admin/Moltbot
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
dafd61b5c19fb7df3e34157f4bc8f9c24bffd91f
Moltbot/src
History
Robin Waslander dafd61b5c1 fix(gateway): enforce caller-scope subsetting in device.token.rotate 
device.token.rotate accepted attacker-controlled scopes and forwarded
them to rotateDeviceToken without verifying the caller held those
scopes. A pairing-scoped token could rotate up to operator.admin on
any already-paired device whose approvedScopes included admin.

Add a caller-scope subsetting check before rotateDeviceToken: the
requested scopes must be a subset of client.connect.scopes via the
existing roleScopesAllow helper. Reject with missing scope: <scope>
if not.

Also add server.device-token-rotate-authz.test.ts covering both the
priv-esc path and the admin-to-node-invoke chain.

Fixes GHSA-4jpw-hj22-2xmc
2026-03-11 14:16:59 +01:00
..
acp
fix: harden secret-file readers
2026-03-10 23:40:10 +00:00
agents
fix(models): guard optional model input capabilities (#42096)
2026-03-11 13:43:59 +01:00
auto-reply
Providers: add Opencode Go support (#42313)
2026-03-11 01:31:06 -04:00
browser
fix(browser): surface 429 rate limit errors with actionable hints (#40491)
2026-03-11 00:49:31 +03:00
canvas-host
refactor(tests): dedupe canvas host server setup
2026-03-03 02:53:13 +00:00
channels
refactor(security): unify config write target policy
2026-03-11 01:35:04 +00:00
cli
fix(terminal): stabilize skills table width across Terminal.app and iTerm (#42849)
2026-03-11 09:13:10 -04:00
commands
fix(terminal): stabilize skills table width across Terminal.app and iTerm (#42849)
2026-03-11 09:13:10 -04:00
compat
config
fix: harden subagent control boundaries
2026-03-11 01:44:38 +00:00
context-engine
test(context-engine): add bundle chunk isolation tests for registry (#40460)
2026-03-09 08:15:35 -07:00
cron
Gateway: fail closed unresolved local auth SecretRefs (#42672)
2026-03-10 21:41:56 -05:00
daemon
fix: stabilize launchd paths and appcast secret scan
2026-03-09 08:37:37 +00:00
discord
refactor(security): simplify system.run approval model
2026-03-11 01:43:06 +00:00
docs
gateway
fix(gateway): enforce caller-scope subsetting in device.token.rotate
2026-03-11 14:16:59 +01:00
hooks
fix(hooks): use resolveAgentIdFromSessionKey in runBeforeReset (#39875)
2026-03-08 19:07:28 +03:00
i18n
ACP: add persistent Discord channel and Telegram topic bindings (#34873)
2026-03-05 09:38:12 +01:00
imessage
test: share runtime group policy fallback cases
2026-03-10 22:20:19 +00:00
infra
fix(security): pin staged writes and fs mutations
2026-03-11 02:38:00 +00:00
line
fix: harden secret-file readers
2026-03-10 23:40:10 +00:00
link-understanding
logging
Logging: harden probe suppression for observations (#41338)
2026-03-10 01:40:15 +03:00
markdown
perf: harden chunking against quadratic scans
2026-03-07 16:50:35 +00:00
media
fix(media): accept reader read result type
2026-03-09 03:49:50 +00:00
media-understanding
fix: add gemini 3.1 flash-lite support
2026-03-08 05:12:48 +00:00
memory
Fix one-shot exit hangs by tearing down cached memory managers (#40389)
2026-03-10 07:34:46 +08:00
node-host
docs(changelog): note interpreter approval hardening
2026-03-11 02:45:10 +00:00
pairing
refactor(pairing): share allowFrom path resolution
2026-03-08 02:16:03 +00:00
plugin-sdk
refactor: compile allowlist matchers
2026-03-11 00:07:47 +00:00
plugins
fix(plugins): expose model auth API to context-engine plugins (#41090)
2026-03-09 16:07:26 -07:00
process
refactor: share windows command shim resolution
2026-03-10 22:18:04 +00:00
providers
build: update app deps except carbon
2026-03-09 06:09:33 +00:00
routing
refactor(routing): centralize inbound last-route policy
2026-03-08 02:16:03 +00:00
scripts
CI: cover skill and extension tests
2026-03-06 11:21:03 -05:00
secrets
Providers: add Opencode Go support (#42313)
2026-03-11 01:31:06 -04:00
security
fix(security): harden replaceMarkers() to catch space/underscore boundary marker variants (#35983)
2026-03-10 13:54:23 +08:00
sessions
ACP: add optional ingress provenance receipts (#40473)
2026-03-09 04:19:03 +01:00
shared
refactor: share sampled entry summary formatting
2026-03-08 00:05:24 +00:00
signal
fix(signal): forward all inbound attachments from #39212 (thanks @joeykrug)
2026-03-07 23:35:55 +00:00
slack
refactor: compile allowlist matchers
2026-03-11 00:07:47 +00:00
telegram
fix(telegram): fall back on ambiguous first preview sends
2026-03-11 11:23:10 +05:30
terminal
fix(terminal): stabilize skills table width across Terminal.app and iTerm (#42849)
2026-03-11 09:13:10 -04:00
test-helpers
test-utils
refactor(security): simplify system.run approval model
2026-03-11 01:43:06 +00:00
tts
fix: align pi-ai 0.57.1 oauth imports and payload hooks
2026-03-10 20:29:03 +05:30
tui
fix(tui): improve color contrast for light-background terminals (#40345)
2026-03-08 16:17:28 -07:00
types
Memory: handle SecretRef keys in doctor embeddings (#36835)
2026-03-05 20:05:59 -06:00
utils
fix(exec): honor shell comments in allow-always analysis
2026-03-07 23:31:25 +00:00
web
test: share runtime group policy fallback cases
2026-03-10 22:20:19 +00:00
whatsapp
refactor: dedupe channel outbound and monitor tests
2026-03-03 00:15:15 +00:00
wizard
fix(onboard): avoid persisting talk fallback on fresh setup
2026-03-09 08:33:58 +00:00
channel-web.ts
docker-build-cache.test.ts
Docker: improve build cache reuse (#40351)
2026-03-08 17:57:46 -07:00
docker-image-digests.test.ts
fix(ci): pin multi-arch docker base digests
2026-03-08 02:55:15 +00:00
docker-setup.e2e.test.ts
Docker: trim runtime image payload (#40307)
2026-03-08 16:07:04 -07:00
dockerfile.test.ts
Docker: trim runtime image payload (#40307)
2026-03-08 16:07:04 -07:00
entry.ts
Exec: mark child command env with OPENCLAW_CLI (#41411)
2026-03-09 19:14:08 -04:00
entry.version-fast-path.test.ts
CLI: include commit hash in --version output (#39712)
2026-03-08 19:10:48 +03:00
extensionAPI.ts
globals.ts
index.ts
install-sh-version.test.ts
build: bump unreleased version to 2026.3.9
2026-03-09 08:33:58 +00:00
logger.test.ts
logger.ts
logging.ts
poll-params.test.ts
Harden Telegram poll gating and schema consistency (#36547)
2026-03-05 19:24:43 -05:00
poll-params.ts
Harden Telegram poll gating and schema consistency (#36547)
2026-03-05 19:24:43 -05:00
polls.test.ts
polls.ts
Harden Telegram poll gating and schema consistency (#36547)
2026-03-05 19:24:43 -05:00
runtime.ts
utils.test.ts
utils.ts
version.test.ts
Gateway: fix stale self version in status output (#32655)
2026-03-03 02:41:52 -05:00
version.ts
Gateway: fix stale self version in status output (#32655)
2026-03-03 02:41:52 -05:00