LLM/moltbot
1
0
Fork 0
mirror of https://github.com/moltbot/moltbot.git synced 2026-05-08 08:45:41 +00:00
Code Issues Packages Projects Releases Wiki Activity
38,665 Commits 1,499 Branches 175 Tags
7a2bb2fcda40d2c9cc0ade1ecff9477fe8974be3
Commit Graph

6350 Commits

Author SHA1 Message Date
Peter Steinberger
09310931cf fix(plugins): repair configured runtime deps 2026-04-30 04:13:39 +01:00
Peter Steinberger
db18323551 fix(plugin-sdk): restore zalouser facade 2026-04-30 04:13:39 +01:00
Vincent Koc
6e73101df3 chore(ci): widen CodeQL PR guard 
Runs the PR CodeQL security guard as high-confidence high/critical security coverage and adds the initial plugin/package-contract quality guard.
 2026-04-29 20:06:50 -07:00
Peter Steinberger
c403ea9063 refactor(channels): move more turn policy into kernel 2026-04-30 03:44:21 +01:00
Peter Steinberger
eab4024934 fix(whatsapp): track provider-accepted auto-replies 2026-04-30 03:38:19 +01:00
Vincent Koc
8aed80d2fa chore(ci): add CodeQL PR security guard 
Runs the narrow CodeQL critical-security matrix on non-draft pull requests for code and workflow security-boundary changes.
 2026-04-29 19:19:45 -07:00
Peter Steinberger
02ebac6250 refactor(channels): share turn dispatch results 2026-04-30 02:58:40 +01:00
Peter Steinberger
f94d970cee fix: refresh Google Meet speech retry readiness 2026-04-30 02:45:44 +01:00
Peter Steinberger
78fc27fe7d docs: document shipped app sdk 2026-04-30 01:59:04 +01:00
clawsweeper[bot]
3bd6b54f0b fix: compatibility gaps in the new Google Vertex ADC manifest evidence 
Tighten Google Vertex ADC manifest evidence to canonical project env vars and canonical ADC fallback paths only.

Local proof:
- OPENCLAW_VITEST_MAX_WORKERS=1 pnpm test src/agents/model-auth.profiles.test.ts src/plugins/manifest-registry.test.ts src/secrets/provider-env-vars.dynamic.test.ts
- pnpm exec oxfmt --check --threads=1 docs/plugins/manifest.md extensions/google/openclaw.plugin.json src/agents/model-auth-env.ts src/agents/model-auth.profiles.test.ts src/plugins/manifest.ts
- git diff --check origin/main...HEAD

CI note: checks-node-core-support-boundary was red on an unrelated tooling assertion in test/scripts/test-projects.test.ts for packages/sdk/src/index.test.ts routing; that file and scripts/test-projects.mjs are unchanged from origin/main.
 2026-04-30 01:52:09 +01:00
Peter Steinberger
9c22a0133b docs(discord): clarify application id account scope 2026-04-30 01:47:02 +01:00
Peter Steinberger
485b875d72 fix(discord): allow configured application ids 2026-04-30 01:47:02 +01:00
Peter Steinberger
cd0fb36c1c docs: clarify app sdk documentation 2026-04-30 01:39:55 +01:00
Peter Steinberger
08c4af0ddf fix(msteams): accept conversation id allowlists 2026-04-30 01:35:42 +01:00
Peter Steinberger
1ead1b2d18 refactor(channels): finish turn kernel migration 2026-04-30 01:31:00 +01:00
Peter Steinberger
442e14e359 docs(config): document queue backlog alias 2026-04-30 01:30:51 +01:00
Peter Steinberger
30a2b3049a feat: default active steering to batched delivery 2026-04-30 01:22:43 +01:00
Peter Steinberger
601596bfe2 docs: refresh plugin sdk api baseline 2026-04-30 01:04:51 +01:00
Vincent Koc
e5c608f804 docs: clarify i18n locale visibility 2026-04-29 17:00:48 -07:00
Peter Steinberger
b113d92c6f docs: clarify managed proxy routing hooks 2026-04-30 00:55:52 +01:00
Peter Steinberger
29de89a8d9 fix: align SDK wait and protocol contracts 2026-04-30 00:51:24 +01:00
Peter Steinberger
43f6c8b01a feat: add OpenClaw SDK package 2026-04-30 00:51:24 +01:00
Vincent Koc
845dd2a7d5 chore(ci): add provider runtime CodeQL quality shard 
Adds a focused non-security CodeQL quality shard for provider runtime and model catalog contracts.
 2026-04-29 16:15:38 -07:00
Shakker
5a606947b5 docs: document manifest auth evidence 2026-04-30 00:13:12 +01:00
Marcus Castro
4cba08df01 fix(whatsapp): remove exposeErrorText config (#74642) 
* fix(whatsapp): remove exposeErrorText config

* fix(whatsapp): mark internal system events trusted
 2026-04-29 20:03:58 -03:00
Vincent Koc
847d8fa0e1 chore(ci): add Plugin SDK reply CodeQL quality shard 
Adds a focused non-security CodeQL quality shard for Plugin SDK reply/session delivery runtime contracts.
 2026-04-29 15:56:41 -07:00
Vincent Koc
8f50920c45 chore(ci): add session diagnostics CodeQL quality shard 
Adds a focused non-security CodeQL quality shard for session diagnostics, delivery queues, and related diagnostic contracts.
 2026-04-29 15:29:03 -07:00
Peter Steinberger
4c712d3372 fix: add bundled plugin deps repair command 2026-04-29 23:23:14 +01:00
Peter Steinberger
9a9cd0c0ab refactor(channels): add shared turn kernel 2026-04-29 23:16:16 +01:00
Vincent Koc
6717f8b334 chore(ci): add plugin trust CodeQL shard 
Adds the plugin trust-boundary CodeQL security shard on Blacksmith and documents the rollout scope.
 2026-04-29 15:02:06 -07:00
Peter Steinberger
a31b55a8d8 fix(config): document queue help options 2026-04-29 23:01:39 +01:00
Peter Steinberger
4a6e10ece8 feat: default queueing to steer 2026-04-29 22:48:10 +01:00
Michael Marr
aaf4cc6862 docs(slack): warn that groupPolicy allowlist requires channel IDs not names (#53112) 2026-04-29 14:36:38 -07:00
Gabriel A. Mays
f0f1635f9f Docs: add VPS admin hardening note (#54685) 2026-04-29 14:36:33 -07:00
Vincent Koc
71ab341f46 chore(ci): rename CodeQL auth security shard 
Renames the default auth/secrets CodeQL security category from the generic javascript-typescript label to core-auth-secrets.

Proof:
- Branch CodeQL security run https://github.com/openclaw/openclaw/actions/runs/25134871512 passed on 1d9f727bfd.
- Core auth/secrets analysis 1200412263 returned 0 results.
- Branch open CodeQL alerts: none.
- Workflow Sanity, Blacksmith Testbox, Blacksmith Build Artifacts Testbox, and OpenGrep PR Diff passed.

Scope is label/config only: same paths, query pack, filters, timeout, and runner.
 2026-04-29 14:32:34 -07:00
Vignesh Natarajan
d51af16fab Docs: document inferred commitments 2026-04-29 14:28:22 -07:00
Peter Steinberger
21e2168b8f ci: shard install smoke release checks 2026-04-29 22:25:55 +01:00
Vignesh Natarajan
aecde2b3ac Agents: simplify inferred commitment config (#74189) 2026-04-29 14:14:53 -07:00
Vignesh Natarajan
8e4035d09a Agents: add inferred commitments 2026-04-29 14:14:53 -07:00
Peter Steinberger
8b8bba9621 fix(config): tighten patch command semantics 2026-04-29 22:02:02 +01:00
Peter Steinberger
48a01798b0 feat: add config apply patch command 2026-04-29 22:02:02 +01:00
pash-openai
3b5dab372a Keep Codex Computer Use hook relays live across turns (#74107) 
* Fix Codex native hook relay across processes

* fix: harden native hook relay bridge

* test: stabilize pairing store cache assertion

---------

Co-authored-by: pashpashpash <nik@vault77.ai>
 2026-04-30 05:57:12 +09:00
Vincent Koc
cd6efd1a42 chore(ci): add MCP process CodeQL shard 
Adds the focused MCP/process/tool-execution CodeQL security shard and documents it in CI docs.

Proof:
- Branch CodeQL security run https://github.com/openclaw/openclaw/actions/runs/25132942030 passed on 9d8ca2bae7.
- New mcp-process-tool-boundary analysis 1200250367 returned 0 results.
- Branch open CodeQL alerts: none.
- Workflow Sanity, Blacksmith Testbox, Blacksmith Build Artifacts Testbox, and OpenGrep PR Diff passed.
 2026-04-29 13:48:53 -07:00
Vincent Koc
2fa5590a93 docs: list all control ui locales 2026-04-29 13:42:07 -07:00
Vincent Koc
c9156cd9a8 chore(ci): add network SSRF CodeQL shard 
Adds a narrow critical-security CodeQL shard for the network/SSRF boundary and documents the new category.
 2026-04-29 13:08:46 -07:00
Jeff
9b6670d5c9 fix(ssrf): allow IPv6 fake-ip SSRF opt-in 
Allow trusted fake-IP proxy stacks to opt into IPv6 unique-local SSRF resolution without opening broader private-network access.
 2026-04-29 20:31:17 +01:00
Peter Steinberger
3059702687 feat(memory-wiki): add agent-facing people wiki metadata 2026-04-29 20:17:37 +01:00
Peter Steinberger
b0ae867034 refactor(migration): share cached config runtime helper 2026-04-29 20:05:23 +01:00
Vyctor Huggo Przozwski da Silva
97e2f5b332 fix(auto-reply): honor direct silent empty replies 
* fix(auto-reply): allow direct silent empty replies

* fix(auto-reply): guard direct silent empty replies
 2026-04-29 20:02:38 +01:00
Shakker
e69da9d578 fix: honor config timeline diagnostics 2026-04-29 19:53:55 +01:00