LLM/moltbot
1
0
Fork 0
mirror of https://github.com/moltbot/moltbot.git synced 2026-03-08 06:54:24 +00:00
Code Issues Packages Projects Releases Wiki Activity
15,753 Commits 634 Branches 72 Tags
9e4a366ee632b5009622a24a64ba5bb38ee52a64
Commit Graph

514 Commits

Author SHA1 Message Date
Peter Steinberger
6c5633598e fix(security): harden clawlog command execution 2026-03-01 23:33:13 +00:00
Vincent Koc
38da2d076c CLI: add root --help fast path and lazy channel option resolution (#30975) 
* CLI argv: add strict root help invocation guard

* Entry: add root help fast-path bootstrap bypass

* CLI context: lazily resolve channel options

* CLI context tests: cover lazy channel option resolution

* CLI argv tests: cover root help invocation detection

* Changelog: note additional startup path optimizations

* Changelog: split startup follow-up into #30975 entry

* CLI channel options: load precomputed startup metadata

* CLI channel options tests: cover precomputed metadata path

* Build: generate CLI startup metadata during build

* Build script: invoke CLI startup metadata generator

* CLI routes: preload plugins for routed health

* CLI routes tests: assert health plugin preload

* CLI: add experimental bundled entry and snapshot helper

* Tools: compare CLI startup entries in benchmark script

* Docs: add startup tuning notes for Pi and VM hosts

* CLI: drop bundled entry runtime toggle

* Build: remove bundled and snapshot scripts

* Tools: remove bundled-entry benchmark shortcut

* Docs: remove bundled startup bench examples

* Docs: remove Pi bundled entry mention

* Docs: remove VM bundled entry mention

* Changelog: remove bundled startup follow-up claims

* Build: remove snapshot helper script

* Build: remove CLI bundle tsdown config

* Doctor: add low-power startup optimization hints

* Doctor: run startup optimization hint checks

* Doctor tests: cover startup optimization host targeting

* Doctor tests: mock startup optimization note export

* CLI argv: require strict root-only help fast path

* CLI argv tests: cover mixed root-help invocations

* CLI channel options: merge metadata with runtime catalog

* CLI channel options tests: assert dynamic catalog merge

* Changelog: align #30975 startup follow-up scope

* Docs tests: remove secondary-entry startup bench note

* Docs Pi: add systemd recovery reference link

* Docs VPS: add systemd recovery reference link
 2026-03-01 14:23:46 -08:00
Vincent Koc
94a5d28d26 CI: remove Vitest JSON report artifacts (#30976) 
* CI: remove vitest JSON report upload steps

* Tests: stop injecting vitest JSON reporter

* Tests: remove vitest slowest report script
 2026-03-01 13:03:06 -08:00
Vincent Koc
bdd59e0149 Scripts: add CLI startup benchmark harness 2026-03-01 12:56:56 -08:00
Onur
79fcc8404e Scripts: add openclaw driver mode to discord ACP smoke 2026-03-01 20:39:24 +01:00
Charlie Niño
26db298d3e fix: sed escaping and UID mismatch in Podman Quadlet setup (#26414) 
* fix: sed escaping and UID mismatch in Podman Quadlet setup

Fix two bugs in the Podman/Quadlet installation path:

1. setup-podman.sh line 227: Remove `/` from sed escape character class.
   The sed substitution uses `|` as delimiter, so `/` doesn't need
   escaping. Including it causes paths like `/home/openclaw` to become
   `\/home\/openclaw`, which Podman rejects as invalid volume names.

2. openclaw.container.in: Add `User=%U:%G` after `UserNS=keep-id`.
   The Dockerfile sets `USER node` (UID 1000), but the `openclaw` system
   user created by setup-podman.sh may get a different UID (e.g., 1001).
   Without `User=%U:%G`, the container process runs as UID 1000 and
   cannot read config files owned by the openclaw user.

Closes #26400

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* scripts: extract quadlet sed replacement escaping helper

* podman: document quadlet user mapping rationale

* scripts: correct sed replacement escaping for pipe delimiter

---------

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
 2026-02-28 09:20:18 -08:00
Ayaan Zaidi
f29c642c13 fix(release): enforce lane floor for calver appcast entries 2026-02-28 10:28:53 +05:30
Ayaan Zaidi
83698bf13e fix(macos): derive canonical APP_BUILD after deps install 2026-02-28 10:04:25 +05:30
Ayaan Zaidi
af9edc98e4 fix(release): unify sparkle build policy and defaults 2026-02-28 10:04:25 +05:30
Logan Pritchett
84adedd1cb macos: treat empty APP_BUILD as fallback 2026-02-28 10:04:25 +05:30
Logan Pritchett
0332dce203 macos: parse calver month/day as decimal for Sparkle build 2026-02-28 10:04:25 +05:30
Logan Pritchett
e4ee585b73 release-check: align appcast floor with Sparkle build lanes 2026-02-28 10:04:25 +05:30
Logan Pritchett
08fd579412 macos: make derived Sparkle build unique for same-day releases 2026-02-28 10:04:25 +05:30
Logan Pritchett
3be12b9fc4 release-check: validate appcast sparkle version floor 2026-02-28 10:04:25 +05:30
Logan Pritchett
7237b4666b macos: make default Sparkle build version monotonic 2026-02-28 10:04:25 +05:30
Sid
4221b5f809 fix: pass rootId to streaming card in Feishu topic groups (openclaw#28346) thanks @Sid-Qin 
Verified:
- pnpm check
- pnpm test extensions/feishu/src/reply-dispatcher.test.ts

Co-authored-by: Sid-Qin <201593046+Sid-Qin@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-27 20:20:53 -06:00
Shakker
46d9605ef8 merge-pr: use short squash merge banner 2026-02-27 21:41:24 +00:00
Peter Steinberger
cb917b7f05 chore: silence onboard warning noise 2026-02-26 22:47:35 +01:00
Peter Steinberger
bce643a0bd refactor(security): enforce account-scoped pairing APIs 2026-02-26 21:57:52 +01:00
Peter Steinberger
10481097f8 refactor(security): enforce v1 node exec approval binding 2026-02-26 18:09:01 +01:00
Peter Steinberger
cd80c7e7ff refactor: unify dm policy store reads and reason codes 2026-02-26 17:47:57 +01:00
Peter Steinberger
273973d374 refactor: unify typing dispatch lifecycle and policy boundaries 2026-02-26 17:36:16 +01:00
Peter Steinberger
4894d907fa refactor(exec-approvals): unify system.run binding and generate host env policy 2026-02-26 16:58:01 +01:00
Peter Steinberger
57334cd7d8 refactor: unify channel/plugin ssrf fetch policy and auth fallback 2026-02-26 16:44:13 +01:00
Peter Steinberger
051fdcc428 fix(security): centralize dm/group allowlist auth composition 2026-02-26 16:35:33 +01:00
Peter Steinberger
ecb2053fdd chore(pr): guard against dropped changelog refs 2026-02-26 13:19:25 +01:00
Peter Steinberger
5df9aacf68 fix(podman): default run-openclaw-podman bind to loopback (land #27491, thanks @robbyczgw-cla) 
Co-authored-by: robbyczgw-cla <robbyczgw@gmail.com>
 2026-02-26 12:13:20 +00:00
Onur Solmaz
a7d56e3554 feat: ACP thread-bound agents (#23580) 
* docs: add ACP thread-bound agents plan doc

* docs: expand ACP implementation specification

* feat(acp): route ACP sessions through core dispatch and lifecycle cleanup

* feat(acp): add /acp commands and Discord spawn gate

* ACP: add acpx runtime plugin backend

* fix(subagents): defer transient lifecycle errors before announce

* Agents: harden ACP sessions_spawn and tighten spawn guidance

* Agents: require explicit ACP target for runtime spawns

* docs: expand ACP control-plane implementation plan

* ACP: harden metadata seeding and spawn guidance

* ACP: centralize runtime control-plane manager and fail-closed dispatch

* ACP: harden runtime manager and unify spawn helpers

* Commands: route ACP sessions through ACP runtime in agent command

* ACP: require persisted metadata for runtime spawns

* Sessions: preserve ACP metadata when updating entries

* Plugins: harden ACP backend registry across loaders

* ACPX: make availability probe compatible with adapters

* E2E: add manual Discord ACP plain-language smoke script

* ACPX: preserve streamed spacing across Discord delivery

* Docs: add ACP Discord streaming strategy

* ACP: harden Discord stream buffering for thread replies

* ACP: reuse shared block reply pipeline for projector

* ACP: unify streaming config and adopt coalesceIdleMs

* Docs: add temporary ACP production hardening plan

* Docs: trim temporary ACP hardening plan goals

* Docs: gate ACP thread controls by backend capabilities

* ACP: add capability-gated runtime controls and /acp operator commands

* Docs: remove temporary ACP hardening plan

* ACP: fix spawn target validation and close cache cleanup

* ACP: harden runtime dispatch and recovery paths

* ACP: split ACP command/runtime internals and centralize policy

* ACP: harden runtime lifecycle, validation, and observability

* ACP: surface runtime and backend session IDs in thread bindings

* docs: add temp plan for binding-service migration

* ACP: migrate thread binding flows to SessionBindingService

* ACP: address review feedback and preserve prompt wording

* ACPX plugin: pin runtime dependency and prefer bundled CLI

* Discord: complete binding-service migration cleanup and restore ACP plan

* Docs: add standalone ACP agents guide

* ACP: route harness intents to thread-bound ACP sessions

* ACP: fix spawn thread routing and queue-owner stall

* ACP: harden startup reconciliation and command bypass handling

* ACP: fix dispatch bypass type narrowing

* ACP: align runtime metadata to agentSessionId

* ACP: normalize session identifier handling and labels

* ACP: mark thread banner session ids provisional until first reply

* ACP: stabilize session identity mapping and startup reconciliation

* ACP: add resolved session-id notices and cwd in thread intros

* Discord: prefix thread meta notices consistently

* Discord: unify ACP/thread meta notices with gear prefix

* Discord: split thread persona naming from meta formatting

* Extensions: bump acpx plugin dependency to 0.1.9

* Agents: gate ACP prompt guidance behind acp.enabled

* Docs: remove temp experiment plan docs

* Docs: scope streaming plan to holy grail refactor

* Docs: refactor ACP agents guide for human-first flow

* Docs/Skill: add ACP feature-flag guidance and direct acpx telephone-game flow

* Docs/Skill: add OpenCode and Pi to ACP harness lists

* Docs/Skill: align ACP harness list with current acpx registry

* Dev/Test: move ACP plain-language smoke script and mark as keep

* Docs/Skill: reorder ACP harness lists with Pi first

* ACP: split control-plane manager into core/types/utils modules

* Docs: refresh ACP thread-bound agents plan

* ACP: extract dispatch lane and split manager domains

* ACP: centralize binding context and remove reverse deps

* Infra: unify system message formatting

* ACP: centralize error boundaries and session id rendering

* ACP: enforce init concurrency cap and strict meta clear

* Tests: fix ACP dispatch binding mock typing

* Tests: fix Discord thread-binding mock drift and ACP request id

* ACP: gate slash bypass and persist cleared overrides

* ACPX: await pre-abort cancel before runTurn return

* Extension: pin acpx runtime dependency to 0.1.11

* Docs: add pinned acpx install strategy for ACP extension

* Extensions/acpx: enforce strict local pinned startup

* Extensions/acpx: tighten acp-router install guidance

* ACPX: retry runtime test temp-dir cleanup

* Extensions/acpx: require proactive ACPX repair for thread spawns

* Extensions/acpx: require restart offer after acpx reinstall

* extensions/acpx: remove workspace protocol devDependency

* extensions/acpx: bump pinned acpx to 0.1.13

* extensions/acpx: sync lockfile after dependency bump

* ACPX: make runtime spawn Windows-safe

* fix: align doctor-config-flow repair tests with default-account migration (#23580) (thanks @osolmaz)
 2026-02-26 11:00:09 +01:00
Josh Avant
72adf2458b CI: shard Windows test lane for faster CI critical path (#27234) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: f7c41089e0
Co-authored-by: joshavant <830519+joshavant@users.noreply.github.com>
Co-authored-by: joshavant <830519+joshavant@users.noreply.github.com>
Reviewed-by: @joshavant
 2026-02-26 00:33:36 -06:00
Peter Steinberger
e915b4c64a refactor: unify monitor abort lifecycle handling 2026-02-26 04:36:25 +01:00
Nimrod Gutman
b3f46f0e28 fix(test): stabilize low-mem parallel runner and cron session mock (#26324) 
* fix(test): stabilize low-mem parallel lane and cron session mock

* feat(android): make QR scanning first-class onboarding

* docs(android): update README for native Android workflow

* fix(android): stabilize chat composer ime and tab layout

* fix(android): stabilize chat ime insets and tab bar

* fix(android): remove tab bar gap above system nav

* fix(android): harden scanned setup code parsing

* test(android): cover non-string setupCode QR payload

* fix(test): add changelog note for low-mem test runner (#26324) (thanks @ngutman)

---------

Co-authored-by: Ayaan Zaidi <zaidi@uplause.io>
 2026-02-25 12:16:17 +02:00
Peter Steinberger
52d933b3a9 refactor: replace bot.molt identifiers with ai.openclaw 2026-02-25 05:03:24 +00:00
Peter Steinberger
146c92069b fix: stabilize live docker test handling 2026-02-25 04:35:05 +00:00
Peter Steinberger
7c59b78aee test: cap docker live model sweeps and harden timeouts 2026-02-25 02:48:34 +00:00
Peter Steinberger
def993dbd8 refactor(tmp): harden temp boundary guardrails 2026-02-24 23:51:10 +00:00
Peter Steinberger
d3da67c7a9 fix(security): lock sandbox tmp media paths to openclaw roots 2026-02-24 23:10:19 +00:00
Peter Steinberger
e806b34779 chore: remove changelog add helper script 2026-02-24 15:33:09 +00:00
Peter Steinberger
d18ae2256f refactor: unify channel plugin resolution, family ordering, and changelog entry tooling 2026-02-24 15:15:22 +00:00
Peter Steinberger
6c5ab543c0 refactor: tighten external-link policy and window.open guard 2026-02-24 15:05:31 +00:00
Peter Steinberger
069c56cd75 fix(ios): normalize team IDs before preferred match 
Co-authored-by: Brian Leach <bleach@gmail.com>
 2026-02-24 15:02:27 +00:00
Peter Steinberger
1ae8c0a589 fix(ios): make team-id python lookup cross-platform 
Co-authored-by: Brian Leach <bleach@gmail.com>
 2026-02-24 15:02:27 +00:00
Peter Steinberger
fd07861bc3 fix(ios): harden team-id profile fallback and tests 2026-02-24 15:02:27 +00:00
Brian Leach
73f526f025 fix(ios): support Xcode 16+ team detection and fix ntohl build error 
Xcode 16+/26 no longer writes IDEProvisioningTeams to the preferences
plist, breaking ios-team-id.sh for newly signed-in accounts. Add
provisioning profile fallback and actionable error when an account
exists but no team ID can be resolved. Also replace ntohl() with
UInt32(bigEndian:) for Swift 6 compatibility and gitignore Xcode
build output directories.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-24 15:02:27 +00:00
Shakker
e5836283ab ui: centralize safe external URL opening 2026-02-24 14:48:10 +00:00
Peter Steinberger
31f2bf9519 test: fix gate regressions 2026-02-24 04:39:53 +00:00
Shakker
ef1ffacfb2 scripts: exclude unresolved clawtributors from README 2026-02-24 02:55:02 +00:00
Peter Steinberger
6c441ea797 fix: support legacy and beta prerelease version formats 2026-02-24 02:05:37 +00:00
Nimrod Gutman
420c18364e fix(test): tier local vitest worker defaults by host memory 2026-02-23 21:19:21 +02:00
Peter Steinberger
89a4695020 test: consolidate shard tests for faster trigger/directive suites 2026-02-23 13:30:47 +00:00
Peter Steinberger
384a161bbc test: consolidate media auto-detect coverage 2026-02-23 04:25:00 +00:00