admin/Moltbot
1
0
Fork 0
Code Issues Pull Requests Actions 6 Packages Projects Releases Wiki Activity
14,106 Commits 1 Branch 0 Tags
d7747148d0559a4e4bde5aff5af857e7b03bbae3
Commit Graph

8916 Commits

Author SHA1 Message Date
Vignesh Natarajan
d7747148d0 fix(memory): reindex when sources change 2026-02-22 15:12:07 -08:00
Robin Waslander
44727dc3a1 security(web_fetch): strip hidden content to prevent indirect prompt injection (#21074) 
* security(web_fetch): strip hidden content to prevent indirect prompt injection

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

* security(web_fetch): address review feedback and credit author

* chore(changelog): credit reporter for web_fetch security fix

---------

Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
 2026-02-22 18:10:26 -05:00
Tak Hoffman
73e5bb7635 Cron: apply timeout to startup catch-up runs (#23966) 
* Cron: apply timeout to startup catch-up runs

* Changelog: add cron startup timeout catch-up note
 2026-02-22 17:04:30 -06:00
Vignesh Natarajan
a58b40e153 chore(test): stabilize mcporter assertions on Windows 2026-02-22 14:47:50 -08:00
Vignesh Natarajan
82d34b4b06 fix(memory): harden qmd collection recovery 2026-02-22 14:40:04 -08:00
Peter Steinberger
84e5ab598a fix: make windows CI path handling deterministic 2026-02-22 22:34:49 +00:00
Peter Steinberger
3b0e62d5bf fix(doctor): warn that approvals.exec.enabled only disables forwarding 
Co-authored-by: nomadonwheels196 <nomadonwheels196@users.noreply.github.com>
 2026-02-22 23:33:15 +01:00
Peter Steinberger
a30f9c8673 fix(sandbox): fallback docker user to workspace owner uid/gid 
Co-authored-by: LucasAIBuilder <LucasAIBuilder@users.noreply.github.com>
 2026-02-22 23:33:15 +01:00
Peter Steinberger
394a1af70f fix(exec): apply per-agent exec defaults for opaque session keys 
Co-authored-by: brin-tapcart <brin-tapcart@users.noreply.github.com>
 2026-02-22 23:33:14 +01:00
Peter Steinberger
427b4360b9 build: update deps and stabilize tests 2026-02-22 23:32:38 +01:00
Peter Steinberger
a5917e4ad8 test(exec): resolve rebase artifact in bash-tools test 2026-02-22 22:25:47 +00:00
Vignesh Natarajan
1ad9f9af5a fix(memory): resolve qmd Windows shim commands 2026-02-22 14:24:49 -08:00
Peter Steinberger
cd919ebd2d refactor(exec): unify wrapper resolution and split approvals tests 2026-02-22 23:20:09 +01:00
mudrii
3645420a33 perf: skip cache-busting for bundled hooks, use mtime for workspace hooks (openclaw#16960) thanks @mudrii 
Verified:
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: mudrii <220262+mudrii@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-22 16:14:51 -06:00
Peter Steinberger
84303f6a78 test: make exec timeout coverage deterministic 2026-02-22 22:14:01 +00:00
Peter Steinberger
13db0b88f5 refactor(gateway): share safe avatar file open checks 2026-02-22 23:12:45 +01:00
Peter Steinberger
7b229decdd test(perf): dedupe fixtures and reduce flaky waits 2026-02-22 22:06:01 +00:00
Peter Steinberger
b534dfa3e0 fix(slack,web): harden thread hints and monitor tuning 2026-02-22 22:06:01 +00:00
Peter Steinberger
57b75678d4 test(security): consolidate runtime guardrail scans 2026-02-22 22:06:01 +00:00
Peter Steinberger
c677be9d5f fix(exec): skip default timeout for background sessions 2026-02-22 23:03:44 +01:00
Peter Steinberger
4b0fddc075 fix(test): prevent env leak causing models.json CI flake 2026-02-22 22:00:44 +00:00
Peter Steinberger
862975507a refactor(exec): split command resolution and trusted-dir normalization 2026-02-22 23:00:33 +01:00
Peter Steinberger
24c954d972 fix(security): harden allow-always wrapper persistence 2026-02-22 22:55:33 +01:00
Peter Steinberger
1e582dcc6f fix: harden windows path handling in CI tests 2026-02-22 21:52:10 +00:00
Tak Hoffman
556af3f08b fix(cron): cancel timed-out runs before side effects (openclaw#22411) thanks @Takhoffman 
Verified:
- pnpm check
- pnpm vitest run src/memory/qmd-manager.test.ts src/cron/service.issue-regressions.test.ts src/cron/isolated-agent.delivers-response-has-heartbeat-ok-but-includes.test.ts --maxWorkers=1

Co-authored-by: Takhoffman <781889+Takhoffman@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-22 15:45:27 -06:00
Peter Steinberger
64b273a71c fix(exec): harden safe-bin trust and add explicit trusted dirs 2026-02-22 22:43:18 +01:00
Vignesh Natarajan
08fb38f729 Fix: resolve pnpm check type regressions 2026-02-22 13:40:51 -08:00
Peter Steinberger
6970c2c2db fix(gateway): harden control-ui avatar reads 2026-02-22 22:40:22 +01:00
Peter Steinberger
e16f93af0c fix: stabilize ci test typings and mocks 2026-02-22 21:38:47 +00:00
Peter Steinberger
3f0b9dbb36 fix(security): block shell-wrapper line-continuation allowlist bypass 2026-02-22 22:36:29 +01:00
Peter Steinberger
7c109f5737 fix: resolve ci type errors and reconnect test flake 2026-02-22 21:35:20 +00:00
Vignesh Natarajan
d75b594e07 Agents/Replies: scope done fallback to direct sessions 2026-02-22 13:30:30 -08:00
Peter Steinberger
e4d67137db fix(node): default mac headless system.run to local host 
Co-authored-by: aethnova <262512133+aethnova@users.noreply.github.com>
 2026-02-22 22:24:28 +01:00
Peter Steinberger
d24f5c1e3a fix(gateway): fail fast exec approvals when no approvers are reachable 
Co-authored-by: fanxian831-netizen <262880470+fanxian831-netizen@users.noreply.github.com>
 2026-02-22 22:24:27 +01:00
Peter Steinberger
73fab7e445 fix(agents): map container workdir paths in workspace guard 
Co-authored-by: Explorer1092 <32663226+Explorer1092@users.noreply.github.com>
 2026-02-22 22:24:27 +01:00
Peter Steinberger
7bbd597383 fix(media): enforce agent media roots in plugin send actions 
Co-authored-by: Oliver Drobnik <333270+odrobnik@users.noreply.github.com>
Co-authored-by: thisischappy <257418353+thisischappy@users.noreply.github.com>
 2026-02-22 22:24:27 +01:00
Peter Steinberger
33a43a151d refactor(security): split elevated allowFrom matcher internals 2026-02-22 22:20:04 +01:00
Peter Steinberger
2081b3a3c4 refactor(channels): dedupe hook and monitor execution paths 2026-02-22 21:19:09 +00:00
Peter Steinberger
06b0a60bef refactor(daemon): share runtime and service probe helpers 2026-02-22 21:19:09 +00:00
Peter Steinberger
e029f78447 refactor(config): dedupe install and typing schema definitions 2026-02-22 21:19:09 +00:00
Peter Steinberger
4bf67ab698 refactor(commands): centralize shared command formatting helpers 2026-02-22 21:19:09 +00:00
Peter Steinberger
06bdd53658 refactor(agents): dedupe workspace and session tool flows 2026-02-22 21:19:09 +00:00
Peter Steinberger
2f8c68ae4d refactor(test): dedupe run-loop signal harness setup 2026-02-22 21:19:09 +00:00
Peter Steinberger
52ee1f697e test(memory): cover shared batch output and error helpers 2026-02-22 21:19:09 +00:00
Peter Steinberger
ad51372f78 refactor(memory): share batch provider scaffolding 2026-02-22 21:19:09 +00:00
Tak Hoffman
f8171ffcdc Config UI: tag filters and complete schema help/labels coverage (#23796) 
* Config UI: add tag filters and complete schema help/labels

* Config UI: finalize tags/help polish and unblock test suite

* Protocol: regenerate Swift gateway models
 2026-02-22 15:17:07 -06:00
Peter Steinberger
c539782c09 test(gateway-lock): stabilize port-probe liveness coverage 2026-02-22 22:11:53 +01:00
Peter Steinberger
ffb12397a8 fix(cron): direct-deliver thread and topic announce targets 
Co-authored-by: Andrei Aratmonov <247877121+AndrewArto@users.noreply.github.com>
 2026-02-22 22:11:52 +01:00
Peter Steinberger
320cf8eb3e fix(subagents): restore configurable announce timeout 
Co-authored-by: Valadon <20071960+Valadon@users.noreply.github.com>
 2026-02-22 22:11:52 +01:00
Peter Steinberger
3820ad77ba fix(cron): pass agentDir into embedded follow-up runs 
Co-authored-by: seilk <88271769+seilk@users.noreply.github.com>
 2026-02-22 22:11:52 +01:00