admin/Moltbot
1
0
Fork 0
Code Issues Pull Requests Actions 6 Packages Projects Releases Wiki Activity
11,989 Commits 1 Branch 0 Tags
81fd771cb9989dbafea74f8912016a2cf8017ff2
Commit Graph

147 Commits

Author SHA1 Message Date
cpojer
01ea808876 chore: Format files. 2026-02-17 10:57:31 +09:00
Gustavo Madeira Santana
0d1eceb9cf Revert "Onboarding: fix webchat URL loopback and canonical session" 
This reverts commit 59e0e7e4ff.
 2026-02-16 20:30:03 -05:00
cpojer
90ef2d6bdf chore: Update formatting. 2026-02-17 09:18:40 +09:00
Yash
59e0e7e4ff Onboarding: fix webchat URL loopback and canonical session 2026-02-16 23:52:00 +01:00
Peter Steinberger
f717a13039 refactor(agent): dedupe harness and command workflows 2026-02-16 14:59:30 +00:00
Peter Steinberger
5c5af2b14e perf(wizard): lazy-load onboarding deps 2026-02-15 19:29:27 +00:00
Peter Steinberger
01ca3da8ee refactor(gateway): share tailscale prompt constants 2026-02-15 18:06:48 +00:00
Peter Steinberger
53ffc309f3 refactor(test): simplify onboarding wizard scaffolding 2026-02-15 15:16:55 +00:00
Peter Steinberger
3e7800befb refactor(test): dedupe onboarding gateway prompter 2026-02-15 15:15:19 +00:00
Peter Steinberger
af34c8fafe refactor(onboard): share local workspace+gateway config 2026-02-15 14:21:28 +00:00
Peter Steinberger
4950fcfb33 refactor(gateway): share IPv4 input validator 2026-02-15 06:37:41 +00:00
Peter Steinberger
9be114738f refactor(test): dedupe onboarding tui hatch setup 2026-02-14 20:29:02 +00:00
Peter Steinberger
994bcbf670 refactor: clarify restoreTerminalState stdin resume option 2026-02-14 20:47:00 +01:00
Vincent Koc
a042b32d2f fix: Docker installation keeps hanging on MacOS (#12972) 
* Onboarding: avoid stdin resume after wizard finish

* Changelog: remove Docker hang entry from PR

* Terminal: make stdin resume behavior explicit at call sites

* CI: rerun format check

* Onboarding: restore terminal before cancel exit

* test(onboard): align restoreTerminalState expectation

* chore(format): align onboarding restore test with updated oxfmt config

* chore(format): enforce updated oxfmt on restore test

* chore(format): apply updated oxfmt spacing to restore test

* fix: avoid stdin resume after onboarding (#12972) (thanks @vincentkoc)

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
 2026-02-14 19:46:07 +01:00
Omair Afzal
59733a02c8 fix(configure): reject literal "undefined" and "null" gateway auth tokens (#13767) 
* fix(configure): reject literal "undefined" and "null" gateway auth tokens

* fix(configure): reject literal "undefined" and "null" gateway auth tokens

* fix(configure): validate gateway password prompt and harden token coercion (#13767) (thanks @omair445)

* test: remove unused vitest imports in baseline lint fixtures (#13767)

---------

Co-authored-by: Luna AI <luna@coredirection.ai>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
 2026-02-13 17:04:41 +01:00
gejifeng
d44c118334 fix: avoid unused custom preferred provider 2026-02-13 15:48:37 +01:00
gejifeng
e6715bcb64 format: fix onboarding.ts wrapping 2026-02-13 15:48:37 +01:00
gejifeng
03c502ef31 lint: fix unused imports and onboarding preferred provider 2026-02-13 15:48:37 +01:00
gejifeng
e73d881c50 Onboarding: add vLLM provider support 2026-02-13 15:48:37 +01:00
Peter Steinberger
ba7dccc49d test: speed up test suite and trim redundant onboarding tests 2026-02-13 04:30:48 +00:00
Marcus Castro
ec44e262be fix(security): prevent String(undefined) coercion in credential inputs (#12287) 
* fix(security): prevent String(undefined) coercion in credential inputs

When a prompter returns undefined (due to cancel, timeout, or bug),
String(undefined).trim() produces the literal string "undefined" instead
of "". This truthy string prevents secure fallbacks from triggering,
allowing predictable credential values (e.g., gateway password = "undefined").

Fix all 8 occurrences by using String(value ?? "").trim(), which correctly
yields "" for null/undefined inputs and triggers downstream validation or
fallback logic.

Fixes #8054

* fix(security): also fix String(undefined) in api-provider credential inputs

Address codex review feedback: 4 additional occurrences of the unsafe
String(variable).trim() pattern in auth-choice.apply.api-providers.ts
(Cloudflare Account ID, Gateway ID, synthetic API key inputs + validators).

* fix(test): strengthen password coercion test per review feedback

* fix(security): harden credential prompt coercion

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
 2026-02-13 04:25:05 +01:00
Blossom
c0befdee0b feat(onboard): add custom/local API configuration flow (#11106) 
* feat(onboard): add custom/local API configuration flow

* ci: retry macos check

* fix: expand custom API onboarding (#11106) (thanks @MackDing)

* fix: refine custom endpoint detection (#11106) (thanks @MackDing)

* fix: streamline custom endpoint onboarding (#11106) (thanks @MackDing)

* fix: skip model picker for custom endpoint (#11106) (thanks @MackDing)

* fix: avoid allowlist picker for custom endpoint (#11106) (thanks @MackDing)

* Onboard: reuse shared fetch timeout helper (#11106) (thanks @MackDing)

* Onboard: clarify default base URL name (#11106) (thanks @MackDing)

---------

Co-authored-by: OpenClaw Contributor <contributor@openclaw.ai>
Co-authored-by: Gustavo Madeira Santana <gumadeiras@gmail.com>
 2026-02-10 07:31:02 -05:00
quotentiroler
53910f3643 Deduplicate more 2026-02-09 18:56:58 -08:00
Peter Steinberger
394d60c1fb fix(onboarding): auto-install shell completion in QuickStart 2026-02-09 12:56:12 -06:00
Mariano Belinky
730f86dd5c Gateway/Plugins: device pairing + phone control plugins (#11755) 2026-02-08 18:07:13 +01:00
Peter Steinberger
c5194d8148 fix(dashboard): restore tokenized control ui links 2026-02-06 22:17:09 -08:00
Coy Geek
717129f7f9 fix: silence unused hook token url param (#9436) 
* fix: Gateway authentication token exposed in URL query parameters

* fix: silence unused hook token url param

* fix: remove gateway auth tokens from URLs (#9436) (thanks @coygeek)

* test: fix Windows path separators in audit test (#9436)

---------

Co-authored-by: George Pickett <gpickett00@gmail.com>
 2026-02-05 18:08:29 -08:00
Shakker
3e14192730 onboard: use shared completion helpers for shell completion setup 
- Replace inline completion logic with `checkShellCompletionStatus` and `ensureCompletionCacheExists`
- Auto-upgrade old slow dynamic patterns silently during onboarding
- Auto-regenerate cache if profile exists but cache is missing
- Prompt to install if no completion is configured
 2026-02-04 19:51:06 +00:00
Shakker
981de05181 Onboarding: drop completion prompt 2026-02-03 08:43:25 +00:00
Shakker
58d5b39c9a Onboarding: keep TUI flow exclusive 2026-02-03 06:11:11 +00:00
cpojer
f06dd8df06 chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts. 2026-02-01 10:03:47 +09:00
Peter Steinberger
a42e1c82d9 fix: restore tsc build and plugin install tests 2026-01-31 07:54:15 +00:00
cpojer
952b0f8c48 chore: Fix TypeScript errors 2/n. 2026-01-31 16:42:40 +09:00
cpojer
5ceff756e1 chore: Enable "curly" rule to avoid single-statement if confusion/errors. 2026-01-31 16:19:20 +09:00
cpojer
9c4cbaab7b chore: Enable eslint/no-unused-vars. 2026-01-31 16:06:39 +09:00
cpojer
15792b153f chore: Enable more lint rules, disable some that trigger a lot. Will clean up later. 2026-01-31 16:04:04 +09:00
Peter Steinberger
08ed62852a chore: update deps and pi model discovery 2026-01-31 06:45:57 +01:00
Shakker
b1d25ed0dd feat: automated completion setup in postinstall and onboarding 2026-01-31 05:18:27 +00:00
Gustavo Madeira Santana
e5a95b5b66 fix: local updates for PR #4873 
Co-authored-by: Hisleren <Hisleren@users.noreply.github.com>
 2026-01-30 16:16:35 -05:00
Hisleren
201d7fa956 fix(security): prevent gateway token from defaulting to 'undefined' string 2026-01-30 16:16:35 -05:00
Peter Steinberger
9a7160786a refactor: rename to openclaw 2026-01-30 03:16:21 +01:00
Peter Steinberger
6d16a658e5 refactor: rename clawdbot to moltbot with legacy compat 2026-01-27 12:21:02 +00:00
Peter Steinberger
83460df96f chore: update molt.bot domains 2026-01-27 12:21:01 +00:00
Peter Steinberger
526303d9a2 refactor(auth)!: remove external CLI OAuth reuse 2026-01-26 19:05:00 +00:00
Peter Steinberger
b9098f3401 fix: remove unsupported gateway auth off option 2026-01-26 17:44:23 +00:00
Peter Steinberger
b06fc50e25 docs: clarify onboarding security warning 2026-01-26 16:58:55 +00:00
Peter Steinberger
737037129e fix: propagate config env vars to gateway services (#1735) (thanks @Seredeep) 2026-01-25 10:37:35 +00:00
Matias Wainsten
f29f51569a fix: propagate config.env.vars to LaunchAgent/systemd service environment (#1735) 
When installing the Gateway daemon via LaunchAgent (macOS) or systemd (Linux),
environment variables defined in config.env.vars were not being included in
the service environment. This caused API keys and other env vars configured
in clawdbot.json5 to be unavailable when the Gateway ran as a service.

The fix adds a configEnvVars parameter to buildGatewayInstallPlan() which
merges config.env.vars into the service environment. Service-specific
variables (CLAWDBOT_*, HOME, PATH) take precedence over config env vars.

Fixes the issue where users had to manually edit the LaunchAgent plist
to add environment variables like GOOGLE_API_KEY.
 2026-01-25 10:35:55 +00:00
Peter Steinberger
03e8b7c4ba fix: always offer TUI hatch 2026-01-23 09:07:43 +00:00
Ian Hildebrand
ff78e9a564 fix: support direct token and provider in auth apply commands (#1485) 2026-01-23 07:27:52 +00:00