LLM/moltbot
1
0
Fork 0
mirror of https://github.com/moltbot/moltbot.git synced 2026-05-11 12:58:34 +00:00
Code Issues Packages Projects Releases Wiki Activity
44,172 Commits 1,551 Branches 179 Tags
55e7f5f27ce2fddcdd21cffc331c170b59d22fd5
Commit Graph

523 Commits

Author SHA1 Message Date
Shakker
01741f81f8 test: remove stale unused imports 2026-05-09 11:26:43 +01:00
Shakker
e2d8b78b69 test: tighten daemon infra array assertions 2026-05-09 05:56:26 +01:00
Shakker
f35dbcc328 test: tighten security empty array assertions 2026-05-09 05:09:12 +01:00
Peter Steinberger
daa48e8681 test: tighten acp security helpers 2026-05-08 21:18:04 +01:00
Peter Steinberger
e7b429436b test: tighten security plugin helpers 2026-05-08 21:16:33 +01:00
Shakker
78bbbdec4c test: tighten security fix account assertion 2026-05-08 21:16:07 +01:00
Shakker
61afdefe0c test: tighten windows acl assertions 2026-05-08 21:15:31 +01:00
Shakker
8d9d0038a9 test: tighten node command assertions 2026-05-08 21:14:56 +01:00
Peter Steinberger
ea65056e21 test: tighten security trust helpers 2026-05-08 21:14:43 +01:00
Shakker
2ad93720a9 test: tighten plugin trust assertions 2026-05-08 21:14:20 +01:00
Shakker
86f393062d test: tighten async audit assertion 2026-05-08 21:13:43 +01:00
Shakker
3a66f982f5 test: tighten sandbox browser assertion 2026-05-08 21:13:04 +01:00
Peter Steinberger
f2c21e4278 test: tighten security audit helpers 2026-05-08 21:12:58 +01:00
Shakker
dd85761638 test: tighten gateway http auth assertions 2026-05-08 21:12:35 +01:00
Shakker
ea1220016b test: tighten trust model assertion 2026-05-08 21:11:57 +01:00
Shakker
ab16feb5bf test: tighten gateway exposure assertions 2026-05-08 21:11:32 +01:00
Peter Steinberger
a0ef60eb4c test: clear weak assertion scan 2026-05-08 21:11:12 +01:00
Shakker
4a3b516557 test: tighten account metadata assertion 2026-05-08 21:10:55 +01:00
Shakker
0cb6382da1 test: tighten probe failure assertion 2026-05-08 21:10:22 +01:00
Shakker
39405ebe14 test: tighten small model risk assertions 2026-05-08 21:09:59 +01:00
Shakker
bb8a16f37c test: tighten workspace skill assertion 2026-05-08 21:09:13 +01:00
Peter Steinberger
f5c7465dac test: tighten telegram media assertions 2026-05-08 21:09:04 +01:00
Shakker
69cecf4030 test: tighten exec safe bin assertion 2026-05-08 21:08:39 +01:00
Shakker
558cc44e74 test: tighten channel readonly assertion 2026-05-08 21:07:53 +01:00
Shakker
94314ef8cf test: tighten gateway auth warning assertion 2026-05-08 21:07:31 +01:00
Shakker
bffa43df09 test: tighten exec surface assertion 2026-05-08 21:06:54 +01:00
Shakker
3cdb73c423 test: tighten audit extra assertions 2026-05-08 21:06:13 +01:00
Shakker
2e28459a0e test: tighten audit summary assertion 2026-05-08 21:05:49 +01:00
Shakker
986efee29c test: tighten safe regex assertions 2026-05-08 21:05:09 +01:00
Peter Steinberger
6f26a477be test: require core weak guard lookups 2026-05-08 17:53:05 +01:00
Shakker
686f595c47 test: tighten external content marker assertion 2026-05-08 17:16:31 +01:00
Shakker
2d5a5ee666 test: tighten windows acl command assertions 2026-05-08 17:15:31 +01:00
Peter Steinberger
5fccaa1e32 test: clarify gateway exposure audit assertions 2026-05-08 09:30:48 +01:00
Peter Steinberger
4b8717f14e test: clarify sandbox browser audit assertion 2026-05-08 09:29:28 +01:00
Peter Steinberger
84212d58b8 test: clarify skill scanner assertions 2026-05-08 09:19:53 +01:00
Peter Steinberger
af8cf11e19 test: clarify security scanner assertions 2026-05-08 09:18:33 +01:00
Peter Steinberger
a8dcbb26f8 test: clarify security audit assertions 2026-05-08 09:17:15 +01:00
Peter Steinberger
9ef37d1907 test: tighten assertions and harness coverage 2026-05-08 05:28:12 +01:00
Josh Avant
83aad863fd Clarify exec filesystem policy drift (#79153) 
* docs: clarify exec filesystem policy

* fix: warn on exec filesystem policy drift

* docs: clarify exec filesystem mutation surface
 2026-05-07 20:05:19 -05:00
Vincent Koc
c97998ce21 chore(channels): remove bluebubbles bundled surface 2026-05-07 12:52:48 -07:00
Peter Steinberger
466f718320 feat: wire talk handoff into native nodes 2026-05-06 02:39:15 +01:00
Peter Steinberger
538605ff44 [codex] Extract filesystem safety primitives (#77918) 
* refactor: extract filesystem safety primitives

* refactor: use fs-safe for file access helpers

* refactor: reuse fs-safe for media reads

* refactor: use fs-safe for image reads

* refactor: reuse fs-safe in qqbot media opener

* refactor: reuse fs-safe for local media checks

* refactor: consume cleaner fs-safe api

* refactor: align fs-safe json option names

* fix: preserve fs-safe migration contracts

* refactor: use fs-safe primitive subpaths

* refactor: use grouped fs-safe subpaths

* refactor: align fs-safe api usage

* refactor: adapt private state store api

* chore: refresh proof gate

* refactor: follow fs-safe json api split

* refactor: follow reduced fs-safe surface

* build: default fs-safe python helper off

* fix: preserve fs-safe plugin sdk aliases

* refactor: consolidate fs-safe usage

* refactor: unify fs-safe store usage

* refactor: trim fs-safe temp workspace usage

* refactor: hide low-level fs-safe primitives

* build: use published fs-safe package

* fix: preserve outbound recovery durability after rebase

* chore: refresh pr checks
 2026-05-06 02:15:17 +01:00
Logan Ye
7dc6007aee fix(doctor): warn when OPENCLAW_GATEWAY_TOKEN env overrides gateway.auth.token config (#74433) 
* fix(doctor): warn when OPENCLAW_GATEWAY_TOKEN env overrides gateway.auth.token config (#74271)

* fix(doctor): narrow gateway token source warning

* test(status): type env secret provider fixture

* fix(doctor): scope gateway token conflict warning to local mode

Signed-off-by: sallyom <somalley@redhat.com>

---------

Signed-off-by: sallyom <somalley@redhat.com>
Co-authored-by: sallyom <somalley@redhat.com>
 2026-05-05 14:54:15 -04:00
6607changchun
d02fbc6116 fix(sandbox): support Windows drive-letter bind sources 
Accept drive-absolute Windows sandbox Docker bind sources in config and runtime validation while keeping blocked-path and allowed-root comparisons case-insensitive for Windows drive paths.

Also remove a stale WhatsApp setup import that blocked extension lint after the rebase.

Co-authored-by: 6607changchun <84566142+6607changchun@users.noreply.github.com>
Co-authored-by: Brad Groux <3053586+BradGroux@users.noreply.github.com>
 2026-05-04 23:39:56 -05:00
Michael Appel
c1da0ddd54 fix(security): block workspace env from overriding Windows system root paths [AI] (#74458) 
* fix: address issue

* fix: address PR review feedback

* fix: address PR review feedback

* fix: address PR review feedback

* fix: address codex review feedback

* fix: address codex review feedback

* changelog: PR #74458

---------

Co-authored-by: Devin Robison <drobison@nvidia.com>
 2026-05-04 10:13:50 -06:00
Vincent Koc
33e19fb5ae fix(security): ignore scanner comment context 2026-05-04 02:35:43 -07:00
Peter Steinberger
061af13bf3 fix: avoid plugin install scanner false positives 2026-05-04 10:24:32 +01:00
Peter Steinberger
bd0e10a2f6 refactor: route inline eval through command analysis 2026-05-03 18:06:10 +01:00
Vincent Koc
6548825083 fix(scanner): ignore full-line comments for source rules 2026-05-02 17:35:39 -07:00
Vincent Koc
4be4c475ea fix(scanner): ignore benign member exec matches 2026-05-02 17:35:38 -07:00