LLM/moltbot
1
0
Fork 0
mirror of https://github.com/moltbot/moltbot.git synced 2026-04-18 12:14:32 +00:00
Code Issues Packages Projects Releases Wiki Activity
19,975 Commits 1,068 Branches 110 Tags
8cfcce0849c970ea755dde7dd42dfb3ed3e0b7cc
Commit Graph

276 Commits

Author SHA1 Message Date
Peter Steinberger
8cfcce0849 test: merge audit resolved inspection cases 2026-03-17 16:21:59 +00:00
Peter Steinberger
fb4b6eef03 test: merge audit code safety failure cases 2026-03-17 16:21:59 +00:00
Peter Steinberger
a24325f40c test: merge audit deny command cases 2026-03-17 16:21:59 +00:00
Peter Steinberger
8ab2d886eb test: merge audit windows acl cases 2026-03-17 16:21:59 +00:00
Peter Steinberger
2cfccf59c7 test: merge audit browser container cases 2026-03-17 16:21:59 +00:00
Peter Steinberger
355051f401 test: merge audit gateway auth presence cases 2026-03-17 16:21:59 +00:00
Peter Steinberger
97c481120f test: merge audit extension allowlist severity cases 2026-03-17 16:21:58 +00:00
Peter Steinberger
23d700b090 test: merge audit hooks ingress cases 2026-03-17 16:21:58 +00:00
Peter Steinberger
17143ed878 test: merge audit exposure heuristic cases 2026-03-17 16:21:58 +00:00
Peter Steinberger
588c8be6ff test: merge audit extension and workspace cases 2026-03-17 16:21:58 +00:00
Peter Steinberger
7efa79121a test: merge install metadata audit cases 2026-03-17 16:21:58 +00:00
Peter Steinberger
85c5ec8065 test: share audit exposure severity helper 2026-03-17 16:21:58 +00:00
Peter Steinberger
167a6ebed9 test: merge gateway http audit cases 2026-03-17 16:21:58 +00:00
Peter Steinberger
4fd17021f2 test: merge hooks audit risk cases 2026-03-17 16:21:58 +00:00
Peter Steinberger
3aa76a8ce7 test: merge feishu audit doc cases 2026-03-17 16:21:58 +00:00
Peter Steinberger
7e1bc4677f test: merge control ui audit cases 2026-03-17 16:21:58 +00:00
Peter Steinberger
5f0f69b2c7 test: merge browser control audit cases 2026-03-17 16:21:58 +00:00
Peter Steinberger
2ef7b13962 test: merge channel command audit cases 2026-03-17 16:21:58 +00:00
Peter Steinberger
03b405659b test: merge audit auth precedence cases 2026-03-17 16:21:58 +00:00
Peter Steinberger
0c070ccd53 test: merge zalouser audit group cases 2026-03-17 16:21:58 +00:00
Peter Steinberger
1038990bdd test: merge discord audit allowlist cases 2026-03-17 16:21:58 +00:00
Peter Steinberger
9648e7fecb refactor: consolidate lazy runtime surfaces 2026-03-17 00:59:20 -07:00
Peter Steinberger
5fb7a1363f fix: stabilize full gate 2026-03-17 07:06:25 +00:00
Peter Steinberger
9ebe38b6e3 refactor: untangle remaining plugin sdk boundaries 2026-03-16 21:16:32 -07:00
Peter Steinberger
7e74adef91 refactor: shrink public channel plugin sdk surfaces 2026-03-16 01:34:22 -07:00
Peter Steinberger
3a2c24e598 refactor: route shared channel sdk imports through plugin seams 2026-03-16 00:48:53 -07:00
Peter Steinberger
cec10703dc fix: unblock ci gates 2026-03-16 07:19:54 +00:00
Vincent Koc
c7137270d1 Security: split audit runtime surfaces 2026-03-15 23:30:34 -07:00
Vincent Koc
d5b12f505c Status: lazy-load security audit commands 2026-03-15 23:24:25 -07:00
Tak Hoffman
fa62231afc feishu: add structured card actions and interactive approval flows (#47873) 
* feishu: add structured card actions and interactive approval flows

* feishu: address review fixes and test-gate regressions

* feishu: hold inflight card dedup until completion

* feishu: restore fire-and-forget bot menu handling

* feishu: format card interaction helpers

* Feishu: add changelog entry for card interactions

* Feishu: add changelog entry for ACP session binding
 2026-03-16 01:07:09 -05:00
Vincent Koc
5f42389d8d Security: lazy-load audit config snapshot IO 2026-03-15 22:55:26 -07:00
Vincent Koc
a2119efe1c Security: lazy-load deep skill audit helpers 2026-03-15 22:55:26 -07:00
Vincent Koc
4cb46f223c Security: trim audit policy import surfaces 2026-03-15 22:55:26 -07:00
Peter Steinberger
5c120cb36c refactor: make setup the primary wizard surface 2026-03-15 22:01:04 -07:00
Vincent Koc
093e51f2b3 Security: lazy-load channel audit provider helpers 2026-03-15 21:09:41 -07:00
Vincent Koc
270ba54c47 Status: lazy-load channel security and summaries 2026-03-15 21:00:03 -07:00
Vincent Koc
f71f44576a Status: lazy-load read-only account inspectors 2026-03-15 20:10:43 -07:00
Josh Avant
a2cb81199e secrets: harden read-only SecretRef command paths and diagnostics (#47794) 
* secrets: harden read-only SecretRef resolution for status and audit

* CLI: add SecretRef degrade-safe regression coverage

* Docs: align SecretRef status and daemon probe semantics

* Security audit: close SecretRef review gaps

* Security audit: preserve source auth SecretRef configuredness

* changelog

Signed-off-by: joshavant <830519+joshavant@users.noreply.github.com>

---------

Signed-off-by: joshavant <830519+joshavant@users.noreply.github.com>
 2026-03-15 21:55:24 -05:00
Peter Steinberger
3f12e90f3e fix(ci): repair security and route test fixtures 2026-03-15 19:54:00 -07:00
Peter Steinberger
83ee5c0328 perf(status): defer heavy startup loading 2026-03-15 18:20:53 -07:00
Peter Steinberger
ff61343d76 fix: harden mention pattern regex compilation 2026-03-15 08:44:12 -07:00
Peter Steinberger
a472f988d8 fix: harden remote cdp probes 2026-03-15 08:23:01 -07:00
Vincent Koc
a97b9014a2 External content: sanitize wrapped metadata (#46816) 2026-03-14 23:06:30 -07:00
scoootscooob
439c21e078 refactor: remove channel shim directories, point all imports to extensions (#45967) 
* refactor: remove channel shim directories, point all imports to extensions

Delete the 6 backward-compat shim directories (src/telegram, src/discord,
src/slack, src/signal, src/imessage, src/web) that were re-exporting from
extensions. Update all 112+ source files to import directly from
extensions/{channel}/src/ instead of through the shims.

Also:
- Move src/channels/telegram/ (allow-from, api) to extensions/telegram/src/
- Fix outbound adapters to use resolveOutboundSendDep (fixes 5 pre-existing TS errors)
- Update cross-extension imports (src/web/media.js → extensions/whatsapp/src/media.js)
- Update vitest, tsdown, knip, labeler, and script configs for new paths
- Update guard test allowlists for extension paths

After this, src/ has zero channel-specific implementation code — only the
generic plugin framework remains.

* fix: update raw-fetch guard allowlist line numbers after shim removal

* refactor: document direct extension channel imports

* test: mock transcript module in delivery helpers
 2026-03-14 03:43:07 -07:00
Peter Steinberger
b7afc7bf40 fix: harden external content marker sanitization 2026-03-13 20:28:45 +00:00
Peter Steinberger
f36d8c09f1 feat(zalouser): audit mutable group allowlists 2026-03-13 01:44:42 +00:00
Peter Steinberger
eece586747 refactor(security): reuse hook agent routing normalization 2026-03-12 21:44:06 +00:00
Peter Steinberger
904db27019 fix(security): audit unrestricted hook agent routing 2026-03-12 21:36:19 +00:00
Urian Paul Danut
d1a59557b5 fix(security): harden replaceMarkers() to catch space/underscore boundary marker variants (#35983) 
Merged via squash.

Prepared head SHA: ff07dc45a9
Co-authored-by: urianpaul94 <33277984+urianpaul94@users.noreply.github.com>
Co-authored-by: frankekn <4488090+frankekn@users.noreply.github.com>
Reviewed-by: @frankekn
 2026-03-10 13:54:23 +08:00
Peter Steinberger
b6318d4df4 fix: narrow dm shared group policy typing 2026-03-08 00:05:24 +00:00