LLM/moltbot
1
0
Fork 0
mirror of https://github.com/moltbot/moltbot.git synced 2026-03-08 06:54:24 +00:00
Code Issues Packages Projects Releases Wiki Activity
14,132 Commits 634 Branches 72 Tags
b482da8c9abf6921184ff88be69da66aae163ab7
Commit Graph

8935 Commits

Author SHA1 Message Date
Peter Steinberger
80f430c2be fix(daemon): extend restart health timeout and improve restart errors 2026-02-23 01:50:02 +01:00
Peter Steinberger
278331c49c fix(exec): restore sandbox as implicit host default 2026-02-23 01:48:24 +01:00
Tak Hoffman
211ab9e4f6 Cron: persist manual run marker before unlock (#23993) 
* Cron: persist manual run marker before unlock

* Cron tests: relax wakeMode now microtask wait after run lock persist
 2026-02-22 18:39:37 -06:00
SleuthCo.AI
9c87b53c8e security(cli): redact sensitive values in config get output (#23654) 
* security(cli): redact sensitive values in config get output

`runConfigGet()` reads raw config values but never applies redaction
before printing. When a user runs `openclaw config get gateway.token`
the real credential is printed to the terminal, leaking it into shell
history, scrollback buffers, and screenshots.

Use the existing `redactConfigObject()` (from redact-snapshot.ts,
already used by the Web UI path) to scrub sensitive fields before
`getAtPath()` resolves the requested key.

Fixes #13683

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* CLI/Config: add redaction regression test and changelog

---------

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
 2026-02-22 19:37:33 -05:00
Vignesh Natarajan
f0542df9f0 Docker: precreate identity dir in docker setup 2026-02-22 16:33:53 -08:00
Peter Steinberger
60c494c024 test: tighten mistral media and onboarding coverage 2026-02-23 00:19:05 +00:00
Phineas1500
8a8faf066e doctor: clean up legacy Linux gateway services (#21188) 
* Doctor: clean up legacy Linux gateway services

* doctor: refactor legacy service cleanup flow

* doctor: fix legacy systemd cleanup map key typing

* doctor: add changelog entry for legacy Linux service cleanup

---------

Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
 2026-02-22 19:18:59 -05:00
Phineas1500
320b62265d fix(models): synthesize antigravity Gemini 3.1 pro high/low models (#22899) 
* Models: add antigravity Gemini 3.1 forward-compat

* models: propagate availability to Gemini 3.1 dot IDs

* test(models): format Gemini 3.1 forward-compat test

* test(models): type Gemini 3.1 forward-compat fixtures

* models: add changelog note for antigravity gemini 3.1 forward-compat

---------

Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
 2026-02-22 19:11:39 -05:00
Vignesh Natarajan
5c7c37a02a Agents: infer auth-profile unavailable failover reason 2026-02-22 16:10:32 -08:00
Phineas1500
331b728b8d fix(tui): add OSC 8 hyperlinks for wrapped URLs (#17814) 
* feat(tui): add OSC 8 hyperlinks to make wrapped URLs clickable

Long URLs that exceed terminal width get broken across lines by pi-tui's
word wrapping, making them unclickable. Post-process rendered markdown
output to add OSC 8 terminal hyperlink sequences around URL fragments,
so each line fragment links to the full URL. Gracefully degrades on
terminals without OSC 8 support.

* tui: harden OSC8 URL extraction and prefix resolution

* tui: add changelog entry for OSC 8 markdown hyperlinks

---------

Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
 2026-02-22 19:09:07 -05:00
Vincent Koc
d92ba4f8aa feat: Provider/Mistral full support for Mistral on OpenClaw 🇫🇷 (#23845) 
* Onboard: add Mistral auth choice and CLI flags

* Onboard/Auth: add Mistral provider config defaults

* Auth choice: wire Mistral API-key flow

* Onboard non-interactive: support --mistral-api-key

* Media understanding: add Mistral Voxtral audio provider

* Changelog: note Mistral onboarding and media support

* Docs: add Mistral provider and onboarding/media references

* Tests: cover Mistral media registry/defaults and auth mapping

* Memory: add Mistral embeddings provider support

* Onboarding: refresh Mistral model metadata

* Docs: document Mistral embeddings and endpoints

* Memory: persist Mistral embedding client state in managers

* Memory: add regressions for mistral provider wiring

* Gateway: add live tool probe retry helper

* Gateway: cover live tool probe retry helper

* Gateway: retry malformed live tool-read probe responses

* Memory: support plain-text batch error bodies

* Tests: add Mistral Voxtral live transcription smoke

* Docs: add Mistral live audio test command

* Revert: remove Mistral live voice test and docs entry

* Onboard: re-export Mistral default model ref from models

* Changelog: credit joeVenner for Mistral work

* fix: include Mistral in auto audio key fallback

* Update CHANGELOG.md

* Update CHANGELOG.md

---------

Co-authored-by: Shakker <shakkerdroid@gmail.com>
 2026-02-23 00:03:56 +00:00
yinghaosang
a66b98a9da fix(plugins): hook systemPrompt gets collected then thrown away (#14583) (#14602) 
* fix(plugins): apply before_agent_start hook systemPrompt to session (#14583)

* fix(plugins): apply legacy systemPrompt override and add changelog credit

---------

Co-authored-by: yinghaosang <yinghaosang@users.noreply.github.com>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
 2026-02-22 18:58:21 -05:00
Peter Steinberger
14c54e6501 fix(reasoning): persist off override for discord directives 2026-02-23 00:50:13 +01:00
Peter Steinberger
f79e3d5f03 fix(agents): remove synthetic done fallback reply 2026-02-23 00:50:00 +01:00
Vignesh Natarajan
1000ff04ea fix(memory): hard-cap embedding inputs before batch 2026-02-22 15:40:18 -08:00
Aether AI
d306fc8ef1 fix(security): OC-07 redact session history credentials and enforce webhook secret (#16928) 
* Security: refresh sessions history redaction patch

* tests: align sessions_history redaction-only truncation expectation

* Changelog: credit sessions history security hardening

---------

Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
 2026-02-22 18:29:40 -05:00
Tak Hoffman
3efe63d1ad Cron: respect aborts in main wake-now retries (#23967) 
* Cron: respect aborts in main wake-now retries

* Changelog: add main-session cron abort retry fix note

* Cron tests: format post-rebase conflict resolution
 2026-02-22 17:19:27 -06:00
Tak Hoffman
9bc265f379 Cron: clean run-log write queue entries (#23968) 
* Cron: clean run-log write queue entries

* Changelog: add cron run-log write-queue cleanup note
 2026-02-22 17:16:42 -06:00
Johann Zahlmann
22c9018303 WhatsApp: enforce allowFrom for explicit outbound sends (#20921) 
* whatsapp: enforce allowFrom in explicit outbound mode

* Update CHANGELOG.md

---------

Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
 2026-02-22 18:13:23 -05:00
Vignesh Natarajan
d7747148d0 fix(memory): reindex when sources change 2026-02-22 15:12:07 -08:00
Robin Waslander
44727dc3a1 security(web_fetch): strip hidden content to prevent indirect prompt injection (#21074) 
* security(web_fetch): strip hidden content to prevent indirect prompt injection

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

* security(web_fetch): address review feedback and credit author

* chore(changelog): credit reporter for web_fetch security fix

---------

Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
 2026-02-22 18:10:26 -05:00
Tak Hoffman
73e5bb7635 Cron: apply timeout to startup catch-up runs (#23966) 
* Cron: apply timeout to startup catch-up runs

* Changelog: add cron startup timeout catch-up note
 2026-02-22 17:04:30 -06:00
Vignesh Natarajan
a58b40e153 chore(test): stabilize mcporter assertions on Windows 2026-02-22 14:47:50 -08:00
Vignesh Natarajan
82d34b4b06 fix(memory): harden qmd collection recovery 2026-02-22 14:40:04 -08:00
Peter Steinberger
84e5ab598a fix: make windows CI path handling deterministic 2026-02-22 22:34:49 +00:00
Peter Steinberger
3b0e62d5bf fix(doctor): warn that approvals.exec.enabled only disables forwarding 
Co-authored-by: nomadonwheels196 <nomadonwheels196@users.noreply.github.com>
 2026-02-22 23:33:15 +01:00
Peter Steinberger
a30f9c8673 fix(sandbox): fallback docker user to workspace owner uid/gid 
Co-authored-by: LucasAIBuilder <LucasAIBuilder@users.noreply.github.com>
 2026-02-22 23:33:15 +01:00
Peter Steinberger
394a1af70f fix(exec): apply per-agent exec defaults for opaque session keys 
Co-authored-by: brin-tapcart <brin-tapcart@users.noreply.github.com>
 2026-02-22 23:33:14 +01:00
Peter Steinberger
427b4360b9 build: update deps and stabilize tests 2026-02-22 23:32:38 +01:00
Peter Steinberger
a5917e4ad8 test(exec): resolve rebase artifact in bash-tools test 2026-02-22 22:25:47 +00:00
Vignesh Natarajan
1ad9f9af5a fix(memory): resolve qmd Windows shim commands 2026-02-22 14:24:49 -08:00
Peter Steinberger
cd919ebd2d refactor(exec): unify wrapper resolution and split approvals tests 2026-02-22 23:20:09 +01:00
mudrii
3645420a33 perf: skip cache-busting for bundled hooks, use mtime for workspace hooks (openclaw#16960) thanks @mudrii 
Verified:
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: mudrii <220262+mudrii@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-22 16:14:51 -06:00
Peter Steinberger
84303f6a78 test: make exec timeout coverage deterministic 2026-02-22 22:14:01 +00:00
Peter Steinberger
13db0b88f5 refactor(gateway): share safe avatar file open checks 2026-02-22 23:12:45 +01:00
Peter Steinberger
7b229decdd test(perf): dedupe fixtures and reduce flaky waits 2026-02-22 22:06:01 +00:00
Peter Steinberger
b534dfa3e0 fix(slack,web): harden thread hints and monitor tuning 2026-02-22 22:06:01 +00:00
Peter Steinberger
57b75678d4 test(security): consolidate runtime guardrail scans 2026-02-22 22:06:01 +00:00
Peter Steinberger
c677be9d5f fix(exec): skip default timeout for background sessions 2026-02-22 23:03:44 +01:00
Peter Steinberger
4b0fddc075 fix(test): prevent env leak causing models.json CI flake 2026-02-22 22:00:44 +00:00
Peter Steinberger
862975507a refactor(exec): split command resolution and trusted-dir normalization 2026-02-22 23:00:33 +01:00
Peter Steinberger
24c954d972 fix(security): harden allow-always wrapper persistence 2026-02-22 22:55:33 +01:00
Peter Steinberger
1e582dcc6f fix: harden windows path handling in CI tests 2026-02-22 21:52:10 +00:00
Tak Hoffman
556af3f08b fix(cron): cancel timed-out runs before side effects (openclaw#22411) thanks @Takhoffman 
Verified:
- pnpm check
- pnpm vitest run src/memory/qmd-manager.test.ts src/cron/service.issue-regressions.test.ts src/cron/isolated-agent.delivers-response-has-heartbeat-ok-but-includes.test.ts --maxWorkers=1

Co-authored-by: Takhoffman <781889+Takhoffman@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-22 15:45:27 -06:00
Peter Steinberger
64b273a71c fix(exec): harden safe-bin trust and add explicit trusted dirs 2026-02-22 22:43:18 +01:00
Vignesh Natarajan
08fb38f729 Fix: resolve pnpm check type regressions 2026-02-22 13:40:51 -08:00
Peter Steinberger
6970c2c2db fix(gateway): harden control-ui avatar reads 2026-02-22 22:40:22 +01:00
Peter Steinberger
e16f93af0c fix: stabilize ci test typings and mocks 2026-02-22 21:38:47 +00:00
Peter Steinberger
3f0b9dbb36 fix(security): block shell-wrapper line-continuation allowlist bypass 2026-02-22 22:36:29 +01:00
Peter Steinberger
7c109f5737 fix: resolve ci type errors and reconnect test flake 2026-02-22 21:35:20 +00:00