vrr/openclaw
2
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-19 16:25:50 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 18
openclaw/docs/gateway
History
Val Alexander 6a41a54212
fix(macos): harden direct gateway TLS pinning 
Summary:
- Require macOS system trust before saving and accepting first-use direct `wss://` gateway TLS pins.
- Honor `gateway.remote.tlsFingerprint` in macOS direct node-mode TLS params.
- Add focused Swift coverage and update remote gateway docs/changelog.

Verification:
- Local: swiftformat --lint on touched Swift files.
- Local: git diff --check HEAD~1..HEAD.
- Local: swift test --package-path apps/shared/OpenClawKit --filter GatewayTLSPinningTests.
- Local: swift test --package-path apps/macos --filter 'MacNodeModeCoordinatorTests|GatewayEndpointStoreTests'.
- Local: PATH=/Users/buns/.nvm/versions/node/v24.13.0/bin:$PATH pnpm docs:list.
- CI: macos-node, macos-swift, check-docs, security-fast, security-scm-fast, security-dependency-audit, Opengrep OSS, and changed-path checks passed on PR head cf383fc047.

Fixes #50642.
Supersedes #50643.
2026-05-13 21:30:22 -05:00
..
security Revert "refactor: move runtime state to SQLite" 2026-05-13 13:33:38 +01:00
authentication.md Revert "refactor: move runtime state to SQLite" 2026-05-13 13:33:38 +01:00
background-process.md feat(process): show input-wait hints in log and poll 2026-05-10 04:13:07 -04:00
bonjour.md fix(gateway): honor minimal discovery mode for wide-area DNS-SD [AI] (#80903) 2026-05-12 16:03:50 +05:30
bridge-protocol.md refactor: move canvas to plugin surfaces 2026-05-07 09:07:18 +01:00
cli-backends.md Revert "refactor: move runtime state to SQLite" 2026-05-13 13:33:38 +01:00
config-agents.md feat: steer mid-turn prompts by default (#77023) 2026-05-13 14:00:11 +01:00
config-channels.md docs(channels): document bot loop protection 2026-05-13 14:59:47 +01:00
config-tools.md Revert "refactor: move runtime state to SQLite" 2026-05-13 13:33:38 +01:00
configuration-examples.md feat: steer mid-turn prompts by default (#77023) 2026-05-13 14:00:11 +01:00
configuration-reference.md Revert "refactor: move runtime state to SQLite" 2026-05-13 13:33:38 +01:00
configuration.md Revert "refactor: move runtime state to SQLite" 2026-05-13 13:33:38 +01:00
diagnostics.md Revert "refactor: move runtime state to SQLite" 2026-05-13 13:33:38 +01:00
discovery.md docs: typography hygiene + 2 in-body H1 removals across 5 pages 2026-05-05 21:01:44 -07:00
doctor.md Revert "refactor: move runtime state to SQLite" 2026-05-13 13:33:38 +01:00
gateway-lock.md Revert "refactor: move runtime state to SQLite" 2026-05-13 13:33:38 +01:00
health.md Revert "refactor: move runtime state to SQLite" 2026-05-13 13:33:38 +01:00
heartbeat.md fix(heartbeat): multi-agent cadence — parallel broadcast, per-agent busy check, prompt assembly, connect-timeout, doctor warning (#80470) 2026-05-12 14:36:25 -07:00
index.md fix(gateway): persist macOS stop disable after bootout 2026-05-08 05:35:21 +01:00
local-model-services.md docs: add ds4 provider guide 2026-05-13 14:45:34 +01:00
local-models.md docs: add ds4 provider guide 2026-05-13 14:45:34 +01:00
logging.md Revert "refactor: move runtime state to SQLite" 2026-05-13 13:33:38 +01:00
multiple-gateways.md docs: full-page sentence-case sweep across 5 worst-offender pages 2026-04-26 23:58:35 -07:00
network-model.md docs: consolidate moved docs pages 2026-05-05 17:38:21 +01:00
openai-http-api.md fix(gateway): forward OpenAI sampling params 2026-05-13 08:35:48 +01:00
openresponses-http-api.md fix(gateway): forward OpenAI sampling params 2026-05-13 08:35:48 +01:00
openshell.md
opentelemetry.md fix(diagnostics): export Talk metrics after SDK refactor 2026-05-06 02:01:52 -07:00
operator-scopes.md fix(cli): retry admin device approval after ownership denial 2026-05-04 00:41:55 +01:00
pairing.md Revert "refactor: move runtime state to SQLite" 2026-05-13 13:33:38 +01:00
prometheus.md fix(diagnostics): export Talk metrics after SDK refactor 2026-05-06 02:01:52 -07:00
protocol.md fix(gateway): require v4 chat deltas 2026-05-13 16:06:37 +01:00
remote-gateway-readme.md docs: sentence-case sweep across 4 more pages 2026-04-27 00:01:52 -07:00
remote.md fix(macos): harden direct gateway TLS pinning 2026-05-13 21:30:22 -05:00
sandbox-vs-tool-policy-vs-elevated.md Clarify exec filesystem policy drift (#79153) 2026-05-07 20:05:19 -05:00
sandboxing.md fix: constrain Codex app-server sandbox 2026-05-11 18:23:00 +01:00
secrets-plan-contract.md Revert "refactor: move runtime state to SQLite" 2026-05-13 13:33:38 +01:00
secrets.md Revert "refactor: move runtime state to SQLite" 2026-05-13 13:33:38 +01:00
tailscale.md fix(gateway): preserve external Tailscale Funnel routes in serve mode 2026-05-08 09:28:51 -04:00
tools-invoke-http-api.md Clarify exec filesystem policy drift (#79153) 2026-05-07 20:05:19 -05:00
troubleshooting.md fix(auth): align operator bootstrap scopes 2026-05-11 14:14:33 -05:00
trusted-proxy-auth.md fix(docs): make docs formatter mintlify-safe 2026-04-28 08:13:21 +01:00