Moltbot

Author	SHA1	Message	Date
Peter Steinberger	d3483590fb	perf(test): stub readability in cf-markdown tests	2026-02-14 17:56:39 +00:00
Peter Steinberger	7582e93a8e	perf(test): speed up raw-body reply test	2026-02-14 17:56:39 +00:00
Peter Steinberger	7cc6add9b8	test(web): add SSRF guard cases	2026-02-14 18:53:23 +01:00
Peter Steinberger	cb3290fca3	fix(node-host): enforce system.run rawCommand/argv consistency	2026-02-14 18:53:23 +01:00
Mariano	71f357d949	bluebubbles: harden local media path handling against LFI (#16322 ) * bluebubbles: harden local media path handling * bluebubbles: remove racy post-open symlink lstat * fix: bluebubbles mediaLocalRoots docs + typing fix (#16322) (thanks @mbelinky)	2026-02-14 17:43:44 +00:00
Peter Steinberger	bfa7d21e99	fix(security): harden tlon Urbit requests against SSRF	2026-02-14 18:42:10 +01:00
Robby	5a313c83b7	fix(tui): use available terminal width for session name display (#16109 ) (#16238 ) Merged via /review-pr -> /prepare-pr -> /merge-pr. Prepared head SHA: 19c18977e0d2350825502d07adfcc00dbde6e073 Co-authored-by: robbyczgw-cla <239660374+robbyczgw-cla@users.noreply.github.com> Co-authored-by: steipete <58493+steipete@users.noreply.github.com> Reviewed-by: @steipete	2026-02-14 18:39:05 +01:00
Robby	8e5689a84d	feat(telegram): add sendPoll support (#16193 ) (#16209 ) Merged via /review-pr -> /prepare-pr -> /merge-pr. Prepared head SHA: b58492cfed34eebe4b32af5292928092a11ecfed Co-authored-by: robbyczgw-cla <239660374+robbyczgw-cla@users.noreply.github.com> Co-authored-by: steipete <58493+steipete@users.noreply.github.com> Reviewed-by: @steipete	2026-02-14 18:34:30 +01:00
Peter Steinberger	fc5d147d1b	fix(test-harness): annotate vitest mocks to avoid TS2742	2026-02-14 18:26:46 +01:00
Robby	baa3bf270b	fix(webchat): filter NO_REPLY token from streaming and final replies (#16286 ) The webchat channel sent NO_REPLY as visible text to clients instead of suppressing it. Other channels (Telegram, Discord) already filter this token via the reply dispatcher, but the webchat streaming path bypassed this check. Fixes #16269	2026-02-14 18:26:19 +01:00
Shadow	68b00a5388	CI: add dirty label auto-response	2026-02-14 11:22:00 -06:00
Peter Steinberger	09e2160080	test(browser): add file-chooser traversal regression	2026-02-14 18:20:20 +01:00
Peter Steinberger	29b587e73c	fix(voice-call): fail closed when Telnyx webhook public key missing	2026-02-14 18:17:20 +01:00
Peter Steinberger	ff11d8793b	fix(voice-call): require Twilio signature in ngrok loopback mode	2026-02-14 18:14:59 +01:00
Peter Steinberger	571c195c54	fix: support moltbot legacy state dir	2026-02-14 17:14:21 +00:00
Peter Steinberger	dee3abfcd5	refactor(test): share browser control server harness	2026-02-14 17:13:24 +00:00
Peter Steinberger	60898821f7	refactor(test): share telegram create bot harness	2026-02-14 17:13:24 +00:00
Peter Steinberger	ae97f8f798	refactor(test): share doctor e2e harness	2026-02-14 17:13:24 +00:00
Steve	69ba9a0562	fix: add memory search health check to openclaw doctor (openclaw#16294) thanks @superlowburn Verified: - pnpm install --frozen-lockfile - pnpm build - pnpm check - pnpm test (noted unrelated local flakes) Co-authored-by: superlowburn <24779772+superlowburn@users.noreply.github.com> Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>	2026-02-14 11:09:51 -06:00
Peter Steinberger	a3c9bc792e	docs(podman): add gateway.mode=local troubleshooting note	2026-02-14 18:07:05 +01:00
Peter Steinberger	709c225b2b	fix(podman): bootstrap config and token	2026-02-14 18:07:05 +01:00
Shadow	c16bc71279	fix: add discord routing debug logging (#16202 ) (thanks @jayleekr)	2026-02-14 11:03:30 -06:00
Peter Steinberger	054366dea4	fix(security): require explicit trust for first-time TLS pins	2026-02-14 17:55:20 +01:00
Peter Steinberger	d714ac7797	refactor(agents): dedupe transient error copy (#16324 )	2026-02-14 17:49:25 +01:00
Peter Steinberger	3e6d1e9cf8	docs: update changelog	2026-02-14 17:43:44 +01:00
Vincent	478af81706	Return user-facing message if API reuturn 429 API rate limit reached #2202 (#10415 ) * Return user-facing message if API reuturn 429 API rate limit reached * clarify the error message * fix(agents): improve 429 user messaging (#10415) (thanks @vincenthsin) --------- Co-authored-by: Peter Steinberger <steipete@gmail.com>	2026-02-14 17:40:02 +01:00
Shadow	ff32f43459	Discord: prefer gateway guild id in verbose log	2026-02-14 10:39:36 -06:00
Christoph Spörk	81b5e2766b	feat(podman): add optional Podman setup and documentation (#16273 ) * feat(podman): add optional Podman setup and documentation - Introduced `setup-podman.sh` for one-time host setup of OpenClaw in a rootless Podman environment, including user creation, image building, and launch script installation. - Added `run-openclaw-podman.sh` for running the OpenClaw gateway as a Podman container. - Created `openclaw.podman.env` for environment variable configuration. - Updated documentation to include Podman installation instructions and a new dedicated Podman guide. - Added a systemd Quadlet unit for managing the OpenClaw service as a user service. * fix: harden Podman setup and docs (#16273) (thanks @DarwinsBuddy) * style: format cli credentials --------- Co-authored-by: Peter Steinberger <steipete@gmail.com>	2026-02-14 17:39:06 +01:00
Robby	078642b308	fix(discord): defer component interactions to prevent timeout (#16287 ) * fix(discord): defer component interactions to prevent timeout Discord requires interaction responses within 3 seconds. Button clicks were routed through the LLM pipeline before responding, exceeding this window and showing 'This interaction failed' to users. Now immediately defers the interaction, then processes the agent response asynchronously. Fixes #16262 * fix: harden deferred interaction replies and silent chat finals (#16287) (thanks @robbyczgw-cla) --------- Co-authored-by: Peter Steinberger <steipete@gmail.com>	2026-02-14 17:38:01 +01:00
Gustavo Madeira Santana	69f809dca3	fix: restore deterministic review workflow	2026-02-14 11:37:09 -05:00
Peter Steinberger	9236a27456	perf(test): speed up web logout tests	2026-02-14 16:36:15 +00:00
Peter Steinberger	fe2d883cf7	perf(test): remove fs skill scanning from skill-commands tests	2026-02-14 16:36:15 +00:00
Peter Steinberger	5349a0f7c2	perf(test): mock reserved commands in skill-commands tests	2026-02-14 16:36:15 +00:00
Peter Steinberger	8ff2787981	perf(test): speed up skill-commands tests	2026-02-14 16:36:15 +00:00
Peter Steinberger	94ff44f112	test: make telegram network config hermetic	2026-02-14 16:36:15 +00:00
Peter Steinberger	ebcc6480c2	perf(cli): split skills formatting	2026-02-14 16:36:15 +00:00
Peter Steinberger	f2c56de955	perf(test): speed up memory suites	2026-02-14 16:36:15 +00:00
Peter Steinberger	a7142c6218	perf(test): cache hook installer fixtures	2026-02-14 16:36:15 +00:00
Peter Steinberger	ee82c173ae	perf(test): reduce web logout fs churn	2026-02-14 16:36:15 +00:00
Peter Steinberger	2b5e0a6075	perf(test): speed up memory batch + web logout	2026-02-14 16:36:15 +00:00
Peter Steinberger	76e4e9d176	perf(test): reduce skills + update + memory suite overhead	2026-02-14 16:36:15 +00:00
Peter Steinberger	684c18458a	perf(test): speed up line, models list, and memory batch	2026-02-14 16:36:15 +00:00
Peter Steinberger	9fb48f4dff	refactor(scripts): make run-node main testable	2026-02-14 16:36:15 +00:00
Peter Steinberger	ebc68861a6	fix: remove unused imports	2026-02-14 17:35:16 +01:00
Peter Steinberger	d3428053d9	fix: redact config values in skills status	2026-02-14 17:35:16 +01:00
Peter Steinberger	188c4cd076	fix(security): reject ambiguous webhook target matches	2026-02-14 17:28:28 +01:00
Peter Steinberger	b908388245	test(security): remove redundant cli-credentials e2e tests	2026-02-14 17:25:48 +01:00
Peter Steinberger	66d7178f2d	fix(security): eliminate shell from Claude CLI keychain refresh	2026-02-14 17:24:29 +01:00
Peter Steinberger	d583782ee3	fix(security): harden discovery routing and TLS pins	2026-02-14 17:18:14 +01:00
Peter Steinberger	61d59a8028	fix(googlechat): reject ambiguous webhook routing	2026-02-14 17:11:55 +01:00

1 2 3 4 5 ...

10072 Commits