admin/Moltbot
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
12,878 Commits 1 Branch 0 Tags
ab27d7b05abb28fb8d13f4d98d96bc12759f3778
Commit Graph

7896 Commits

Author SHA1 Message Date
Shadow
ab27d7b05a Discord: fix voice command typing 2026-02-20 16:31:41 -06:00
Shadow
4ab946eebf Discord VC: voice channels, transcription, and TTS (#18774) 2026-02-20 16:06:07 -06:00
Shadow
3100b77f12 Agents: clarify authorized sender prompt (Closes #19794) 2026-02-20 15:55:36 -06:00
Shadow
30a0d3fce1 Status reactions: fix stall timers and gating (#22190) 
* feat: add shared status reaction controller

* feat: add statusReactions config schema

* feat: wire status reactions for Discord and Telegram

* fix: restore original 10s/30s stall defaults for Discord compatibility

* Status reactions: fix stall timers and gating

* Format status reaction imports

---------

Co-authored-by: Matt <mateus.carniatto@gmail.com>
 2026-02-20 15:27:42 -06:00
Tyler Yust
47f3979758 Gateway: force loopback self-connections for local binds 2026-02-20 13:08:26 -08:00
Shadow
c378439246 Security: harden tool media paths 2026-02-20 13:32:49 -06:00
Shadow
39816e61b0 Security: restrict canvas jsonlPath file reads 2026-02-20 13:21:55 -06:00
Mariano
5828708343 iOS/Gateway: harden pairing resolution and settings-driven capability refresh (#22120) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 55b8a93a999b7458c98f9d3b31abbd3665929b31
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
 2026-02-20 18:57:04 +00:00
Shadow
61f646c41f Daemon: harden systemd unit env rendering 2026-02-20 12:51:14 -06:00
Shadow
8c9f35cdb5 Agents: sanitize skill env overrides 2026-02-20 12:38:54 -06:00
Shadow
09e6970386 Discord: implement stream preview mode (#22111) 
* Discord: implement stream preview mode

* Changelog: note Discord stream preview mode

* Tests: type discord draft stream mocks

* Docs: document Discord stream preview
 2026-02-20 12:37:15 -06:00
Mariano
5dd304d1c6 fix(gateway): clear pairing state on device token mismatch (#22071) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: ad38d1a5297ff897b2f4b79c5e126ec215a28e48
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
 2026-02-20 18:21:13 +00:00
Mariano
094dbdaf2b fix(gateway): require loopback proxy IP for trusted-proxy + bind=loopback (#22082) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 6ff3ca9b5db530c2ea4abbd027ee98a9c4a1be67
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
 2026-02-20 18:03:53 +00:00
Xinhua Gu
9c5249714d fix(gateway): trusted-proxy auth rejected when bind=loopback (#20097) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 8de62f1a8f991f900fd1482f64976f234011f4d2
Co-authored-by: xinhuagu <562450+xinhuagu@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
 2026-02-20 17:51:35 +00:00
Nachx639
868fe48d58 fix(gateway): allow health method for all authenticated roles (#19699) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: b9764432672d15d63061df2d2e58542e5c777479
Co-authored-by: Nachx639 <71144023+Nachx639@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
 2026-02-20 17:48:44 +00:00
Marcus Castro
c8ee33c162 fix(gateway): include export name in hook transform cache key (#13855) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: a9eea919b88b33c3297620d62b38bac9cfa412bf
Co-authored-by: mcaxtr <7562095+mcaxtr@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
 2026-02-20 17:44:51 +00:00
Marcus Castro
618b36f07a fix(gateway): return 404 for missing static assets instead of SPA fallback (#12060) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 32d2ca7a13cbce69e4ea819fed6841f28bbd1b9d
Co-authored-by: mcaxtr <7562095+mcaxtr@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
 2026-02-20 17:41:57 +00:00
Coy Geek
914a7c5359 fix: Device Token Scope Escalation via Rotate Endpoint (#20703) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 4f2c2ecef4f53777dafc94cbdf1aa07ef0a2b1c0
Co-authored-by: coygeek <65363919+coygeek@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
 2026-02-20 17:38:58 +00:00
Coy Geek
40a292619e fix: Control UI Insecure Auth Bypass Allows Token-Only Auth Over HTTP (#20684) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: ad9be4b4d65698785ad7ea9ad650f54d16c89c4a
Co-authored-by: coygeek <65363919+coygeek@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
 2026-02-20 17:34:34 +00:00
Mariano
8e4f6c0384 fix(browser): block upload symlink escapes (#21972) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 4381ef9a4d9107798c9c7c00aac62ee81a878789
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
 2026-02-20 16:36:25 +00:00
Nimrod Gutman
741435aacd fix(web): remove unrelated login changes 2026-02-20 14:47:20 +02:00
Nimrod Gutman
ac0c1c26b1 fix: preserve ios bg refresh plist key and handle web login retry failures 2026-02-20 14:47:20 +02:00
Nimrod Gutman
8775d34fba fix(pairing): simplify pending merge and harden mixed-role onboarding 2026-02-20 14:47:20 +02:00
Nimrod Gutman
1da23be302 fix(pairing): preserve operator scopes for ios onboarding 2026-02-20 14:47:20 +02:00
mudrii
7ecfc1d93c fix(auth): bidirectional mode/type compat + sync OAuth to all agents (#12692) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 2dee8e1174e637e50d10bf7020f1de2990b804dc
Co-authored-by: mudrii <220262+mudrii@users.noreply.github.com>
Co-authored-by: obviyus <22031114+obviyus@users.noreply.github.com>
Reviewed-by: @obviyus
 2026-02-20 16:01:09 +05:30
Vignesh Natarajan
5542a43623 Memory: share ENOENT helpers 2026-02-19 23:33:28 -08:00
Vignesh Natarajan
14a3af212d Format: align memory imports 2026-02-19 23:33:28 -08:00
Vignesh Natarajan
ec4198954a Memory: harden readFile ENOENT handling 2026-02-19 23:33:28 -08:00
Daniel Zou
f3f47886ba fix(memory): handle ENOENT gracefully in readFile instead of throwing 
When a memory file doesn't exist yet (e.g. daily log `2026-02-19.md`),
`readFile` now returns `{ text: "", path }` instead of propagating the
ENOENT error. This prevents noisy error responses from the memory read
tool and aligns with the "graceful degradation" recommendation in #9307.

Closes #9307

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-19 23:33:28 -08:00
Ayaan Zaidi
ab256b8ec7 fix: split telegram reasoning and answer draft streams (#20774) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 7458444144b49c84a26030c1f3a886235c76e869
Co-authored-by: obviyus <22031114+obviyus@users.noreply.github.com>
Co-authored-by: obviyus <22031114+obviyus@users.noreply.github.com>
Reviewed-by: @obviyus
 2026-02-20 11:14:39 +05:30
mudrii
beb2b74b5b fix(telegram): prevent silent message loss across all streamMode settings (#19041) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 82898339f02ae08ab9eaa2eabb679326a8469ca1
Co-authored-by: mudrii <220262+mudrii@users.noreply.github.com>
Co-authored-by: obviyus <22031114+obviyus@users.noreply.github.com>
Reviewed-by: @obviyus
 2026-02-20 10:46:55 +05:30
Shakker
aa3c8f732b CLI: recover devices commands via local pairing fallback 2026-02-20 05:12:05 +00:00
Shakker
525d6e0671 Gateway: align pairing scope checks for read access 2026-02-20 05:12:05 +00:00
Sean McLellan
86f207adb0 fix: clean tool schemas and thinking blocks for google-antigravity (openclaw#19732) thanks @Oceanswave 
Verified:
- pnpm install --frozen-lockfile
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: Oceanswave <760674+Oceanswave@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-19 22:49:57 -06:00
Hudson
7b81383d44 fix(signal): preserve case for Base64 group IDs in target normalization (openclaw#10623) thanks @heyhudson 
Verified:
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: heyhudson <258693705+heyhudson@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-19 22:41:55 -06:00
Kirill Shchetynin
ee519086f6 Feature/default messenger delivery target (openclaw#16985) thanks @KirillShchetinin 
Verified:
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: KirillShchetinin <13061871+KirillShchetinin@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-19 22:37:19 -06:00
Ephraim Moss
59e58bf81c fix: strip unsupported JSON Schema keywords for Claude via Cloud Code Assist (openclaw#20124) thanks @ephraimm 
Verified:
- pnpm install --frozen-lockfile
- pnpm build
- pnpm check (fails on existing unrelated type error: src/agents/subagent-announce.format.e2e.test.ts:71)
- pnpm test:e2e src/agents/pi-embedded-runner/google.e2e.test.ts
- pnpm test:macmini (fails on existing unrelated test: src/agents/subagent-registry.steer-restart.test.ts)

Co-authored-by: ephraimm <2803669+ephraimm@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-19 22:31:20 -06:00
Nabbil Khan
f91034aa6b fix(auth): clear all usage stats fields in clearAuthProfileCooldown (openclaw#19211) thanks @nabbilkhan 
Verified:
- pnpm install --frozen-lockfile
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: nabbilkhan <203121263+nabbilkhan@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-19 22:21:37 -06:00
Mr. Guy
dece0fa146 fix: add customBindHost to gateway config validation (openclaw#20318) thanks @MisterGuy420 
Verified:
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: MisterGuy420 <255743668+MisterGuy420@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-19 22:06:22 -06:00
Clawborn
cbcc75f6c7 Add Claude Sonnet 4.6 and 4.5 to GitHub Copilot model catalog (openclaw#20270) thanks @Clawborn 
Verified:
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: Clawborn <261310391+Clawborn@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-19 21:54:52 -06:00
Tak Hoffman
c1ac37a641 Config: expose Pi compaction tuning values (openclaw#21568) thanks @Takhoffman 
Verified:
- pnpm install --frozen-lockfile
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: Takhoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-19 21:41:09 -06:00
Dale Babiy
10dab4f2c7 fix(anthropic): preserve pi-ai default betas when injecting anthropic-beta header (openclaw#19789) thanks @minupla 
Verified:
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: minupla <42547246+minupla@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-19 21:23:00 -06:00
Glucksberg
38b4fb5d55 fix(auth/session): preserve override reset behavior and repair oauth profile-id drift (openclaw#18820) thanks @Glucksberg 
Verified:
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: Glucksberg <80581902+Glucksberg@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-19 21:16:26 -06:00
Vishal
f1e1cc4ee3 feat: surface cached token counts in /status output (openclaw#21248) thanks @vishaltandale00 
Verified:
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: vishaltandale00 <9222298+vishaltandale00@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-19 21:06:13 -06:00
lbo728
d6fbed7904 fix: prevent whatsapp fallback for webchat sessions 
Fixes #21444

When connecting via Hub Chat/webchat, the runtime channel was incorrectly
defaulting to 'whatsapp' instead of being omitted or set to 'webchat'.

Root cause: The channel resolution fallback chain (OriginatingChannel ->
Surface -> Provider) would use Provider even for webchat sessions, where
Provider may be unrelated (e.g., the user's default configured channel).

Changes:
- Add explicit webchat detection before falling back to Provider
- Skip Provider fallback when Surface is 'webchat' or Provider is 'webchat'
- Channel field is now undefined for webchat sessions (no incorrect label)

This ensures webchat sessions don't receive WhatsApp-specific formatting
hints (no markdown tables, no headers) and fixes the runtime label.
 2026-02-19 18:41:57 -08:00
青雲
21448508a1 fix: Grok web_search extracts output_text blocks at top level (openclaw#20508) thanks @echoVic 
Verified:
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: echoVic <16428813+echoVic@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-19 20:37:15 -06:00
Tak Hoffman
d9e46028f5 fix(cron/whatsapp): route implicit delivery to allowlisted recipients (openclaw#21533) thanks @Takhoffman 
Verified:
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-19 20:33:37 -06:00
Rodrigo Uroz
a87b5fb009 (feat): MMR and temporal decay / bring back schema changes (openclaw#18786) thanks @rodrigouroz 
Verified:
- pnpm install --frozen-lockfile
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: rodrigouroz <384037+rodrigouroz@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-19 20:20:02 -06:00
adhitShet
164d478652 fix(cli): correct --verbose / -v option syntax in acp commands (#21303) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 20d058dcf524765f53681b601f605b0d4b3129f3
Co-authored-by: adhitShet <131381638+adhitShet@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-02-19 21:04:22 -05:00
ahdernasr
e321f21daa fix: serialize tool result delivery to preserve message ordering (#21231) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 68adbf58c8ec92d32e6183b0c6432963b2b4f9d8
Co-authored-by: ahdernasr <44983175+ahdernasr@users.noreply.github.com>
Co-authored-by: joshavant <830519+joshavant@users.noreply.github.com>
Reviewed-by: @joshavant
 2026-02-19 17:23:23 -08:00