas,
enabling per-channel and per-account outbound response prefix overrides.
Resolution cascade (most specific wins):
L1: channels.<ch>.accounts.<id>.responsePrefix
L2: channels.<ch>.responsePrefix
L3: (reserved for channels.defaults)
L4: messages.responsePrefix (existing global)
Semantics:
- undefined -> inherit from parent level
- empty string -> explicitly no prefix (stops cascade)
- "auto" -> derive [identity.name] from routed agent
Changes:
- Core logic: resolveResponsePrefix() in identity.ts accepts
optional channel/accountId and walks the cascade
- resolveEffectiveMessagesConfig() passes channel context through
- Types: responsePrefix added to WhatsApp, Telegram, Discord, Slack,
Signal, iMessage, Google Chat, MS Teams, Feishu, BlueBubbles configs
- Zod schemas: responsePrefix added for config validation
- All channel handlers wired: telegram, discord, slack, signal,
imessage, line, heartbeat runner, route-reply, native commands
- 23 new tests covering backward compat, channel/account levels,
full cascade, auto keyword, empty string stops, unknown fallthrough
Fully backward compatible - no existing config is affected.
Fixes #8857
* fix: address CI lint + review feedback
- Replace Record<string, any> with proper typed helpers (no-explicit-any)
- Add curly braces to single-line if returns (eslint curly)
- Fix JSDoc: 'Per-channel' → 'channel/account' on shared config types
- Extract getChannelConfig() helper for type-safe dynamic key access
* fix: finish responsePrefix overrides (#9001 ) (thanks @mudrii)
* fix: normalize prefix wiring and types (#9001 ) (thanks @mudrii)
---------
Co-authored-by: Gustavo Madeira Santana <gumadeiras@gmail.com >
2026-02-04 16:16:34 -05:00
