Commit graph

65423 commits

Author SHA1 Message Date
Peter Steinberger
41489d73ee
style(skills): satisfy probe delay lint 2026-07-09 04:15:57 -07:00
Peter Steinberger
bedd0bef42
test(skills): place remote skills under workspace root 2026-07-09 03:48:16 -07:00
Peter Steinberger
5f24cce3a3
test(skills): isolate remote bin signature configs 2026-07-09 03:42:23 -07:00
Peter Steinberger
ad845de7ed
fix(nodes): bind probes to live connections 2026-07-09 03:23:49 -07:00
Peter Steinberger
df42aea1e4
Merge remote-tracking branch 'origin/main' into codex/pr-79438-rewrite 2026-07-09 03:16:10 -07:00
Peter Steinberger
2cef2201d4
fix(nodes): retry probes after reconnect 2026-07-09 03:15:45 -07:00
Peter Steinberger
2f66c3c0c8 perf(test): skip gateway dispatch sleeps 2026-07-09 06:15:26 -04:00
Alix-007
c765b5de3b
fix(secrets): reject inherited exec response ids (#101739)
* fix(secrets): check own exec response ids

* test(secrets): cover inherited exec response errors

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 11:13:13 +01:00
NIO
32dee52329
fix(googlechat): cap approval binding registries (#101744)
Co-authored-by: NIO <nocodet@mail.com>
Co-authored-by: Cursor <cursoragent@cursor.com>
2026-07-09 11:12:32 +01:00
lsr911
6ad8a77b51
fix(telegram): use truncateUtf16Safe for raw update log truncation (#102567)
* fix(telegram): use truncateUtf16Safe for raw update log truncation

* refactor(telegram): own raw log bounds in formatter

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 11:11:35 +01:00
lsr911
e39e628a84
fix(active-memory): use truncateUtf16Safe for log value truncation (#102551)
* fix(active-memory): use truncateUtf16Safe for log value truncation

* fix(active-memory): use truncateUtf16Safe for log value truncation

* test(active-memory): cover UTF-16-safe log limits

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 11:10:42 +01:00
Peter Steinberger
4d6289fb7b
fix(nodes): probe the live post-pairing surface 2026-07-09 03:07:54 -07:00
Peter Steinberger
fc5a4defaf
feat(cohere): add current Command models (#102563)
* feat(cohere): add current Command models

* docs: keep release notes out of PR
2026-07-09 11:07:50 +01:00
Peter Steinberger
660b58ac40
chore: leave release changelog ownership centralized 2026-07-09 03:06:24 -07:00
Peter Steinberger
5cb5f38144
fix(ui): square chat rail toggles and center split-view opener in collapsed rail (#102639) 2026-07-09 11:06:24 +01:00
zw-xysk
9fa913740d
fix(tts-local-cli): handle stdout/stderr stream errors in speech provider (#102347)
* fix(tts-local-cli): handle stdout/stderr stream errors in speech provider

CLI TTS speech provider spawns a child process to generate audio and
registers stdout/stderr data listeners but omits stream error handlers.

stdout carries synthesized audio data. A pipe error mid-generation must
reject the promise so the caller does not silently receive truncated
audio when the child later exits zero. stderr carries diagnostic logs
only — errors there are benign and should not crash the provider.

Apply separate strategies matching vincentkoc's requirement:
- stdout (audio): error → reject(Promise) — surface the failure
- stderr (diagnostic): error → ignore — does not affect audio output

* fix lint: remove unused signal param from mock kill()

* fix(tts-local-cli): contain child stream failures

Co-authored-by: 赵旺0668001248 <zhao.wang1@xydigit.com>

* chore(tts-local-cli): keep release notes in PR body

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 11:06:10 +01:00
huangjianxiong
fae5421f81
fix(diagnostics-prometheus): use truncateUtf16Safe for error message truncation (#102591)
* fix(diagnostics-prometheus): use truncateUtf16Safe for error message truncation

The safeErrorMessage function uses naive .slice(0, 500) on error messages
which can split surrogate pairs. Replace with truncateUtf16Safe().

* test(diagnostics-prometheus): cover UTF-16-safe errors

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 11:04:47 +01:00
Peter Steinberger
578623955f
fix(nodes): defer and back off remote bin probes 2026-07-09 03:02:26 -07:00
huangjianxiong
4be6fa7413
fix(codex-supervisor): use truncateUtf16Safe for stderr tail truncation (#102590)
* fix(codex-supervisor): use truncateUtf16Safe for stderr tail truncation

StdioCodexJsonRpcConnection includes stderr output in the transport-closed
error message with a naive .slice(0, 1200) which can split surrogate pairs.
Replace with truncateUtf16Safe().

* test(codex-supervisor): cover UTF-16-safe stderr tails

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 10:59:17 +01:00
Peter Steinberger
d27d7ba6d3 perf(test): narrow gateway context reload coverage 2026-07-09 05:55:34 -04:00
lsr911
f650d641e4
fix(codex): use truncateUtf16Safe in trajectory and client parse log truncation (#102576)
* fix(codex): use truncateUtf16Safe in trajectory and client parse log truncation

Replace naive .slice(0, N) with truncateUtf16Safe() in:
- trajectory.ts: payload redaction display (20k char limit)
- client.ts: parse error log truncation

Co-Authored-By: Claude <noreply@anthropic.com>

* test(codex): cover UTF-16 truncation boundaries

---------

Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 10:53:25 +01:00
qingminlong
c86fe21cad
fix(browser): keep UTF-8 stderr tails valid (#102543) 2026-07-09 10:51:52 +01:00
lsr911
d0264de058
fix(gateway): use truncateUtf16Safe in WebSocket log formatting (#102561)
* fix(gateway): use truncateUtf16Safe in WebSocket log formatting

Replace naive .slice(0, N) with truncateUtf16Safe() at four sites:
- formatForLog() error chain display
- formatForLog() object message display
- formatForLog() string value display
- compactPreview() log compaction

Prevents surrogate pair splitting in gateway WS console logs.

Co-Authored-By: Claude <noreply@anthropic.com>

* test(gateway): cover UTF-16-safe WebSocket log bounds

---------

Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 10:47:01 +01:00
Peter Steinberger
60bef7bd41
fix(release): accept tool-only completion signal (#102600)
* test(release): accept tool-only completion signal

* test(release): retry transient tool-read failures
2026-07-09 10:46:33 +01:00
lsr911
b8cca6ac72
fix(logging): use truncateUtf16Safe in diagnostic stability and session context (#102570)
* fix(logging): use truncateUtf16Safe in diagnostic stability and session context

Replace naive .slice(0, N) with truncateUtf16Safe() in:
- diagnostic-stability-bundle.ts: error message sanitization
- diagnostic-session-context.ts: quoted field value truncation

Co-Authored-By: Claude <noreply@anthropic.com>

* test(logging): cover diagnostic UTF-16 bounds

* style(logging): normalize diagnostic imports

---------

Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 10:45:28 +01:00
lsr911
4792fa583f
fix(auto-reply): keep ACP steer output UTF-16 safe (#102583)
* fix(auto-reply): use truncateUtf16Safe in bash command and ACP steer output truncation

Replace naive .slice(0, N) with truncateUtf16Safe() in:
- bash-command.ts: shell command name preview
- lifecycle.ts: ACP steer output text

Co-Authored-By: Claude <noreply@anthropic.com>

* test(auto-reply): prove safe ACP steer output bounds

---------

Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 10:44:00 +01:00
maweibin
9bf212765f
fix(ui): keep workboard capture text truncation UTF-16 safe (#102544)
* fix(ui): keep workboard capture text truncation UTF-16 safe

Replace raw .slice(0, N - 3) with truncateUtf16Safe in
clampSessionCaptureText and clampSessionCaptureTitle to prevent
lone surrogates when emoji cross the truncation boundary.

Completes the UTF-16 hardening started in #101685, which added the
import but only covered buildCardSessionLabel.

* test(ui): cover workboard UTF-16 boundaries

* docs(changelog): note Workboard UTF-16 fix

* docs(changelog): leave release notes to release flow

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 10:42:34 +01:00
lsr911
bb1fa4012e
fix(memory-host): use truncateUtf16Safe for QMD stderr context truncation (#102547)
* fix(memory-host): use truncateUtf16Safe for QMD stderr context truncation

* test(memory): cover UTF-16-safe qmd stderr summary

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 10:38:43 +01:00
Peter Steinberger
4cc92009ed
feat(mac): unified Liquid Glass pairing approval panel (#102601)
* feat(mac): unified Liquid Glass pairing approval panel

Replace the serial node/device pairing NSAlerts with one floating
approval panel. Both prompters feed request cards into a shared
PairingApprovalCenter; each card shows a hardware icon, platform and
model, app/core version, source IP, a copyable short id, request age,
a trust line (first connection / already-paired-id caution / repair
token rotation), and a friendly access summary with an elevated
warning for system.run-class commands. Requests resolved elsewhere
disappear live; Not Now snoozes without resolving (gateway TTL
applies) and the menu-bar pending line reopens the panel. Liquid
Glass surface on macOS 26+, material fallback on macOS 15. Deletes
the NSAlert + invisible-host-window machinery, dead node isRepair
handling, and text-only describe() body.

Closes #102535

* fix(mac): satisfy swiftformat conditionalAssignment and resync native i18n inventory
2026-07-09 10:31:42 +01:00
wangmiao0668000666
6433b82723
fix(qa-lab): surface gateway child stream failures (#102104)
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 10:28:32 +01:00
Peter Steinberger
fd34019b4d
fix(agents): keep prompt history append-only mid-session (#99495) (#102610)
Session-scoped tool-result projection freeze (shrink-only, stable
fallback identities for ambiguous tool ids) and a sent-watermark so
late-resolving inbound media appends a new user turn instead of
rewriting an already-sent slot. Stops Anthropic prompt-cache tail
invalidation on busy/media-heavy embedded sessions.
2026-07-09 10:28:10 +01:00
xingzhou
4ad94febcb
fix(agents): keep cleanup timeout details UTF-16 safe (#102565) 2026-07-09 10:17:59 +01:00
Samuel Alake
3f2466c4c3
fix(swift): keep device auth compatible with v2 gateways (#80656)
* fix(swift): keep device auth compatible with v2 gateways

* refactor(swift): contain v2 auth compatibility

* docs(changelog): note Swift v2 auth compatibility

* chore(apple): sync native string inventory

* chore: keep release changelog owned

---------

Co-authored-by: Val Alexander <68980965+BunsDev@users.noreply.github.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 10:15:47 +01:00
Peter Steinberger
e500a4f017
feat: session context menu (kebab + right-click) on the Sessions page (#102564)
* feat(ui): add session context menu to sessions page rows

Extract the sidebar session menu into a shared <openclaw-session-menu>
component and open it from a kebab button or row right-click on the
Sessions page, replacing the per-row unread/fork/pin/archive/workboard
icon buttons. Adds Open chat, Rename, Move to group, and per-row Delete
to the page; guards (main/global/active-run) now flow through
canArchiveSessionRow on both surfaces.

* fix(ui): retarget gateway session after deleting the current session from the sessions page

Deleting the currently selected session via the new row menu (or the
bulk bar) left gateway.snapshot.sessionKey pointing at the deleted key;
fall back to the agent main session, mirroring the archive path and the
sidebar delete path.
2026-07-09 10:15:08 +01:00
lsr911
0de5d37f92
fix(logging): keep bounded log text UTF-16 safe (#102560)
* fix(logging): use truncateUtf16Safe in diagnostic log text clamp

Replace naive .slice(0, maxChars) with truncateUtf16Safe() in
clampDiagnosticLogText() — the core helper used by all diagnostic
log output (sanitizeDiagnosticLogText, formatDiagnosticAttributes,
etc.). This prevents surrogate pair splitting across the entire
diagnostic logging subsystem.

Co-Authored-By: Claude <noreply@anthropic.com>

* fix(logging): preserve UTF-16 in bounded log text

---------

Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 10:11:27 +01:00
wings1029
f7cc6ebe1e
fix(agent-core,memory-core): keep compaction summary and memory snippet truncation UTF-16 safe (#102542)
* fix(agent-core,memory-core): keep compaction summary and memory snippet truncation UTF-16 safe

* fix: make compaction and memory truncation UTF-16 safe

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 10:08:11 +01:00
Josh
b8a801930a
chore: align iOS icons with favicon mark (#101411)
* chore: align iOS icons with favicon mark

* fix(ios): restore distinct debug app icons

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 10:07:58 +01:00
Peter Steinberger
f141af7fd7
fix(ui): keep streamed talk voice-turn transcripts readable (#102573)
* fix(ui): keep streamed talk voice-turn transcripts readable

Talk voice turns collapsed to one character per line in the macOS app
(WKWebView) while streaming: WebKit never re-runs shrink-to-fit intrinsic
sizing for a grid flex-item as its content grows, so the turn froze at
first-delta width. Convert the turn to a flex row (same visual layout).

Assistant transcript deltas also merged through the user-ASR word-boundary
spacing heuristic, mangling verbatim fragments ("Chat G PT"). Assistant
entries now concatenate fragments verbatim, space only sentence-punctuation
joins, and accept both full-transcript and tail-fragment finals.

Fixes #102556

* fix(ui): keep assistant talk fragments strictly verbatim

Drop the sentence-punctuation separator: it invented characters in real
content (Version 1. 2, docs.openclaw. ai) and Google Live tail-finals
could never heal it. The punctuation-spacing heuristic remains user-only.
2026-07-09 10:07:14 +01:00
lsr911
3ac7729f4c
fix(mistral): use truncateUtf16Safe for error text truncation (#102539)
* fix(mistral): use truncateUtf16Safe for error text truncation

Replace naive .slice(0, maxChars) with truncateUtf16Safe() in
truncateErrorText() to prevent surrogate pair splitting in
Mistral provider error messages shown to users.

Co-Authored-By: Claude <noreply@anthropic.com>

* fix(ai): keep Mistral errors UTF-16 safe

---------

Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 10:03:51 +01:00
mahmoud
32510a3225
improve(ios): show connection progress and errors prominently in onboarding gateway step (#101921)
* fix(ios): surface connection progress and errors prominently in onboarding gateway step

* fix(ios): surface onboarding validation failures

* chore(ios): sync native string inventory

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 10:03:26 +01:00
Ayaan Zaidi
e975d49238 fix(agents): skip wham probe when oauth access token is locally expired 2026-07-09 14:29:38 +05:30
Ayaan Zaidi
1ad346e465 test(codex): align shared-client version fixtures with the 0.143.0 floor 2026-07-09 14:26:05 +05:30
Ayaan Zaidi
8589759818 fix(codex): keep terminal idle backstop gated during in-flight app-server requests 2026-07-09 14:26:05 +05:30
Ayaan Zaidi
4af2ca0a4d fix(agents): extend live CLI no-output watchdog to the blocked-tool floor 2026-07-09 14:26:05 +05:30
Ayaan Zaidi
bb1da73b14 fix(codex): fail detached-but-leased clients on suspect retirement 2026-07-09 14:26:05 +05:30
Ayaan Zaidi
80b2b709ca fix(codex): scope client fan-out to terminal liveness kills 2026-07-09 14:26:05 +05:30
Ayaan Zaidi
ca3f247eb2 fix(codex): fan out app-server liveness retirement 2026-07-09 14:26:05 +05:30
Ayaan Zaidi
e4949996d1 fix(agents): apply provider-class idle ceilings to explicit run budgets 2026-07-09 14:26:05 +05:30
Ayaan Zaidi
048f2096d2 fix(agents): keep provider-class idle tiers under agent budgets and cron 2026-07-09 14:26:05 +05:30
Ayaan Zaidi
e00236d20c docs: correct cron self-hosted idle watchdog wording 2026-07-09 14:26:05 +05:30