vrr/openclaw
2
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-22 12:01:40 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 19
openclaw/src
History
Andrew Demczuk 089a43f5e8
fix(security): block build-tool and glibc env injection vectors in host exec sandbox (#49702) 
Add GLIBC_TUNABLES, MAVEN_OPTS, SBT_OPTS, GRADLE_OPTS, ANT_OPTS,
DOTNET_ADDITIONAL_DEPS to blockedKeys and GRADLE_USER_HOME to
blockedOverrideKeys in the host exec security policy.

Closes #22681
2026-03-18 13:11:01 +01:00
..
acp ACP: reproduce binding restart session reset (#49435) 2026-03-18 07:24:38 +01:00
agents Main recovery: restore formatter and contract checks (#49570) 2026-03-18 00:30:01 -07:00
auto-reply test(telegram): stabilize inbound media harness 2026-03-18 13:35:56 +05:30
bindings ACP: harden startup and move configured routing behind plugin seams (#48197) 2026-03-17 17:27:52 +01:00
browser
canvas-host
channels Main recovery: restore formatter and contract checks (#49570) 2026-03-18 00:30:01 -07:00
cli Plugins: add LSP server loader and surface in inspect reports 2026-03-18 00:12:24 -07:00
commands Main recovery: restore formatter and contract checks (#49570) 2026-03-18 00:30:01 -07:00
compat
config Config: align model compat thinking format types 2026-03-18 02:45:15 -07:00
context-engine feat: expose context-engine compaction delegate helper (#49061) 2026-03-17 22:54:18 -07:00
cron refactor: clean extension api boundaries 2026-03-17 09:38:21 -07:00
daemon ACP: harden startup and move configured routing behind plugin seams (#48197) 2026-03-17 17:27:52 +01:00
docs
gateway fix: serialize duplicate channel starts (#49583) (thanks @sudie-codes) 2026-03-18 01:57:12 -07:00
hooks
i18n
image-generation Main recovery: restore formatter and contract checks (#49570) 2026-03-18 00:30:01 -07:00
infra fix(security): block build-tool and glibc env injection vectors in host exec sandbox (#49702) 2026-03-18 13:11:01 +01:00
interactive
line
link-understanding
logging
markdown
media fix(telegram): unify transport fallback chain (#49148) 2026-03-17 22:44:15 +05:30
media-understanding fix(plugins): forward plugin subagent overrides (#48277) 2026-03-17 07:20:27 -07:00
memory refactor: replace "seam" terminology across codebase 2026-03-18 00:20:15 -07:00
node-host
pairing fix: stabilize full gate 2026-03-17 07:06:25 +00:00
plugin-sdk Plugin SDK: harden provider auth seams 2026-03-18 02:29:25 -07:00
plugins Plugin SDK: split provider auth login seam 2026-03-18 02:04:10 -07:00
process fix: stabilize full gate 2026-03-17 07:06:25 +00:00
providers
routing
scripts
secrets Main recovery: restore formatter and contract checks (#49570) 2026-03-18 00:30:01 -07:00
security docs(security): clarify wildcard Control UI origins 2026-03-17 09:36:51 -07:00
sessions
shared refactor: dedupe plugin lazy runtime helpers 2026-03-17 09:24:22 -07:00
terminal refactor: replace "seam" terminology across codebase 2026-03-18 00:20:15 -07:00
test-helpers
test-utils Plugin SDK: require unified message discovery 2026-03-18 03:02:16 +00:00
tts test: merge tts config gating cases 2026-03-17 16:21:58 +00:00
tui
types
utils fix: stabilize full gate 2026-03-17 07:06:25 +00:00
web-search Main recovery: restore formatter and contract checks (#49570) 2026-03-18 00:30:01 -07:00
whatsapp fix: stabilize full gate 2026-03-17 07:06:25 +00:00
wizard Plugins: soften hook-only compatibility copy 2026-03-17 23:08:38 -07:00
channel-web.ts
docker-build-cache.test.ts
docker-image-digests.test.ts
docker-setup.e2e.test.ts
dockerfile.test.ts
entry.test.ts
entry.ts
entry.version-fast-path.test.ts
globals.ts
index.test.ts
index.ts
install-sh-version.test.ts
library.ts
logger.test.ts
logger.ts
logging.ts
param-key.ts
poll-params.test.ts
poll-params.ts Polls: scope Telegram poll extras to plugin schema 2026-03-18 02:34:33 +00:00
polls.test.ts
polls.ts
runtime.ts
utils.test.ts
utils.ts
version.test.ts
version.ts