admin/Moltbot
1
0
Fork 0
Code Issues Pull Requests Actions 6 Packages Projects Releases Wiki Activity
15,321 Commits 1 Branch 0 Tags
f16ecd1dac5d052d4d6e3f841b8c21ad12da5228
Commit Graph

15321 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Vincent Koc
f16ecd1dac fix(ollama): unify context window handling across discovery, merge, and OpenAI-compat transport (#29205) 
* fix(ollama): inject num_ctx for OpenAI-compatible transport

* fix(ollama): discover per-model context and preserve higher limits

* fix(agents): prefer matching provider model for fallback limits

* fix(types): require numeric token limits in provider model merge

* fix(types): accept unknown payload in ollama num_ctx wrapper

* fix(types): simplify ollama settled-result extraction

* config(models): add provider flag for Ollama OpenAI num_ctx injection

* config(schema): allow provider num_ctx injection flag

* config(labels): label provider num_ctx injection flag

* config(help): document provider num_ctx injection flag

* agents(ollama): gate OpenAI num_ctx injection with provider config

* tests(ollama): cover provider num_ctx injection flag behavior

* docs(config): list provider num_ctx injection option

* docs(ollama): document OpenAI num_ctx injection toggle

* docs(config): clarify merge token-limit precedence

* config(help): note merge uses higher model token limits

* fix(ollama): cap /api/show discovery concurrency

* fix(ollama): restrict num_ctx injection to OpenAI compat

* tests(ollama): cover ipv6 and compat num_ctx gating

* fix(ollama): detect remote compat endpoints for ollama-labeled providers

* fix(ollama): cap per-model /api/show lookups to bound discovery load
 2026-02-27 17:20:47 -08:00
fuller-stack-dev
70a4f25ab1 fix(security): remove post-compaction audit injection message (#28507) 
* fix: remove post-compaction audit injection (Layer 3)

Remove the post-compaction read audit that injects fake system messages
into conversations after context compaction. This audit:

- Hardcodes WORKFLOW_AUTO.md (a file that doesn't exist in standard
  workspaces) as a required read after every compaction
- Leaks raw regex syntax (memory\/\d{4}-\d{2}-\d{2}\.md) in
  user-facing warning messages
- Injects messages via enqueueSystemEvent that appear as user-role
  messages, tricking agents into reading attacker-controlled files
- Creates a persistent prompt injection vector (see #27697)

Layer 1 (compaction summary) and Layer 2 (workspace context refresh
from AGENTS.md via post-compaction-context.ts) remain intact and are
sufficient for post-compaction context recovery.

Deleted files:
- src/auto-reply/reply/post-compaction-audit.ts
- src/auto-reply/reply/post-compaction-audit.test.ts

Modified files:
- src/auto-reply/reply/agent-runner.ts (removed imports, audit map,
  flag setting, and Layer 3 audit block)

Fixes #27697, fixes #26851, fixes #20484, fixes #22339, fixes #25600
Relates to #26461

* fix: resolve lint failures from post-compaction audit removal

* Tests: add regression for removed post-compaction audit warnings

---------

Co-authored-by: Wilfred (OpenClaw Agent) <jay@openclaw.dev>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
 2026-02-27 17:15:59 -08:00
icesword0760
a509154be5 Feishu: send media payloads as attachments (openclaw#28959) thanks @icesword0760 
Verified:
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: icesword0760 <23316247+icesword0760@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-27 19:06:27 -06:00
Shadow
5cb2a3aa1b Tests: validate discord slash command options 2026-02-27 18:41:16 -06:00
Madoka
32ee2f0109 fix(feishu): break infinite typing-indicator retry loop on rate-limit / quota errors (openclaw#28494) thanks @guoqunabc 
Verified:
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: guoqunabc <9532020+guoqunabc@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-27 18:41:08 -06:00
Glucksberg
0e755ad99a fix(feishu): use msg_type "audio" for opus files instead of "media" (openclaw#28269) thanks @Glucksberg 
Verified:
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: Glucksberg <80581902+Glucksberg@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-27 18:23:19 -06:00
Glucksberg
60ef923051 fix(feishu): cache probeFeishu() results with 10-min TTL to reduce API calls (openclaw#28907) thanks @Glucksberg 
Verified:
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: Glucksberg <80581902+Glucksberg@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-27 18:15:28 -06:00
XuHao
56fa05838a feat(feishu): support Docx table create/write + image/file upload actions in feishu_doc (#20304) 
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-27 18:00:56 -06:00
大猫子
1725839720 fix(tools): honor tools.fs.workspaceOnly=false for host write/edit (#28822) 
Merged via squash.

Prepared head SHA: 83d432961d3e512165ff5caa36decbd92648f5a2
Co-authored-by: lailoo <20536249+lailoo@users.noreply.github.com>
Co-authored-by: velvet-shark <126378+velvet-shark@users.noreply.github.com>
Reviewed-by: @velvet-shark
 2026-02-28 00:53:20 +01:00
OfflynAI
ad804b0356 fix(feishu): propagate mediaLocalRoots for local file sends (#27884) (openclaw#27928) thanks @joelnishanth 
Verified:
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: joelnishanth <140015627+joelnishanth@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-27 17:43:57 -06:00
zhoulc777
bf9585d056 PR: Feishu Plugin - Auto-grant document permissions to requesting user (openclaw#28295) thanks @zhoulongchao77 
Verified:
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: zhoulongchao77 <65058500+zhoulongchao77@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-27 17:34:18 -06:00
Vincent Koc
fa5e71d1ae fix: harden Ollama autodiscovery and warning behavior (#29201) 
* agents: auto-discover Ollama models without API key

* tests: cover Ollama autodiscovery warning behavior
 2026-02-27 15:22:34 -08:00
Vincent Koc
d17c083803 docs(ollama): clarify /v1 tool-calling guidance (#29204) 2026-02-27 15:21:13 -08:00
Agent
de77497ea8 chore: add convex to sponsors table 2026-02-27 23:27:27 +01:00
Peter Steinberger
4aa2dc6857 fix(infra): land #29078 from @cathrynlavery with restart fallback 
Co-authored-by: Cathryn Lavery <cathryn@littlemight.com>
 2026-02-27 22:04:46 +00:00
Cathryn Lavery
db67492a00 fix(infra): actively kickstart launchd on supervised gateway restart 
When an agent triggers a gateway restart in supervised mode, the process
exits expecting launchd KeepAlive to respawn it. But ThrottleInterval
(default 10s, or 60s on older installs) can delay or prevent restart.

Now calls triggerOpenClawRestart() to issue an explicit launchctl
kickstart before exiting, ensuring immediate respawn. Falls back to
in-process restart if kickstart fails.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-27 22:02:05 +00:00
Sid
ee2eaddeb3 fix(onboard): increase verification timeout and reduce max_tokens for custom provider probes (#27380) 
* fix(onboard): increase verification timeout and reduce max_tokens for custom provider probes

The onboard wizard sends a chat-completion request to verify custom
providers.  With max_tokens: 1024 and a 10 s timeout, large local
models (e.g. Qwen3.5-27B on llama.cpp) routinely time out because
the server needs to load the model and generate up to 1024 tokens
before responding.

Changes:
- Raise VERIFY_TIMEOUT_MS from 10 s to 30 s
- Lower max_tokens from 1024 to 1 (verification only needs a single
  token to confirm the API is reachable and the model ID is valid)
- Add explicit stream: false to both OpenAI and Anthropic probes

Closes #27346

Made-with: Cursor

* Changelog: note custom-provider onboarding verification fix

---------

Co-authored-by: Philipp Spiess <hello@philippspiess.com>
 2026-02-27 22:51:58 +01:00
Shakker
46d9605ef8 merge-pr: use short squash merge banner 2026-02-27 21:41:24 +00:00
Philipp Spiess
12618c333c tests: complete openai-responses model fixture typing 2026-02-27 22:30:30 +01:00
bmendonca3
f943c76cde security(feishu): bound unauthenticated webhook rate-limit state (openclaw#26050) thanks @bmendonca3 
Verified:
- pnpm install --frozen-lockfile
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: bmendonca3 <208517100+bmendonca3@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-27 13:22:24 -06:00
Bartok Moltbot
3882b8a5be ci: fix CONTRIBUTING.md oxfmt formatting 
- Remove trailing blank line after Jonathan Taylor entry
- Escape underscore in @jlehman_ X handle

Fixes #29039
 2026-02-27 11:12:04 -08:00
Peter Steinberger
8bc80fad47 fix(slack): land #29032 /agentstatus alias from @maloqab 
Land contributor PR #29032 by @maloqab with Slack native alias docs, integration tests, and changelog entry.

Co-authored-by: maloqab <mitebaloqab@gmail.com>
 2026-02-27 19:09:38 +00:00
Rodrigo Uroz
1867611733 fix(memory): readonly sync recovery (openclaw#25799) thanks @rodrigouroz 
Verified:
- pnpm build
- pnpm check
- pnpm test:macmini (fails in this environment at src/daemon/launchd.integration.test.ts beforeAll hook timeout; merged with Tak override)

Co-authored-by: rodrigouroz <384037+rodrigouroz@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-27 12:26:43 -06:00
Josh Lehman
2916152f83 Add contributor Josh Lehman to CONTRIBUTING.md 2026-02-27 12:03:49 -06:00
Vincent Koc
15cf288d73 Update CHANGELOG.md 2026-02-27 09:11:58 -08:00
Peter Steinberger
dede4089a6 docs(openai): add clear server compaction toggle examples 2026-02-27 16:21:08 +00:00
Peter Steinberger
645791c35e ci: add timeout for windows checks job 2026-02-27 16:20:02 +00:00
Peter Steinberger
8da3a9a92d fix(agents): auto-enable OpenAI Responses server-side compaction (#16930, #22441, #25088) 
Landed from contributor PRs #16930, #22441, and #25088.

Co-authored-by: liweiguang <codingpunk@gmail.com>
Co-authored-by: EdwardWu7 <wuzhiyuan7@gmail.com>
Co-authored-by: MoerAI <friendnt@g.skku.edu>
 2026-02-27 16:15:50 +00:00
Rishabh Jain
6675aacb5e feat(memory-lancedb): Custom OpenAI BaseURL & Dimensions Support (#17874) 
* feat(memory-lancedb): add custom baseUrl and dimensions support

* fix(memory-lancedb): strict model typing and safe dimension resolution

* style: fix formatting in memory-lancedb config

* fix(memory-lancedb): sync manifest schema with new embedding options

---------

Co-authored-by: OpenClaw Bot <bot@openclaw.ai>
 2026-02-27 07:56:09 -08:00
Vincent Koc
62fa65ec85 Fix npm global install deprecation warnings (#28318) 
* Dependencies: make @discordjs/opus an optional peer

* Dependencies: bump node-llama-cpp peer to 3.16.2

* Dependencies: pin Google auth deps to warning-free versions

* CI: reduce Dependabot cooldown to 2 days

* CI: fix invalid Dependabot npm registry config

* CI: restore Dependabot npm registry with token auth

* Dependencies: remove global Google auth pnpm overrides

* CI: make Dependabot updates daily

* Dependencies: restore optional install semantics for @discordjs/opus

* CI: keep Docker Dependabot interval weekly
 2026-02-27 07:38:02 -08:00
Peter Steinberger
fe807e4bed chore(release): bump 2026.2.27 and split changelog 2026-02-27 16:09:28 +01:00
Rodrigo Uroz
0fe6cf06b2 Compaction: preserve opaque identifiers in summaries (openclaw#25553) thanks @rodrigouroz 
Verified:
- pnpm install --frozen-lockfile
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: rodrigouroz <384037+rodrigouroz@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-27 08:14:05 -06:00
Daniel Reis
84a88b2ace feat(i18n): add German (de) locale (#28495) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: e418326aaffe4672c2b5423083cbc068a9b1cb6d
Co-authored-by: dsantoreis <220753637+dsantoreis@users.noreply.github.com>
Co-authored-by: Evizero <10854026+Evizero@users.noreply.github.com>
Reviewed-by: @Evizero
 2026-02-27 11:44:09 +01:00
wangchunyue
6b317b1f17 fix(agents): normalize whitespace-padded tool call names before dispatch (#27094) 
Fix tool-call lookup failures when models emit whitespace-padded names by normalizing
both transcript history and live streamed embedded-runner tool calls before dispatch.

Co-authored-by: wangchunyue <80630709+openperf@users.noreply.github.com>
Co-authored-by: Sid <sidqin0410@gmail.com>
Co-authored-by: Philipp Spiess <hello@philippspiess.com>
 2026-02-27 11:26:37 +01:00
Ayaan Zaidi
aae90cb036 fix(telegram): include replied media files in reply context (#28488) 
* fix(telegram): include replied media files in reply context

* fix(telegram): keep reply media fields nullable

* perf(telegram): defer reply-media fetch to debounce flush

* fix(telegram): gate and preserve reply media attachments

* fix(telegram): preserve cached-sticker reply media context

* fix: update changelog for telegram reply-media context fixes (#28488) (thanks @obviyus)
 2026-02-27 15:16:21 +05:30
Onur Solmaz
a7929abad8 Discord: thread bindings idle + max-age lifecycle (#27845) (thanks @osolmaz) 
* refactor discord thread bindings to idle and max-age lifecycle

* fix: migrate legacy thread binding expiry and reduce hot-path disk writes

* refactor: remove remaining thread-binding ttl legacy paths

* fix: harden thread-binding lifecycle persistence

* Discord: fix thread binding types in message/reply paths

* Infra: handle win32 unknown inode in file identity checks

* Infra: relax win32 guarded-open identity checks

* Config: migrate threadBindings ttlHours to idleHours

* Revert "Infra: relax win32 guarded-open identity checks"

This reverts commit de94126771db072ecda6a014e80700310e76df61.

* Revert "Infra: handle win32 unknown inode in file identity checks"

This reverts commit 96fc5ddfb39762aa078d70dd4b4d3754e49a159b.

* Discord: re-read live binding state before sweep unbind

* fix: add changelog note for thread binding lifecycle update (#27845) (thanks @osolmaz)

---------

Co-authored-by: Onur Solmaz <onur@textcortex.com>
 2026-02-27 10:02:39 +01:00
Ayaan Zaidi
0fb7add7d6 fix: document canvas capability refresh params fix (#28413) (thanks @obviyus) 2026-02-27 13:26:42 +05:30
Ayaan Zaidi
3a35035512 fix(android): send object params for canvas capability refresh 2026-02-27 13:26:42 +05:30
Ayaan Zaidi
256021b8da fix: update changelog for android capability refresh land (#28388) (thanks @obviyus) 2026-02-27 12:16:36 +05:30
Ayaan Zaidi
6222d6650b fix(android): avoid duplicate A2UI readiness probe on happy path 2026-02-27 12:16:36 +05:30
Ayaan Zaidi
8187fbc571 fix(android): refresh scoped canvas URLs without trailing slash 2026-02-27 12:16:36 +05:30
Ayaan Zaidi
4b37b7b6a9 fix(media): serve JavaScript assets with text/javascript 2026-02-27 12:16:36 +05:30
Ayaan Zaidi
d53b24d185 fix(android): return valid debug.ed25519 diagnostics JSON 2026-02-27 12:16:36 +05:30
Ayaan Zaidi
34486f8c10 fix(android): retry A2UI after canvas capability refresh 2026-02-27 12:16:36 +05:30
Ayaan Zaidi
9b64ad30c4 docs(android): add integration test preconditions and pitfalls 2026-02-27 12:16:36 +05:30
Ayaan Zaidi
72adf1e993 test(gateway): add live android capability integration suite 2026-02-27 12:16:36 +05:30
Ayaan Zaidi
54eaf17327 feat(gateway): add node canvas capability refresh flow 2026-02-27 12:16:36 +05:30
Ayaan Zaidi
0896bb09b0 feat(android): wire runtime canvas capability refresh 2026-02-27 12:16:36 +05:30
Ayaan Zaidi
6ed00abc1e docs: document android capability sweep in testing guide 2026-02-27 12:16:36 +05:30
Ayaan Zaidi
7f6e822526 test: add android integration test script 2026-02-27 12:16:36 +05:30