慣性聚合 高效追讀感興趣之博客、新聞、科技資訊
閱原文 以慣性聚合開啟

推薦訂閱源

博客园 - 司徒正美
V
V2EX
T
Tailwind CSS Blog
有赞技术团队
有赞技术团队
aimingoo的专栏
aimingoo的专栏
Apple Machine Learning Research
Apple Machine Learning Research
IT之家
IT之家
Blog — PlanetScale
Blog — PlanetScale
A
About on SuperTechFans
月光博客
月光博客
T
The Blog of Author Tim Ferriss
宝玉的分享
宝玉的分享
Martin Fowler
Martin Fowler
博客园 - 聂微东
The GitHub Blog
The GitHub Blog
V
Visual Studio Blog
WordPress大学
WordPress大学
酷 壳 – CoolShell
酷 壳 – CoolShell
Engineering at Meta
Engineering at Meta
GbyAI
GbyAI

Recent Commits to openclaw:main

test: merge chat side-result checks · openclaw/openclaw@ddd2c2a test: merge cron history checks · openclaw/openclaw@f7eb746 test: merge responsive navigation shell checks · openclaw/openclaw@c2e4b47 docs(changelog): add codex oauth fixes · openclaw/openclaw@628e6cd test: merge navigation routing cases · openclaw/openclaw@5d8cecb Tests: mock channel registry bundled fallback · openclaw/openclaw@2b08233 Secrets: avoid broad web search discovery for single plugin config · openclaw/openclaw@a464f59 test: merge config view browser checks · openclaw/openclaw@20cf511 fix(status): align oauth health with runtime · openclaw/openclaw@eed7116 feat: add macOS screen snapshots for monitor preview (#67954) thanks … · openclaw/openclaw@f377db1 fix: report shared auth scopes in hello-ok (#67810) thanks @BunsDev · openclaw/openclaw@0b6c39b Auto-reply: avoid eager bundled route fallback · openclaw/openclaw@3ea1bf4 Tests: narrow session binding contract setup · openclaw/openclaw@54e4e16 fix(macOS): enable undo/redo in webchat composer text input (#34962) · openclaw/openclaw@00951dc Tests: speed up channel setup promotion · openclaw/openclaw@82b529a Docs: refresh agent instructions · openclaw/openclaw@5775fe2 fix(auth): serialize OAuth refresh across agents to fix #26322 (#67876) · openclaw/openclaw@8e79080 test: allow ollama public surface boundary test · openclaw/openclaw@7d4f1a6 Docs: add test performance guardrails · openclaw/openclaw@89706d3 Tests: restore context-engine usage proof · openclaw/openclaw@e4c4f95 Tests: slim context engine runtime coverage · openclaw/openclaw@74c198f ci: retry failed custom checkouts · openclaw/openclaw@0ee5baf test: trim duplicate provider auth onboarding cases · openclaw/openclaw@1ffc02e matrix: fix sessions_spawn --thread subagent session spawning (#67643) · openclaw/openclaw@1ce2596 test: reduce auth choice fixture churn · openclaw/openclaw@857b9cd test: mock health status config boundaries · openclaw/openclaw@9d5ab4a test: mock onboard config io boundary · openclaw/openclaw@299694d test: mock legacy state plugin boundaries · openclaw/openclaw@2713089 test: mock channel install boundaries · openclaw/openclaw@b945248 test: mock doctor preview channel boundaries · openclaw/openclaw@b1a3ad4 test: trim doctor command hotspots · openclaw/openclaw@c66f16a test: isolate agent auth and spawn hotspots · openclaw/openclaw@9285935 test: stabilize MCP startup disposal race · openclaw/openclaw@dd9d2eb test: merge browser contract server suites · openclaw/openclaw@5817a76 test: narrow ollama provider discovery setup · openclaw/openclaw@a0d9598 build: declare qa-lab aimock runtime dependency · openclaw/openclaw@24431e5 test: speed up safe-bins exec harness · openclaw/openclaw@ee856ab test: preserve tool helpers in embedded runner mocks · openclaw/openclaw@acd86a0 refactor: move memory embeddings into provider plugins · openclaw/openclaw@77e6e4c test: reuse system-run temp fixtures · openclaw/openclaw@7e9ff0f test: trim hotspot wait overhead · openclaw/openclaw@12a59b0 Check: avoid duplicate boundary prep · openclaw/openclaw@baf11b8 test: reduce hotspot fixture overhead · openclaw/openclaw@3a59edd feat(ui): overhaul settings and slash command UX (#67819) thanks @Bun… · openclaw/openclaw@2cfb660 QA Matrix: exit cleanly on failure · openclaw/openclaw@42805d2 QA Matrix: isolate scenario coverage · openclaw/openclaw@7e659e1 Matrix: refresh crypto bootstrap state · openclaw/openclaw@94081d8 QA Lab: add provider registry · openclaw/openclaw@bb7e982 Matrix: add plugin changelog · openclaw/openclaw@4acab55 test: trim more hotspot overhead · openclaw/openclaw@f485311
修(ollama):绕行管理代理以供回环嵌入 (#85707) · openclaw/openclaw@fd2a9ad
Kaspre · 2026-05-24 · via Recent Commits to openclaw:main

@@ -1,22 +1,29 @@

11

import type { OpenClawConfig } from "openclaw/plugin-sdk/provider-auth";

22

import { afterEach, beforeAll, beforeEach, describe, expect, it, vi } from "vitest";

334-

const { fetchWithSsrFGuardMock } = vi.hoisted(() => ({

5-

fetchWithSsrFGuardMock: vi.fn(async ({ init, url }: { init?: RequestInit; url: string }) => ({

6-

response: await fetch(url, init),

7-

release: async () => {},

8-

})),

4+

const { fetchConfiguredLocalOriginWithSsrFGuardMock } = vi.hoisted(() => ({

5+

fetchConfiguredLocalOriginWithSsrFGuardMock: vi.fn(

6+

async ({ init, url }: { init?: RequestInit; url: string }) => ({

7+

response: await fetch(url, init),

8+

release: async () => {},

9+

}),

10+

),

911

}));

10121113

vi.mock("openclaw/plugin-sdk/ssrf-runtime", () => ({

12-

fetchWithSsrFGuard: fetchWithSsrFGuardMock,

14+

fetchWithSsrFGuard: vi.fn(),

1315

formatErrorMessage: (error: unknown) => (error instanceof Error ? error.message : String(error)),

14-

ssrfPolicyFromHttpBaseUrlAllowedHostname: (baseUrl: string) => {

16+

ssrfPolicyFromHttpBaseUrlAllowedOrigin: (baseUrl: string) => {

1517

const parsed = new URL(baseUrl);

16-

return { allowedHostnames: [parsed.hostname] };

18+

return { allowedOrigins: [parsed.origin] };

1719

},

1820

}));

192122+

// Import-resolution gating for this private helper is covered in sdk-alias.test.ts.

23+

vi.mock("openclaw/plugin-sdk/ssrf-runtime-internal", () => ({

24+

fetchConfiguredLocalOriginWithSsrFGuard: fetchConfiguredLocalOriginWithSsrFGuardMock,

25+

}));

26+2027

let createOllamaEmbeddingProvider: typeof import("./embedding-provider.js").createOllamaEmbeddingProvider;

2128

let ollamaMemoryEmbeddingProviderAdapter: typeof import("./memory-embedding-adapter.js").ollamaMemoryEmbeddingProviderAdapter;

2229

@@ -26,7 +33,7 @@ beforeAll(async () => {

2633

});

27342835

beforeEach(() => {

29-

fetchWithSsrFGuardMock.mockClear();

36+

fetchConfiguredLocalOriginWithSsrFGuardMock.mockClear();

3037

});

31383239

afterEach(() => {

@@ -67,6 +74,14 @@ function readFirstEmbeddingInput(fetchMock: ReturnType<typeof mockEmbeddingFetch

6774

return body.input;

6875

}

697677+

function firstGuardedFetchCall(): Record<string, unknown> {

78+

const call = fetchConfiguredLocalOriginWithSsrFGuardMock.mock.calls[0]?.[0];

79+

if (!call || typeof call !== "object") {

80+

throw new Error("expected guarded fetch call");

81+

}

82+

return call as Record<string, unknown>;

83+

}

84+7085

function expectEmbeddingFetch(

7186

fetchMock: ReturnType<typeof mockEmbeddingFetch>,

7287

url: string,

@@ -109,6 +124,50 @@ describe("ollama embedding provider", () => {

109124

expect(vector[1]).toBeCloseTo(0.8, 5);

110125

});

111126127+

it("marks the configured Ollama origin for managed-proxy direct routing", async () => {

128+

const fetchMock = mockEmbeddingFetch([1, 0]);

129+130+

const { provider } = await createOllamaEmbeddingProvider({

131+

config: {} as OpenClawConfig,

132+

provider: "ollama",

133+

model: "nomic-embed-text",

134+

fallback: "none",

135+

remote: { baseUrl: "http://127.0.0.1:11434/v1" },

136+

});

137+138+

await provider.embedQuery("hello");

139+140+

expect(fetchMock).toHaveBeenCalledTimes(1);

141+

expect(firstGuardedFetchCall()).toMatchObject({

142+

url: "http://127.0.0.1:11434/api/embed",

143+

policy: { allowedOrigins: ["http://127.0.0.1:11434"] },

144+

configuredLocalOriginBaseUrl: "http://127.0.0.1:11434",

145+

auditContext: "ollama-memory-embedding",

146+

});

147+

});

148+149+

it("passes cloud Ollama origins through the guarded fetch contract", async () => {

150+

const fetchMock = mockEmbeddingFetch([1, 0]);

151+152+

const { provider } = await createOllamaEmbeddingProvider({

153+

config: {} as OpenClawConfig,

154+

provider: "ollama",

155+

model: "nomic-embed-text",

156+

fallback: "none",

157+

remote: { baseUrl: "https://ollama.com" },

158+

});

159+160+

await provider.embedQuery("hello");

161+162+

expect(fetchMock).toHaveBeenCalledTimes(1);

163+

expect(firstGuardedFetchCall()).toMatchObject({

164+

url: "https://ollama.com/api/embed",

165+

policy: { allowedOrigins: ["https://ollama.com"] },

166+

configuredLocalOriginBaseUrl: "https://ollama.com",

167+

auditContext: "ollama-memory-embedding",

168+

});

169+

});

170+112171

it("resolves configured base URL and headers without sending local marker auth", async () => {

113172

const fetchMock = mockEmbeddingFetch([1, 0]);

114173

@@ -249,6 +308,12 @@ describe("ollama embedding provider", () => {

249308

await expect(provider.embedBatch(["a", "bb", "ccc"])).resolves.toHaveLength(3);

250309

expect(fetchMock).toHaveBeenCalledTimes(1);

251310

expect(inputs).toEqual([["a", "bb", "ccc"]]);

311+

expect(firstGuardedFetchCall()).toMatchObject({

312+

url: "http://127.0.0.1:11434/api/embed",

313+

policy: { allowedOrigins: ["http://127.0.0.1:11434"] },

314+

configuredLocalOriginBaseUrl: "http://127.0.0.1:11434",

315+

auditContext: "ollama-memory-embedding",

316+

});

252317

});

253318254319

it("reports malformed embed JSON with a provider-owned error", async () => {

此內容由慣性聚合(RSS閱讀器)自動聚合整理,僅供閱讀參考。 原文來自 — 版權歸原作者所有。