LLM/moltbot
1
0
Fork 0
mirror of https://github.com/moltbot/moltbot.git synced 2026-03-08 06:54:24 +00:00
Code Issues Packages Projects Releases Wiki Activity
14,608 Commits 634 Branches 72 Tags
f4e6f873033db95bed92555920734107d54c6ee6
Commit Graph

1538 Commits

Author SHA1 Message Date
Nimrod Gutman
d58f71571a feat(talk): add provider-agnostic config with legacy compatibility 2026-02-24 15:02:52 +00:00
Peter Steinberger
7c99a733a9 fix: harden macOS usage cost submenu recursion guard (#25341) (thanks @yingchunbai) 2026-02-24 13:48:59 +00:00
yingchunbai
96b21f4823 fix(macos): remove self-delegate on cost usage submenu to prevent recursive dropdown 
The cost usage submenu set `menu.delegate = self` (the MenuSessionsInjector),
which caused `menuWillOpen(_:)` to call `inject(into:)` on the submenu when
it opened. This re-inserted the "Usage cost (30 days)" item into the submenu,
creating an infinite recursive dropdown.

Fix: remove the delegate assignment from the submenu — it does not need
the injector's delegate behavior since it only contains a static chart view.

Closes #25167

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-24 13:48:59 +00:00
Peter Steinberger
2bad30b4d3 chore(release): bump version to 2026.2.24 2026-02-24 13:42:43 +00:00
Peter Steinberger
19d0ddc679 fix: regenerate protocol swift models for nodeId (#24991) (thanks @stakeswky) 2026-02-24 04:34:49 +00:00
Ayaan Zaidi
61db3d4a16 fix(protocol): regenerate swift gateway models 2026-02-23 11:52:42 +05:30
Tak Hoffman
9e1a13bf4c Gateway/UI: data-driven agents tools catalog with provenance (openclaw#24199) thanks @Takhoffman 
Verified:
- pnpm install --frozen-lockfile
- pnpm build
- gh pr checks 24199 --watch --fail-fast

Co-authored-by: Takhoffman <781889+Takhoffman@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-22 23:55:59 -06:00
Peter Steinberger
558a0137bb chore(release): bump versions to 2026.2.23 2026-02-23 05:13:46 +01:00
Tak Hoffman
f8171ffcdc Config UI: tag filters and complete schema help/labels coverage (#23796) 
* Config UI: add tag filters and complete schema help/labels

* Config UI: finalize tags/help polish and unblock test suite

* Protocol: regenerate Swift gateway models
 2026-02-22 15:17:07 -06:00
Peter Steinberger
e80c803fa8 fix(security): block shell env allowlist bypass in system.run 2026-02-22 12:47:05 +01:00
Yuzuru Suzuki
6f7e5f92c3 fix: add operator.read and operator.write to default CLI scopes (#22582) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 8569fc88c9
Co-authored-by: YuzuruS <1485195+YuzuruS@users.noreply.github.com>
Co-authored-by: obviyus <22031114+obviyus@users.noreply.github.com>
Reviewed-by: @obviyus
 2026-02-22 16:36:18 +05:30
Peter Steinberger
a96d89f343 refactor: unify exec wrapper resolution and parity fixtures 2026-02-22 10:26:44 +01:00
Peter Steinberger
2b63592be5 fix: harden exec allowlist wrapper resolution 2026-02-22 09:52:02 +01:00
Peter Steinberger
c2c7114ed3 fix(security): block HOME and ZDOTDIR env override injection 2026-02-22 09:42:55 +01:00
Peter Steinberger
8887f41d7d refactor(gateway)!: remove legacy v1 device-auth handshake 2026-02-22 09:27:03 +01:00
Peter Steinberger
bfe016fa29 fix: clear stale remote discovery endpoints (#21618) (thanks @bmendonca3) 2026-02-22 00:04:36 +01:00
Brian Mendonca
617e38cec0 Security/macos: enforce wss for non-loopback direct gateway 2026-02-21 23:57:34 +01:00
Brian Mendonca
8942ac04a8 fix(security): fail closed on unauthenticated discovery routing 2026-02-21 23:57:34 +01:00
Peter Steinberger
1bc5c2a7e9 refactor: unify exec shell parser parity and gateway websocket test helpers 2026-02-21 23:17:12 +01:00
Peter Steinberger
2028ca4428 fix(macos): unify exec allowlist validation pipeline 2026-02-21 23:09:07 +01:00
Peter Steinberger
dd41fadcaf fix(macos): enforce path-only exec allowlist patterns 2026-02-21 22:58:40 +01:00
Peter Steinberger
90a378ca3a fix(macos): block quoted shell substitution in allowlist checks 2026-02-21 22:57:53 +01:00
Peter Steinberger
25e89cc863 fix(security): harden shell env fallback 2026-02-21 20:01:08 +01:00
Peter Steinberger
e371da38aa fix(macos): consolidate exec approval evaluation 2026-02-21 19:30:35 +01:00
Peter Steinberger
fa89ae8e9e fix: stabilize swift protocol generation and flaky tests 2026-02-21 16:53:46 +01:00
Peter Steinberger
5da03e6221 fix(macos): harden exec allowlist shell-chain checks 2026-02-21 16:27:18 +01:00
Onur
8178ea472d feat: thread-bound subagents on Discord (#21805) 
* docs: thread-bound subagents plan

* docs: add exact thread-bound subagent implementation touchpoints

* Docs: prioritize auto thread-bound subagent flow

* Docs: add ACP harness thread-binding extensions

* Discord: add thread-bound session routing and auto-bind spawn flow

* Subagents: add focus commands and ACP/session binding lifecycle hooks

* Tests: cover thread bindings, focus commands, and ACP unbind hooks

* Docs: add plugin-hook appendix for thread-bound subagents

* Plugins: add subagent lifecycle hook events

* Core: emit subagent lifecycle hooks and decouple Discord bindings

* Discord: handle subagent bind lifecycle via plugin hooks

* Subagents: unify completion finalizer and split registry modules

* Add subagent lifecycle events module

* Hooks: fix subagent ended context key

* Discord: share thread bindings across ESM and Jiti

* Subagents: add persistent sessions_spawn mode for thread-bound sessions

* Subagents: clarify thread intro and persistent completion copy

* test(subagents): stabilize sessions_spawn lifecycle cleanup assertions

* Discord: add thread-bound session TTL with auto-unfocus

* Subagents: fail session spawns when thread bind fails

* Subagents: cover thread session failure cleanup paths

* Session: add thread binding TTL config and /session ttl controls

* Tests: align discord reaction expectations

* Agent: persist sessionFile for keyed subagent sessions

* Discord: normalize imports after conflict resolution

* Sessions: centralize sessionFile resolve/persist helper

* Discord: harden thread-bound subagent session routing

* Rebase: resolve upstream/main conflicts

* Subagents: move thread binding into hooks and split bindings modules

* Docs: add channel-agnostic subagent routing hook plan

* Agents: decouple subagent routing from Discord

* Discord: refactor thread-bound subagent flows

* Subagents: prevent duplicate end hooks and orphaned failed sessions

* Refactor: split subagent command and provider phases

* Subagents: honor hook delivery target overrides

* Discord: add thread binding kill switches and refresh plan doc

* Discord: fix thread bind channel resolution

* Routing: centralize account id normalization

* Discord: clean up thread bindings on startup failures

* Discord: add startup cleanup regression tests

* Docs: add long-term thread-bound subagent architecture

* Docs: split session binding plan and dedupe thread-bound doc

* Subagents: add channel-agnostic session binding routing

* Subagents: stabilize announce completion routing tests

* Subagents: cover multi-bound completion routing

* Subagents: suppress lifecycle hooks on failed thread bind

* tests: fix discord provider mock typing regressions

* docs/protocol: sync slash command aliases and delete param models

* fix: add changelog entry for Discord thread-bound subagents (#21805) (thanks @onutc)

---------

Co-authored-by: Shadow <hi@shadowing.dev>
 2026-02-21 16:14:55 +01:00
Peter Steinberger
f202e73077 refactor(security): centralize host env policy and harden env ingestion 2026-02-21 13:04:39 +01:00
Peter Steinberger
2cdbadee1f fix(security): block startup-file env injection across host execution paths 2026-02-21 11:44:20 +01:00
Peter Steinberger
9231d7d30f chore: bump version to 2026.2.21 2026-02-21 11:02:30 +01:00
Harold Hunt
844d84a7f5 Issue 17774 - Usage - Local - Show data from midnight to midnight of selected dates for browser time zone (AI assisted) (openclaw#19357) thanks @huntharo 
Verified:
- pnpm install --frozen-lockfile
- pnpm build
- pnpm check
- pnpm test:macmini (override approved by Tak for this run; local baseline failures outside PR scope)

Co-authored-by: huntharo <5617868+huntharo@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-20 20:09:03 -06:00
Mariano
774d73b458 fix(macos): reject insecure non-loopback ws remote gateway urls (#21971) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 9e8cdbf095
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
 2026-02-20 16:34:00 +00:00
Peter Steinberger
f66b23de75 chore(release): bump versions to 2026.2.20 2026-02-20 00:02:53 +01:00
Peter Steinberger
b0e55283d5 chore: bump release metadata to 2026.2.19 2026-02-19 16:17:34 +01:00
Peter Steinberger
4344699574 build: regenerate swift protocol models for updateAvailable 2026-02-19 08:54:30 +00:00
Mariano
750276fa36 fix(protocol): regenerate Swift models for push.test (#20325) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 9281e7ad03
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
 2026-02-18 20:04:03 +00:00
Peter Steinberger
168d24526e chore(protocol): regenerate Swift models for device pair remove params 2026-02-18 14:01:34 +00:00
the sun gif man
114736ed1a Doctor/Security: fix telegram numeric ID + symlink config permission warnings (#19844) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: e42bf1e48d
Co-authored-by: joshp123 <1497361+joshp123@users.noreply.github.com>
Co-authored-by: joshp123 <1497361+joshp123@users.noreply.github.com>
Reviewed-by: @joshp123
 2026-02-18 00:09:51 -08:00
Peter Steinberger
8278903f0a fix: update deep links handling 2026-02-18 04:40:42 +01:00
Peter Steinberger
4bf3338834 chore: bump version to 2026.2.18 unreleased 2026-02-18 04:40:06 +01:00
Peter Steinberger
5bd95bef5a fix(protocol): regenerate swift gateway models 2026-02-18 01:37:34 +00:00
Peter Steinberger
9a2c39419e chore(release): bump version to 2026.2.17 2026-02-17 23:08:55 +01:00
Vignesh Natarajan
a7c25f203a Protocol: regenerate cron Swift models 2026-02-17 01:54:59 +01:00
Peter Steinberger
8c241449f5 fix(protocol): sync generated gateway swift models 2026-02-16 23:33:05 +00:00
Advait Paliwal
bc67af6ad8 cron: separate webhook POST delivery from announce (#17901) 
* cron: split webhook delivery from announce mode

* cron: validate webhook delivery target

* cron: remove legacy webhook fallback config

* fix: finalize cron webhook delivery prep (#17901) (thanks @advaitpaliwal)

---------

Co-authored-by: Tyler Yust <TYTYYUST@YAHOO.COM>
 2026-02-16 02:36:00 -08:00
Peter Steinberger
39fa81dc96 chore: bump version to 2026.2.16 2026-02-16 06:08:47 +01:00
Advait Paliwal
115cfb4430 gateway: add cron finished-run webhook (#14535) 
* gateway: add cron finished webhook delivery

* config: allow cron webhook in runtime schema

* cron: require notify flag for webhook posts

* ui/docs: add cron notify toggle and webhook docs

* fix: harden cron webhook auth and fill notify coverage (#14535) (thanks @advaitpaliwal)

---------

Co-authored-by: Tyler Yust <TYTYYUST@YAHOO.COM>
 2026-02-15 16:14:17 -08:00
Peter Steinberger
3cd786cc2d refactor(swift): share discovery status text 2026-02-15 20:40:47 +00:00
Peter Steinberger
ef2c66a16b refactor(camera): centralize JPEG transcode cap 2026-02-15 20:33:14 +00:00
Peter Steinberger
71009ab1b6 refactor(macos): share tailnet IPv4 detection 2026-02-15 20:22:40 +00:00