admin/Moltbot
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
15,066 Commits 1 Branch 0 Tags
5e3a86fd2f3eb4cb5fca3077d0ad490e8405f9ba
Commit Graph

9554 Commits

Author SHA1 Message Date
joshavant
5e3a86fd2f feat(secrets): expand onboarding secret-ref flows and custom-provider parity 2026-02-26 14:47:22 +00:00
joshavant
e8637c79b3 fix(secrets): harden sops migration sops rule matching 2026-02-26 14:47:22 +00:00
joshavant
0e69660c41 feat(secrets): finalize external secrets runtime and migration hardening 2026-02-26 14:47:22 +00:00
joshavant
cb119874dc Onboard: require explicit mode for env secret refs 2026-02-26 14:47:22 +00:00
joshavant
4d94b05ac5 Secrets: keep read-only runtime sync in-memory 2026-02-26 14:47:22 +00:00
joshavant
13b4993289 Onboard non-interactive: avoid rewriting profile-backed keys 2026-02-26 14:47:22 +00:00
joshavant
59e5f12bf9 Onboard: move volcengine/byteplus auth from .env to profiles 2026-02-26 14:47:22 +00:00
joshavant
2ef109f00a Onboard OpenAI: explicit secret-input-mode behavior 2026-02-26 14:47:22 +00:00
joshavant
e8d1725187 Onboard auth: remove leftover merge marker 2026-02-26 14:47:22 +00:00
joshavant
fce4d76a78 Tests: narrow OpenAI default model assertion typing 2026-02-26 14:47:22 +00:00
joshavant
68b9d89ee7 Onboard: store OpenAI auth in profiles instead of .env 2026-02-26 14:47:22 +00:00
joshavant
09c7cb5d34 Tests: update onboard credential expectations for explicit ref mode 2026-02-26 14:47:22 +00:00
joshavant
b50d2ce93c Tests: align auth-choice helper expectations with secret mode 2026-02-26 14:47:22 +00:00
joshavant
04aa856fc0 Onboard: require explicit mode for env secret refs 2026-02-26 14:47:22 +00:00
joshavant
103d02f98c Auth choice tests: expect env-backed key refs 2026-02-26 14:47:22 +00:00
joshavant
56f73ae080 Auth choice tests: assert env-backed keyRef persistence 2026-02-26 14:47:22 +00:00
joshavant
58590087de Onboard auth: use shared secret-ref helpers 2026-02-26 14:47:22 +00:00
joshavant
7e1557b8c9 Onboard: persist env-backed API keys as secret refs 2026-02-26 14:47:22 +00:00
joshavant
363334253b Secrets migrate: split plan/apply/backup modules 2026-02-26 14:47:22 +00:00
joshavant
4807e40cbd Agents: restore auth.json static scrub during pi auth discovery 2026-02-26 14:47:22 +00:00
joshavant
8e439e2d81 Secrets migrate: ensure unique backup ids per write 2026-02-26 14:47:22 +00:00
joshavant
a74067d00b Secrets migrate: share helpers and narrow env scrub scope 2026-02-26 14:47:22 +00:00
joshavant
f6a854bd37 Secrets: add migrate rollback and skill ref support 2026-02-26 14:47:22 +00:00
joshavant
2e53033f22 Gateway: serialize secrets activation across reload paths 2026-02-26 14:47:22 +00:00
joshavant
fe56700026 Gateway: add manual secrets reload command 2026-02-26 14:47:22 +00:00
joshavant
301fe18909 Agents: inject pi auth storage from runtime profiles 2026-02-26 14:47:22 +00:00
joshavant
6a251d8d74 Auth profiles: resolve keyRef/tokenRef outside gateway 2026-02-26 14:47:22 +00:00
joshavant
5ae367aadd Tests: stub discoverAuthStorage in model catalog mocks 2026-02-26 14:47:22 +00:00
joshavant
cec404225d Auth labels: handle token refs and share Pi credential conversion 2026-02-26 14:47:22 +00:00
joshavant
e1301c31e7 Auth profiles: never persist plaintext when refs are present 2026-02-26 14:47:22 +00:00
joshavant
4c5a2c3c6d Agents: inject pi auth storage from runtime profiles 2026-02-26 14:47:22 +00:00
joshavant
45ec5aaf2b Secrets: keep read-only runtime sync in-memory 2026-02-26 14:47:22 +00:00
joshavant
8e33ebe471 Secrets: make runtime activation auth loads read-only 2026-02-26 14:47:22 +00:00
joshavant
3dbb6be270 Gateway tests: handle async restart callback path 2026-02-26 14:47:22 +00:00
joshavant
1560f02561 Gateway: mark restart callback promise as intentionally detached 2026-02-26 14:47:22 +00:00
joshavant
eb855f75ce Gateway: emit one-shot operator events for secrets degraded/recovered 2026-02-26 14:47:22 +00:00
joshavant
e45729a430 Secrets runtime: include sourceConfig in prepared snapshot type 2026-02-26 14:47:22 +00:00
joshavant
e4915cb107 Secrets: preserve runtime snapshot source refs on write 2026-02-26 14:47:22 +00:00
joshavant
b1533bc80c Gateway: avoid double secrets activation at startup 2026-02-26 14:47:22 +00:00
joshavant
b50c4c2c44 Gateway: add eager secrets runtime snapshot activation 2026-02-26 14:47:22 +00:00
joshavant
2f3b919b94 Config: remove unused extension path helper 2026-02-26 14:47:22 +00:00
joshavant
d00ed73026 Config: enforce source-specific SecretRef id validation 2026-02-26 14:47:22 +00:00
joshavant
c3a4251a60 Config: add secret ref schema and redaction foundations 2026-02-26 14:47:22 +00:00
Peter Steinberger
79659b2b14 fix(browser): land PR #11880 decodeURIComponent guardrails 
Guard malformed percent-encoding in relay target routes and browser dispatcher params, add regression tests, and update changelog.
Landed from contributor @Yida-Dev (PR #11880).

Co-authored-by: Yida-Dev <reyifeijun@gmail.com>
 2026-02-26 14:37:48 +00:00
Harold Hunt
dbfdf60a42 fix(telegram): Allow ephemeral webhookPort 2026-02-26 20:01:50 +05:30
Harold Hunt
296210636d fix(telegram): Log bound port if ephemeral (0) is configured 2026-02-26 20:01:50 +05:30
Harold Hunt
840b768d97 Telegram: improve webhook config guidance and startup fallback 2026-02-26 20:01:50 +05:30
Peter Steinberger
5416cabdf8 fix(browser): land PR #21277 dedupe concurrent relay init 
Add shared per-port relay initialization dedupe so concurrent callers await a single startup lifecycle, with regression coverage and changelog entry.
Landed from contributor @HOYALIM (PR #21277).

Co-authored-by: Ho Lim <subhoya@gmail.com>
 2026-02-26 14:30:46 +00:00
Peter Steinberger
ce833cd6de fix(browser): land PR #24142 flush relay pending timers on stop 
Flush pending extension request timers/rejections during relay shutdown and document in changelog.
Landed from contributor @kevinWangSheng (PR #24142).

Co-authored-by: Shawn <118158941+kevinWangSheng@users.noreply.github.com>
 2026-02-26 14:20:43 +00:00
Peter Steinberger
42cf32c386 fix(browser): land PR #26015 query-token auth for /json relay routes 
Align relay HTTP /json auth with websocket auth by accepting query-param tokens, add regression coverage, and update changelog.
Landed from contributor @Sid-Qin (PR #26015).

Co-authored-by: SidQin-cyber <sidqin0410@gmail.com>
 2026-02-26 14:17:41 +00:00