惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

F
Full Disclosure
Recorded Future
Recorded Future
T
Tenable Blog
S
Securelist
C
CERT Recently Published Vulnerability Notes
T
Threatpost
S
Schneier on Security
A
Arctic Wolf
The Hacker News
The Hacker News
C
CXSECURITY Database RSS Feed - CXSecurity.com
Know Your Adversary
Know Your Adversary
P
Privacy International News Feed
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
The Register - Security
The Register - Security
Cisco Talos Blog
Cisco Talos Blog
AWS News Blog
AWS News Blog
K
Kaspersky official blog
T
True Tiger Recordings
T
Threat Research - Cisco Blogs
V
Vulnerabilities – Threatpost
P
Palo Alto Networks Blog
T
The Exploit Database - CXSecurity.com
小众软件
小众软件
B
Blog
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
Microsoft Azure Blog
Microsoft Azure Blog
Cyberwarzone
Cyberwarzone
C
Cybersecurity and Infrastructure Security Agency CISA
T
Tor Project blog
Spread Privacy
Spread Privacy
Malwarebytes
Malwarebytes
P
Proofpoint News Feed
F
Fox-IT International blog
F
Fortinet All Blogs
P
Privacy & Cybersecurity Law Blog
G
GRAHAM CLULEY
量子位
Latest news
Latest news
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
博客园 - 叶小钗
Project Zero
Project Zero
T
Tailwind CSS Blog
N
Netflix TechBlog - Medium
Martin Fowler
Martin Fowler
IntelliJ IDEA : IntelliJ IDEA – the Leading IDE for Professional Development in Java and Kotlin | The JetBrains Blog
IntelliJ IDEA : IntelliJ IDEA – the Leading IDE for Professional Development in Java and Kotlin | The JetBrains Blog
I
Intezer
博客园_首页
腾讯CDC
H
Hackread – Cybersecurity News, Data Breaches, AI and More
D
Darknet – Hacking Tools, Hacker News & Cyber Security

Recent Commits to openclaw:main

fix(e2e): bound upgrade survivor probes · openclaw/openclaw@981ae13 fix(doctor): keep hooks model checks read-only (#86101) · openclaw/openclaw@371c4d6 fix(installer): tighten nonroot smoke node preflight · openclaw/openclaw@340f480 fix(e2e): bound HTTP readiness probes · openclaw/openclaw@d58f864 fix(daemon): keep node tasks off gateway listener cleanup · openclaw/openclaw@a4e0b6e perf(gateway): reuse prepared auth stores · openclaw/openclaw@d2711c9 test: speed up codex app server run attempts · openclaw/openclaw@1ce3637 build(codex): update Codex CLI to 0.134.0 · openclaw/openclaw@231a812 docs(skills): omit advisory ids from changelog notes · openclaw/openclaw@989a369 test: speed up test project routing · openclaw/openclaw@140892c Fix stale approval prompts in Control UI (#86270) · openclaw/openclaw@5297eeb fix(installer): reject stale cli node runtimes · openclaw/openclaw@49d605e test: harden e2e harness isolation · openclaw/openclaw@acbb06e fix: keep approval runtime token local-only · openclaw/openclaw@96c5766 perf(gateway): defer skipped-channel sidecars · openclaw/openclaw@145b57c docs(changelog): refresh 2026.5.26 notes · openclaw/openclaw@26c0c19 docs(skills): add release changelog update workflow · openclaw/openclaw@c8d20ae fix(e2e): bound upgrade survivor cli checks · openclaw/openclaw@c965b3a test: speed up doctor config flow tests · openclaw/openclaw@5177180 fix(events): sanitize queued system markers (#87094) · openclaw/openclaw@c1151ea fix(gateway): remove redundant unknown union · openclaw/openclaw@f393ebe test: speed up model fallback tests · openclaw/openclaw@e7f644c fix(imessage): stage remote media before understanding · openclaw/openclaw@ae52be9 fix(gateway): drop stale subagent announce history · openclaw/openclaw@982e888 fix: repair local approval resolution (#86771) · openclaw/openclaw@13cfb77 fix(e2e): bound codex media plugin setup · openclaw/openclaw@f89fcdd fix(gateway): stop chat timeout fallback cascade · openclaw/openclaw@b4f6928 perf(gateway): defer scheduled service imports · openclaw/openclaw@b74cd69 test: speed up capability cli tests · openclaw/openclaw@0126aba perf(gateway): defer startup warning fallback imports · openclaw/openclaw@0ee4ccf fix(gateway): bound watch regression teardown · openclaw/openclaw@7014bd0 fix(codex): keep WebChat delivery hints out of user requests · openclaw/openclaw@0cfccdb test: type current plugin metadata snapshot mock · openclaw/openclaw@a43cf2b test: align WebChat delivery hint expectations · openclaw/openclaw@1242931 test: speed up command secret gateway tests · openclaw/openclaw@657f9d1 fix(status): show explicit fast mode state (#87115) · openclaw/openclaw@41962ed fix: preserve plugin LLM command auth (#85936) · openclaw/openclaw@9119492 test: align loopback prompt metadata · openclaw/openclaw@f7a39f4 perf(gateway): reuse metadata for startup warnings · openclaw/openclaw@166097e fix(plugin-sdk): stabilize diagnostic event root alias · openclaw/openclaw@53f36a8 fix(tui): queue prompts submitted while busy (#86722) · openclaw/openclaw@6842d72 test: speed up tooling tests · openclaw/openclaw@f34a527 fix(plugin-sdk): use Function.name to find onDiagnosticEvent export (… · openclaw/openclaw@b3f8a0e Suppress transient runner failures in channels (#87069) · openclaw/openclaw@df6ec28 fix(e2e): bound telegram live hot path · openclaw/openclaw@698c40e test: speed up crabbox wrapper tests · openclaw/openclaw@5aaad5f refactor(telegram): encode conversation binding mode · openclaw/openclaw@df659d1 fix(agents): correlate pathless read diagnostics (#86977) · openclaw/openclaw@cecb076 perf: trim gateway session cache churn · openclaw/openclaw@cdfb1b4 test: speed up update cli tests · openclaw/openclaw@9065377 fix(doctor): map runtime tool schema health · openclaw/openclaw@27ad3d7 fix(e2e): bound update channel CLI checks · openclaw/openclaw@8fa5ecb test: speed up run-node tests · openclaw/openclaw@c8364b4 fix(browser): validate current tab before snapshots (#78526) · openclaw/openclaw@0604700 fix(media): require staged sandbox media refs · openclaw/openclaw@42d6cf6 perf: trim gateway startup planning · openclaw/openclaw@8d6b599 fix(codex): quarantine unsupported dynamic tool schemas · openclaw/openclaw@d7d037b fix(e2e): bound package cli scenarios · openclaw/openclaw@d0cb7ba ci: prepare pnpm for crabbox hydrate · openclaw/openclaw@716d719 fix(e2e): bound kitchen sink gateway teardown · openclaw/openclaw@81d22e8 test: speed up test routing and parallels smoke tests · openclaw/openclaw@9754117 fix(onboard): preserve configured default model (#87000) · openclaw/openclaw@5304682 fix(telegram): route plugin-bound topic messages · openclaw/openclaw@b8ea6d2 fix(gateway): bound benchmark teardown waits · openclaw/openclaw@1baab3b fix(diagnostics): recover orphaned session activity · openclaw/openclaw@286964c perf: avoid redundant runtime postbuild sync · openclaw/openclaw@a67ee0f fix(media): resolve inbound media refs consistently · openclaw/openclaw@6290ed5 fix(e2e): bound logged onboard commands · openclaw/openclaw@b74984d fix(ollama): normalize greedy top_p (#87049) · openclaw/openclaw@dfadc7b test: speed up crabbox wrapper tests · openclaw/openclaw@1954468 test: speed up crabbox config shim · openclaw/openclaw@1d2bf82 clickclack: enforce inbound sender allowlist [AI] (#83741) · openclaw/openclaw@10546e5 fix: isolate chat transcript fallback failures · openclaw/openclaw@fafed25 refactor: centralize prepared user turn merge · openclaw/openclaw@481f432 fix: preserve inline image routing with staged media · openclaw/openclaw@9263e38 test: wait for initial session task cleanup · openclaw/openclaw@00ab2f2 fix: keep user turn replay hooks idempotent · openclaw/openclaw@91cb042 refactor: carry prepared user turns on recorder · openclaw/openclaw@44bdc52 fix: preserve provenance through user turn hooks · openclaw/openclaw@223655d fix: use cleaned user turn transcript text · openclaw/openclaw@b9c2590 fix: preserve user turn provenance metadata · openclaw/openclaw@2e8f1d4 fix: keep user turn enrichment off dispatch · openclaw/openclaw@c862143 refactor: trim user turn transcript API · openclaw/openclaw@8bbd4ba fix: mark final codex mirror user persistence · openclaw/openclaw@2bd38da fix: resolve final codex mirror prompt · openclaw/openclaw@c0f8224 fix: use selected user transcript text · openclaw/openclaw@e4c42ae fix: restore user turn persistence checks · openclaw/openclaw@696fb41 fix: persist cli user turns to admitted session target · openclaw/openclaw@d55fe4b refactor: trim duplicated transcript tests · openclaw/openclaw@fe44ecd test: trim duplicate user turn persistence coverage · openclaw/openclaw@ffb8350 refactor: remove duplicate user turn handoff · openclaw/openclaw@20d7bf7 refactor: drop unused user turn update mode · openclaw/openclaw@848c389 fix(filefetch): wrap fetched text as external content (#87062) · openclaw/openclaw@42b8898 fix(ci): satisfy script oxlint sort rule · openclaw/openclaw@ffe1213 ci: tolerate gateway status help probe hangs fix(memory-core): close providers created during shutdown · openclaw/openclaw@e982302 fix(gateway): bound e2e HTTP helper responses · openclaw/openclaw@6509da7 fix(agents): honor per-agent thinking defaults for ingress runs (#86689) · openclaw/openclaw@bba4298 perf: trim gateway runtime hotspots · openclaw/openclaw@2035f38 test(cli): allow mac startup memory overhead · openclaw/openclaw@978cb6a
docs(changelog): omit advisory id from release notes · openclaw/openclaw@d606881
steipete · 2026-05-27 · via Recent Commits to openclaw:main
Original file line numberDiff line numberDiff line change

@@ -41,7 +41,7 @@ Docs: https://docs.openclaw.ai

4141
4242

### Fixes

4343
44-

- Security/content boundaries: validate Browser snapshot tab URLs against SSRF policy before ChromeMCP or direct CDP reads, sanitize queued system-event text so untrusted plugin/channel labels cannot spoof nested prompt markers, wrap fetched file text and metadata as external content, apply ClickClack `allowFrom` sender allowlists before agent dispatch, reject RPCs from invalidated device-token clients during rotation, require staged sandbox media refs, and scrub serialized tool-call text from replies. (#78526, #87094, #87062, #83741, #70707, #86924, GHSA-j5p4-wxhw-4h4c) Thanks @zsxsoft, @ttzero25, and @mmaps.

44+

- Security/content boundaries: validate Browser snapshot tab URLs against SSRF policy before ChromeMCP or direct CDP reads, sanitize queued system-event text so untrusted plugin/channel labels cannot spoof nested prompt markers, wrap fetched file text and metadata as external content, apply ClickClack `allowFrom` sender allowlists before agent dispatch, reject RPCs from invalidated device-token clients during rotation, require staged sandbox media refs, and scrub serialized tool-call text from replies. (#78526, #87094, #87062, #83741, #70707, #86924) Thanks @zsxsoft, @ttzero25, and @mmaps.

4545

- Transcripts/user turns: persist CLI, WebChat, media, follow-up, hook, and Codex-mirror user turns to the admitted session target; keep cleaned transcript text, inline image routing, provenance metadata, replay hooks, and fallback paths idempotent when runtimes fail or restart.

4646

- TUI/status/onboarding: queue busy TUI prompts instead of dropping them, preserve the configured default model during onboarding, show failed tool results as errors, keep status JSON plugin scans healthy, preserve xAI usage-limit errors locally, and expose explicit fast-mode/systemd state. (#86722, #87000, #85786, #87001, #86614, #87115, #86976)

4747

- Plugin commands/SDK: preserve plugin LLM command auth, keep `onDiagnosticEvent` exports discoverable through `Function.name`, stabilize diagnostic event root aliases, correlate pathless read diagnostics, suppress transient runner failures in channel command paths, and repair local approval resolution. (#85936, #87084, #86977, #87069, #86771)

此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。