惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
云风的 BLOG
云风的 BLOG
美团技术团队
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
爱范儿
爱范儿
Stack Overflow Blog
Stack Overflow Blog
WordPress大学
WordPress大学
GbyAI
GbyAI
雷峰网
雷峰网
P
Proofpoint News Feed
IT之家
IT之家
人人都是产品经理
人人都是产品经理
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
aimingoo的专栏
aimingoo的专栏
小众软件
小众软件
T
The Blog of Author Tim Ferriss
月光博客
月光博客
V
Visual Studio Blog
L
LINUX DO - 热门话题
L
Lohrmann on Cybersecurity
T
Troy Hunt's Blog
Project Zero
Project Zero
U
Unit 42
T
Tor Project blog
Scott Helme
Scott Helme
L
LINUX DO - 最新话题
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
I
InfoQ
Cloudbric
Cloudbric
P
Proofpoint News Feed
The Cloudflare Blog
H
Heimdal Security Blog
Google DeepMind News
Google DeepMind News
The GitHub Blog
The GitHub Blog
Attack and Defense Labs
Attack and Defense Labs
有赞技术团队
有赞技术团队
T
Threat Research - Cisco Blogs
T
The Exploit Database - CXSecurity.com
J
Java Code Geeks
博客园 - 【当耐特】
Security Latest
Security Latest
The Register - Security
The Register - Security
F
Fortinet All Blogs
I
Intezer
H
Hackread – Cybersecurity News, Data Breaches, AI and More
MongoDB | Blog
MongoDB | Blog
N
Netflix TechBlog - Medium
NISL@THU
NISL@THU
T
Tenable Blog

Recent Commits to openclaw:main

test: merge chat side-result checks · openclaw/openclaw@ddd2c2a test: merge cron history checks · openclaw/openclaw@f7eb746 test: merge responsive navigation shell checks · openclaw/openclaw@c2e4b47 docs(changelog): add codex oauth fixes · openclaw/openclaw@628e6cd test: merge navigation routing cases · openclaw/openclaw@5d8cecb Tests: mock channel registry bundled fallback · openclaw/openclaw@2b08233 Secrets: avoid broad web search discovery for single plugin config · openclaw/openclaw@a464f59 test: merge config view browser checks · openclaw/openclaw@20cf511 fix(status): align oauth health with runtime · openclaw/openclaw@eed7116 feat: add macOS screen snapshots for monitor preview (#67954) thanks … · openclaw/openclaw@f377db1 fix: report shared auth scopes in hello-ok (#67810) thanks @BunsDev · openclaw/openclaw@0b6c39b Auto-reply: avoid eager bundled route fallback · openclaw/openclaw@3ea1bf4 Tests: narrow session binding contract setup · openclaw/openclaw@54e4e16 fix(macOS): enable undo/redo in webchat composer text input (#34962) · openclaw/openclaw@00951dc Tests: speed up channel setup promotion · openclaw/openclaw@82b529a Docs: refresh agent instructions · openclaw/openclaw@5775fe2 fix(auth): serialize OAuth refresh across agents to fix #26322 (#67876) · openclaw/openclaw@8e79080 test: allow ollama public surface boundary test · openclaw/openclaw@7d4f1a6 Docs: add test performance guardrails · openclaw/openclaw@89706d3 Tests: restore context-engine usage proof · openclaw/openclaw@e4c4f95 Tests: slim context engine runtime coverage · openclaw/openclaw@74c198f ci: retry failed custom checkouts · openclaw/openclaw@0ee5baf test: trim duplicate provider auth onboarding cases · openclaw/openclaw@1ffc02e matrix: fix sessions_spawn --thread subagent session spawning (#67643) · openclaw/openclaw@1ce2596 test: reduce auth choice fixture churn · openclaw/openclaw@857b9cd test: mock health status config boundaries · openclaw/openclaw@9d5ab4a test: mock onboard config io boundary · openclaw/openclaw@299694d test: mock legacy state plugin boundaries · openclaw/openclaw@2713089 test: mock channel install boundaries · openclaw/openclaw@b945248 test: mock doctor preview channel boundaries · openclaw/openclaw@b1a3ad4 test: trim doctor command hotspots · openclaw/openclaw@c66f16a test: isolate agent auth and spawn hotspots · openclaw/openclaw@9285935 test: stabilize MCP startup disposal race · openclaw/openclaw@dd9d2eb test: merge browser contract server suites · openclaw/openclaw@5817a76 test: narrow ollama provider discovery setup · openclaw/openclaw@a0d9598 build: declare qa-lab aimock runtime dependency · openclaw/openclaw@24431e5 test: speed up safe-bins exec harness · openclaw/openclaw@ee856ab test: preserve tool helpers in embedded runner mocks · openclaw/openclaw@acd86a0 refactor: move memory embeddings into provider plugins · openclaw/openclaw@77e6e4c test: reuse system-run temp fixtures · openclaw/openclaw@7e9ff0f test: trim hotspot wait overhead · openclaw/openclaw@12a59b0 Check: avoid duplicate boundary prep · openclaw/openclaw@baf11b8 test: reduce hotspot fixture overhead · openclaw/openclaw@3a59edd feat(ui): overhaul settings and slash command UX (#67819) thanks @Bun… · openclaw/openclaw@2cfb660 QA Matrix: exit cleanly on failure · openclaw/openclaw@42805d2 QA Matrix: isolate scenario coverage · openclaw/openclaw@7e659e1 Matrix: refresh crypto bootstrap state · openclaw/openclaw@94081d8 QA Lab: add provider registry · openclaw/openclaw@bb7e982 Matrix: add plugin changelog · openclaw/openclaw@4acab55 test: trim more hotspot overhead · openclaw/openclaw@f485311 test: trim remaining hotspot tests · openclaw/openclaw@6ba8626 test: narrow hotspot mocks · openclaw/openclaw@dbc8179 test: isolate gemini embedding request helpers · openclaw/openclaw@cd330f5 test: trim memory and mcp hotspots · openclaw/openclaw@fd48dfa test: slim provider registry mocks · openclaw/openclaw@2e08c77 test: harden Parallels update smoke · openclaw/openclaw@1a98090 feat: default Anthropic to Opus 4.7 · openclaw/openclaw@628b454 fix: harden node-host shell payload mutability checks · openclaw/openclaw@75c551e fix: land node-host approval binding for native binaries (#66731) (th… · openclaw/openclaw@29919bb CI: add daily schedule to CodeQL workflow (#67645) · openclaw/openclaw@69d25f5 fix(gateway): capture config hash after plugin auto-enable to prevent… · openclaw/openclaw@8c11210 fix: repair sanitized replay tool results before send (#67620) (thank… · openclaw/openclaw@c3c7a99 fix: restrict HTML timeout short-circuit to transient statuses · openclaw/openclaw@de129a6 fix: keep TUI watchdog bound to active run (#67401) (thanks @xantorres) · openclaw/openclaw@3525273 Gateway/skills: dedupe skills prefix-match + drop dead fallback on log · openclaw/openclaw@d7f489f Extensions/lmstudio: back off inference preload after consecutive fai… · openclaw/openclaw@b555214 TUI/streaming: add watchdog that resets the activity indicator after … · openclaw/openclaw@f44ab20 Agents/tool-loop: enable unknown-tool stream guard by default · openclaw/openclaw@36ed367 Gateway/skills: invalidate session skills snapshot on config write · openclaw/openclaw@b23d59a fix: classify HTML provider error pages correctly (#67642) (thanks @s… · openclaw/openclaw@e588e90 fix(skills): remove unused model-usage import (#67641) · openclaw/openclaw@55f05df docs(changelog): credit codex fix superseded PRs · openclaw/openclaw@e485f24 fix(openai-codex): normalize stale transport metadata in resolution a… · openclaw/openclaw@90801ba CI: pin Docker-related GitHub Actions (#67632) · openclaw/openclaw@f697b01 Android: modernize WebView and discovery API usage (#67627) · openclaw/openclaw@44a6e50 fix(deps): bump hono to 4.12.14 and @hono/node-server to 1.19.14 (GHS… · openclaw/openclaw@fbccc18 fix(deps): bump dompurify to 3.4.0 (#67614) · openclaw/openclaw@2c2dc00 CI: add explicit permissions to all workflow jobs (fixes code-scannin… · openclaw/openclaw@01b7516 fix: register bundled TTS providers and route overrides correctly (#6… · openclaw/openclaw@6ea3cdd fix: align host tilde paths with OS home (#62804) (thanks @stainlu) · openclaw/openclaw@ecfaf64 fix: flush creds queue before reconnect socket open (#67464) (thanks … · openclaw/openclaw@405c63f fix: strip standalone <function> tool call tags from visible text (#6… · openclaw/openclaw@78df859 fix(agents): preserve cli session metadata before transcript persist … · openclaw/openclaw@898fd04 docs(changelog): move cli transcript entry · openclaw/openclaw@c1817c6 fix(agents): normalize cli transcript api field · openclaw/openclaw@3a3fae0 docs(changelog): note cli transcript persistence · openclaw/openclaw@6c343f1 fix(agents): persist cli transcript turns · openclaw/openclaw@b8ef507 fix(msteams): harden security-sensitive flows (#65841) · openclaw/openclaw@c56b56e [Dashboard] Fix exec approval modal overflow for long command content… · openclaw/openclaw@053c5b0 Docs: remove QA changelog entry · openclaw/openclaw@7fd5771 QA: fix private runtime source loading (#67428) · openclaw/openclaw@d5933af docs(gateway): correct protocol.md schema path, hello-ok example, aut… · openclaw/openclaw@489404d CI: pin Node 22 runners to 22.18.0 · openclaw/openclaw@4ffa621 models.authStatus: normalize provider ids + tighten env-backed escape… · openclaw/openclaw@f2fdb9d Update CHANGELOG.md · openclaw/openclaw@7694a92 test(parallels): clean up npm update guard jobs · openclaw/openclaw@045ea7b Plugins: prefer scanDir override paths · openclaw/openclaw@b2974da fix(dreaming): default storage.mode to "separate" so phase blocks sto… · openclaw/openclaw@8c392f0 fix(memory-core): skip dreaming transcript ingestion via session stor… · openclaw/openclaw@a1b01f0 fix: dedupe replayed exec.finished node events (#67281) · openclaw/openclaw@5dcf526
refactor: share fal provider http auth · openclaw/openclaw@667c03f
vincentkoc · 2026-05-29 · via Recent Commits to openclaw:main
Original file line numberDiff line numberDiff line change

@@ -0,0 +1,48 @@

1+

import { type AuthProfileStore, type OpenClawConfig } from "openclaw/plugin-sdk/provider-auth";

2+

import { resolveApiKeyForProvider } from "openclaw/plugin-sdk/provider-auth-runtime";

3+

import {

4+

resolveProviderHttpRequestConfig,

5+

type ProviderRequestCapability,

6+

} from "openclaw/plugin-sdk/provider-http";

7+

import { normalizeOptionalString } from "openclaw/plugin-sdk/string-coerce-runtime";

8+
9+

const DEFAULT_FAL_BASE_URL = "https://fal.run";

10+
11+

type FalAuthenticatedRequest = {

12+

cfg?: OpenClawConfig;

13+

agentDir?: string;

14+

authStore?: AuthProfileStore;

15+

};

16+
17+

function resolveFalConfiguredBaseUrl(cfg?: OpenClawConfig): string | undefined {

18+

return normalizeOptionalString(cfg?.models?.providers?.fal?.baseUrl);

19+

}

20+
21+

export async function resolveFalHttpRequestConfig(params: {

22+

req: FalAuthenticatedRequest;

23+

baseUrl?: string;

24+

capability: ProviderRequestCapability;

25+

}): Promise<ReturnType<typeof resolveProviderHttpRequestConfig>> {

26+

const auth = await resolveApiKeyForProvider({

27+

provider: "fal",

28+

cfg: params.req.cfg,

29+

agentDir: params.req.agentDir,

30+

store: params.req.authStore,

31+

});

32+

if (!auth.apiKey) {

33+

throw new Error("fal API key missing");

34+

}

35+
36+

return resolveProviderHttpRequestConfig({

37+

baseUrl: params.baseUrl ?? resolveFalConfiguredBaseUrl(params.req.cfg),

38+

defaultBaseUrl: DEFAULT_FAL_BASE_URL,

39+

allowPrivateNetwork: false,

40+

defaultHeaders: {

41+

Authorization: `Key ${auth.apiKey}`,

42+

"Content-Type": "application/json",

43+

},

44+

provider: "fal",

45+

capability: params.capability,

46+

transport: "http",

47+

});

48+

}

Original file line numberDiff line numberDiff line change

@@ -8,11 +8,9 @@ import {

88

toImageDataUrl,

99

} from "openclaw/plugin-sdk/image-generation";

1010

import { isProviderApiKeyConfigured } from "openclaw/plugin-sdk/provider-auth";

11-

import { resolveApiKeyForProvider } from "openclaw/plugin-sdk/provider-auth-runtime";

1211

import {

1312

assertOkOrThrowHttpError,

1413

assertOkOrThrowProviderError,

15-

resolveProviderHttpRequestConfig,

1614

} from "openclaw/plugin-sdk/provider-http";

1715

import {

1816

buildHostnameAllowlistPolicyFromSuffixAllowlist,

@@ -26,8 +24,8 @@ import {

2624

normalizeLowercaseStringOrEmpty,

2725

normalizeOptionalString,

2826

} from "openclaw/plugin-sdk/string-coerce-runtime";

27+

import { resolveFalHttpRequestConfig } from "./http-config.js";

2928
30-

const DEFAULT_FAL_BASE_URL = "https://fal.run";

3129

const DEFAULT_FAL_IMAGE_MODEL = "fal-ai/flux/dev";

3230

const DEFAULT_FAL_EDIT_SUBPATH = "image-to-image";

3331

const FAL_KREA_2_MODEL_PREFIX = "krea/v2/";

@@ -551,15 +549,6 @@ export function buildFalImageGenerationProvider(): ImageGenerationProvider {

551549

},

552550

},

553551

async generateImage(req) {

554-

const auth = await resolveApiKeyForProvider({

555-

provider: "fal",

556-

cfg: req.cfg,

557-

agentDir: req.agentDir,

558-

store: req.authStore,

559-

});

560-

if (!auth.apiKey) {

561-

throw new Error("fal API key missing");

562-

}

563552

const inputImageCount = req.inputImages?.length ?? 0;

564553

const hasInputImages = inputImageCount > 0;

565554

const requestedModel = req.model?.trim() || DEFAULT_FAL_IMAGE_MODEL;

@@ -588,20 +577,8 @@ export function buildFalImageGenerationProvider(): ImageGenerationProvider {

588577

if (!schema.supportsOutputFormat && req.outputFormat) {

589578

throw new Error(`fal ${requestedModel} does not support outputFormat overrides`);

590579

}

591-

const explicitBaseUrl = req.cfg?.models?.providers?.fal?.baseUrl?.trim();

592580

const { baseUrl, allowPrivateNetwork, headers, dispatcherPolicy } =

593-

resolveProviderHttpRequestConfig({

594-

baseUrl: explicitBaseUrl,

595-

defaultBaseUrl: DEFAULT_FAL_BASE_URL,

596-

allowPrivateNetwork: false,

597-

defaultHeaders: {

598-

Authorization: `Key ${auth.apiKey}`,

599-

"Content-Type": "application/json",

600-

},

601-

provider: "fal",

602-

capability: "image",

603-

transport: "http",

604-

});

581+

await resolveFalHttpRequestConfig({ req, capability: "image" });

605582

const networkPolicy = resolveFalNetworkPolicy({ baseUrl, allowPrivateNetwork });

606583

const requestBody: Record<string, unknown> = {

607584

prompt: req.prompt,

Original file line numberDiff line numberDiff line change

@@ -5,15 +5,10 @@ import {

55

type MusicGenerationRequest,

66

} from "openclaw/plugin-sdk/music-generation";

77

import { isProviderApiKeyConfigured } from "openclaw/plugin-sdk/provider-auth";

8-

import { resolveApiKeyForProvider } from "openclaw/plugin-sdk/provider-auth-runtime";

9-

import {

10-

assertOkOrThrowHttpError,

11-

postJsonRequest,

12-

resolveProviderHttpRequestConfig,

13-

} from "openclaw/plugin-sdk/provider-http";

8+

import { assertOkOrThrowHttpError, postJsonRequest } from "openclaw/plugin-sdk/provider-http";

149

import { normalizeOptionalString } from "openclaw/plugin-sdk/string-coerce-runtime";

10+

import { resolveFalHttpRequestConfig } from "./http-config.js";

1511
16-

const DEFAULT_FAL_BASE_URL = "https://fal.run";

1712

const DEFAULT_FAL_MUSIC_MODEL = "fal-ai/minimax-music/v2.6";

1813

const FAL_ACE_STEP_MODEL = "fal-ai/ace-step/prompt-to-audio";

1914

const FAL_STABLE_AUDIO_MODEL = "fal-ai/stable-audio-25/text-to-audio";

@@ -29,10 +24,6 @@ function resolveFalMusicModel(model: string | undefined): string {

2924

return normalizeOptionalString(model) ?? DEFAULT_FAL_MUSIC_MODEL;

3025

}

3126
32-

function resolveFalMusicBaseUrl(req: MusicGenerationRequest): string | undefined {

33-

return normalizeOptionalString(req.cfg?.models?.providers?.fal?.baseUrl);

34-

}

35-
3627

function buildFalMinimaxBody(req: MusicGenerationRequest): Record<string, unknown> {

3728

const lyrics = normalizeOptionalString(req.lyrics);

3829

if (lyrics && req.instrumental === true) {

@@ -145,29 +136,8 @@ export function buildFalMusicGenerationProvider(): MusicGenerationProvider {

145136

throw new Error("fal music generation does not support image reference inputs.");

146137

}

147138
148-

const auth = await resolveApiKeyForProvider({

149-

provider: "fal",

150-

cfg: req.cfg,

151-

agentDir: req.agentDir,

152-

store: req.authStore,

153-

});

154-

if (!auth.apiKey) {

155-

throw new Error("fal API key missing");

156-

}

157-
158139

const { baseUrl, allowPrivateNetwork, headers, dispatcherPolicy } =

159-

resolveProviderHttpRequestConfig({

160-

baseUrl: resolveFalMusicBaseUrl(req),

161-

defaultBaseUrl: DEFAULT_FAL_BASE_URL,

162-

allowPrivateNetwork: false,

163-

defaultHeaders: {

164-

Authorization: `Key ${auth.apiKey}`,

165-

"Content-Type": "application/json",

166-

},

167-

provider: "fal",

168-

capability: "audio",

169-

transport: "http",

170-

});

140+

await resolveFalHttpRequestConfig({ req, capability: "audio" });

171141

const model = resolveFalMusicModel(req.model);

172142

const { response, release } = await postJsonRequest({

173143

url: `${baseUrl}/${model}`,

Original file line numberDiff line numberDiff line change

@@ -1,10 +1,6 @@

11

import { extensionForMime } from "openclaw/plugin-sdk/media-mime";

22

import { isProviderApiKeyConfigured } from "openclaw/plugin-sdk/provider-auth";

3-

import { resolveApiKeyForProvider } from "openclaw/plugin-sdk/provider-auth-runtime";

4-

import {

5-

assertOkOrThrowHttpError,

6-

resolveProviderHttpRequestConfig,

7-

} from "openclaw/plugin-sdk/provider-http";

3+

import { assertOkOrThrowHttpError } from "openclaw/plugin-sdk/provider-http";

84

import {

95

fetchWithSsrFGuard,

106

type SsrFPolicy,

@@ -20,8 +16,8 @@ import type {

2016

VideoGenerationProvider,

2117

VideoGenerationRequest,

2218

} from "openclaw/plugin-sdk/video-generation";

19+

import { resolveFalHttpRequestConfig } from "./http-config.js";

2320
24-

const DEFAULT_FAL_BASE_URL = "https://fal.run";

2521

const DEFAULT_FAL_QUEUE_BASE_URL = "https://queue.fal.run";

2622

const DEFAULT_FAL_VIDEO_MODEL = "fal-ai/minimax/video-01-live";

2723

const HEYGEN_VIDEO_AGENT_MODEL = "fal-ai/heygen/v2/video-agent";

@@ -573,28 +569,8 @@ export function buildFalVideoGenerationProvider(): VideoGenerationProvider {

573569

async generateVideo(req) {

574570

const model = normalizeOptionalString(req.model) || DEFAULT_FAL_VIDEO_MODEL;

575571

validateFalVideoReferenceInputs({ req, model });

576-

const auth = await resolveApiKeyForProvider({

577-

provider: "fal",

578-

cfg: req.cfg,

579-

agentDir: req.agentDir,

580-

store: req.authStore,

581-

});

582-

if (!auth.apiKey) {

583-

throw new Error("fal API key missing");

584-

}

585572

const { baseUrl, allowPrivateNetwork, headers, dispatcherPolicy } =

586-

resolveProviderHttpRequestConfig({

587-

baseUrl: normalizeOptionalString(req.cfg?.models?.providers?.fal?.baseUrl),

588-

defaultBaseUrl: DEFAULT_FAL_BASE_URL,

589-

allowPrivateNetwork: false,

590-

defaultHeaders: {

591-

Authorization: `Key ${auth.apiKey}`,

592-

"Content-Type": "application/json",

593-

},

594-

provider: "fal",

595-

capability: "video",

596-

transport: "http",

597-

});

573+

await resolveFalHttpRequestConfig({ req, capability: "video" });

598574

const requestBody = buildFalVideoRequestBody({ req, model });

599575

const policy = buildPolicy(allowPrivateNetwork);

600576

const queueBaseUrl = resolveFalQueueBaseUrl(baseUrl);