惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

B
Blog RSS Feed
Spread Privacy
Spread Privacy
T
Threatpost
C
Cisco Blogs
P
Palo Alto Networks Blog
AI
AI
Cyberwarzone
Cyberwarzone
NISL@THU
NISL@THU
P
Privacy & Cybersecurity Law Blog
G
GRAHAM CLULEY
Simon Willison's Weblog
Simon Willison's Weblog
T
Tor Project blog
Latest news
Latest news
AWS News Blog
AWS News Blog
D
Docker
S
SegmentFault 最新的问题
博客园 - 聂微东
WordPress大学
WordPress大学
Vercel News
Vercel News
S
Securelist
爱范儿
爱范儿
J
Java Code Geeks
Know Your Adversary
Know Your Adversary
S
Schneier on Security
Hugging Face - Blog
Hugging Face - Blog
F
Fortinet All Blogs
Last Week in AI
Last Week in AI
D
DataBreaches.Net
宝玉的分享
宝玉的分享
D
Darknet – Hacking Tools, Hacker News & Cyber Security
MongoDB | Blog
MongoDB | Blog
Engineering at Meta
Engineering at Meta
K
Kaspersky official blog
美团技术团队
博客园 - 叶小钗
阮一峰的网络日志
阮一峰的网络日志
量子位
博客园_首页
Attack and Defense Labs
Attack and Defense Labs
S
Secure Thoughts
Google Online Security Blog
Google Online Security Blog
Application and Cybersecurity Blog
Application and Cybersecurity Blog
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
腾讯CDC
T
Threat Research - Cisco Blogs
雷峰网
雷峰网
有赞技术团队
有赞技术团队
www.infosecurity-magazine.com
www.infosecurity-magazine.com
P
Privacy International News Feed
S
Security Affairs

Recent Commits to openclaw:main

test: merge chat side-result checks · openclaw/openclaw@ddd2c2a test: merge cron history checks · openclaw/openclaw@f7eb746 test: merge responsive navigation shell checks · openclaw/openclaw@c2e4b47 docs(changelog): add codex oauth fixes · openclaw/openclaw@628e6cd test: merge navigation routing cases · openclaw/openclaw@5d8cecb Tests: mock channel registry bundled fallback · openclaw/openclaw@2b08233 Secrets: avoid broad web search discovery for single plugin config · openclaw/openclaw@a464f59 test: merge config view browser checks · openclaw/openclaw@20cf511 fix(status): align oauth health with runtime · openclaw/openclaw@eed7116 feat: add macOS screen snapshots for monitor preview (#67954) thanks … · openclaw/openclaw@f377db1 fix: report shared auth scopes in hello-ok (#67810) thanks @BunsDev · openclaw/openclaw@0b6c39b Auto-reply: avoid eager bundled route fallback · openclaw/openclaw@3ea1bf4 Tests: narrow session binding contract setup · openclaw/openclaw@54e4e16 fix(macOS): enable undo/redo in webchat composer text input (#34962) · openclaw/openclaw@00951dc Tests: speed up channel setup promotion · openclaw/openclaw@82b529a Docs: refresh agent instructions · openclaw/openclaw@5775fe2 fix(auth): serialize OAuth refresh across agents to fix #26322 (#67876) · openclaw/openclaw@8e79080 test: allow ollama public surface boundary test · openclaw/openclaw@7d4f1a6 Docs: add test performance guardrails · openclaw/openclaw@89706d3 Tests: restore context-engine usage proof · openclaw/openclaw@e4c4f95 Tests: slim context engine runtime coverage · openclaw/openclaw@74c198f ci: retry failed custom checkouts · openclaw/openclaw@0ee5baf test: trim duplicate provider auth onboarding cases · openclaw/openclaw@1ffc02e matrix: fix sessions_spawn --thread subagent session spawning (#67643) · openclaw/openclaw@1ce2596 test: reduce auth choice fixture churn · openclaw/openclaw@857b9cd test: mock health status config boundaries · openclaw/openclaw@9d5ab4a test: mock onboard config io boundary · openclaw/openclaw@299694d test: mock legacy state plugin boundaries · openclaw/openclaw@2713089 test: mock channel install boundaries · openclaw/openclaw@b945248 test: mock doctor preview channel boundaries · openclaw/openclaw@b1a3ad4 test: trim doctor command hotspots · openclaw/openclaw@c66f16a test: isolate agent auth and spawn hotspots · openclaw/openclaw@9285935 test: stabilize MCP startup disposal race · openclaw/openclaw@dd9d2eb test: merge browser contract server suites · openclaw/openclaw@5817a76 test: narrow ollama provider discovery setup · openclaw/openclaw@a0d9598 build: declare qa-lab aimock runtime dependency · openclaw/openclaw@24431e5 test: speed up safe-bins exec harness · openclaw/openclaw@ee856ab test: preserve tool helpers in embedded runner mocks · openclaw/openclaw@acd86a0 refactor: move memory embeddings into provider plugins · openclaw/openclaw@77e6e4c test: reuse system-run temp fixtures · openclaw/openclaw@7e9ff0f test: trim hotspot wait overhead · openclaw/openclaw@12a59b0 Check: avoid duplicate boundary prep · openclaw/openclaw@baf11b8 test: reduce hotspot fixture overhead · openclaw/openclaw@3a59edd feat(ui): overhaul settings and slash command UX (#67819) thanks @Bun… · openclaw/openclaw@2cfb660 QA Matrix: exit cleanly on failure · openclaw/openclaw@42805d2 QA Matrix: isolate scenario coverage · openclaw/openclaw@7e659e1 Matrix: refresh crypto bootstrap state · openclaw/openclaw@94081d8 QA Lab: add provider registry · openclaw/openclaw@bb7e982 Matrix: add plugin changelog · openclaw/openclaw@4acab55 test: trim more hotspot overhead · openclaw/openclaw@f485311 test: trim remaining hotspot tests · openclaw/openclaw@6ba8626 test: narrow hotspot mocks · openclaw/openclaw@dbc8179 test: isolate gemini embedding request helpers · openclaw/openclaw@cd330f5 test: trim memory and mcp hotspots · openclaw/openclaw@fd48dfa test: slim provider registry mocks · openclaw/openclaw@2e08c77 test: harden Parallels update smoke · openclaw/openclaw@1a98090 feat: default Anthropic to Opus 4.7 · openclaw/openclaw@628b454 fix: harden node-host shell payload mutability checks · openclaw/openclaw@75c551e fix: land node-host approval binding for native binaries (#66731) (th… · openclaw/openclaw@29919bb CI: add daily schedule to CodeQL workflow (#67645) · openclaw/openclaw@69d25f5 fix(gateway): capture config hash after plugin auto-enable to prevent… · openclaw/openclaw@8c11210 fix: repair sanitized replay tool results before send (#67620) (thank… · openclaw/openclaw@c3c7a99 fix: restrict HTML timeout short-circuit to transient statuses · openclaw/openclaw@de129a6 fix: keep TUI watchdog bound to active run (#67401) (thanks @xantorres) · openclaw/openclaw@3525273 Gateway/skills: dedupe skills prefix-match + drop dead fallback on log · openclaw/openclaw@d7f489f Extensions/lmstudio: back off inference preload after consecutive fai… · openclaw/openclaw@b555214 TUI/streaming: add watchdog that resets the activity indicator after … · openclaw/openclaw@f44ab20 Agents/tool-loop: enable unknown-tool stream guard by default · openclaw/openclaw@36ed367 Gateway/skills: invalidate session skills snapshot on config write · openclaw/openclaw@b23d59a fix: classify HTML provider error pages correctly (#67642) (thanks @s… · openclaw/openclaw@e588e90 fix(skills): remove unused model-usage import (#67641) · openclaw/openclaw@55f05df docs(changelog): credit codex fix superseded PRs · openclaw/openclaw@e485f24 fix(openai-codex): normalize stale transport metadata in resolution a… · openclaw/openclaw@90801ba CI: pin Docker-related GitHub Actions (#67632) · openclaw/openclaw@f697b01 Android: modernize WebView and discovery API usage (#67627) · openclaw/openclaw@44a6e50 fix(deps): bump hono to 4.12.14 and @hono/node-server to 1.19.14 (GHS… · openclaw/openclaw@fbccc18 fix(deps): bump dompurify to 3.4.0 (#67614) · openclaw/openclaw@2c2dc00 CI: add explicit permissions to all workflow jobs (fixes code-scannin… · openclaw/openclaw@01b7516 fix: register bundled TTS providers and route overrides correctly (#6… · openclaw/openclaw@6ea3cdd fix: align host tilde paths with OS home (#62804) (thanks @stainlu) · openclaw/openclaw@ecfaf64 fix: flush creds queue before reconnect socket open (#67464) (thanks … · openclaw/openclaw@405c63f fix: strip standalone <function> tool call tags from visible text (#6… · openclaw/openclaw@78df859 fix(agents): preserve cli session metadata before transcript persist … · openclaw/openclaw@898fd04 docs(changelog): move cli transcript entry · openclaw/openclaw@c1817c6 fix(agents): normalize cli transcript api field · openclaw/openclaw@3a3fae0 docs(changelog): note cli transcript persistence · openclaw/openclaw@6c343f1 fix(agents): persist cli transcript turns · openclaw/openclaw@b8ef507 fix(msteams): harden security-sensitive flows (#65841) · openclaw/openclaw@c56b56e [Dashboard] Fix exec approval modal overflow for long command content… · openclaw/openclaw@053c5b0 Docs: remove QA changelog entry · openclaw/openclaw@7fd5771 QA: fix private runtime source loading (#67428) · openclaw/openclaw@d5933af docs(gateway): correct protocol.md schema path, hello-ok example, aut… · openclaw/openclaw@489404d CI: pin Node 22 runners to 22.18.0 · openclaw/openclaw@4ffa621 models.authStatus: normalize provider ids + tighten env-backed escape… · openclaw/openclaw@f2fdb9d Update CHANGELOG.md · openclaw/openclaw@7694a92 test(parallels): clean up npm update guard jobs · openclaw/openclaw@045ea7b Plugins: prefer scanDir override paths · openclaw/openclaw@b2974da fix(dreaming): default storage.mode to "separate" so phase blocks sto… · openclaw/openclaw@8c392f0 fix(memory-core): skip dreaming transcript ingestion via session stor… · openclaw/openclaw@a1b01f0 fix: dedupe replayed exec.finished node events (#67281) · openclaw/openclaw@5dcf526
fix: Refine PR template for review state (#86054) · openclaw/openclaw@5bffd17
Takhoffman · 2026-05-24 · via Recent Commits to openclaw:main

@@ -1,165 +1,132 @@

11

## Summary

223-

Describe the problem and fix in 2–5 bullets:

3+

What problem does this PR solve?

4+5+6+

Why does this matter now?

7+8+9+

What is the intended outcome?

10+11+12+

What is intentionally out of scope?

13+14+15+

What does success look like?

16+17+18+

What should reviewers focus on?

19+20+

<details>

21+

<summary>Summary guidance</summary>

22+23+

This PR description is the contributor's durable explanation of the change. Write it for human maintainers first; ClawSweeper and Barnacle use the same text to understand intent, proof, risk, and current review state.

24+25+

Describe the intent and outcome in 2-5 bullets. Avoid restating the diff; reviewers and bots can read the changed files.

426527

If this PR fixes a plugin beta-release blocker, title it `fix(<plugin-id>): beta blocker - <summary>` and link the matching `Beta blocker: <plugin-name> - <summary>` issue labeled `beta-blocker`. Contributors cannot label PRs, so the title is the PR-side signal for maintainers and automation.

6287-

- Problem:

8-

- Solution:

9-

- What changed:

10-

- What did NOT change (scope boundary):

29+

</details>

113012-

## Motivation

31+

## Linked context

133214-

Explain why this change should exist now. Link it to the user pain, failure mode, maintainer need, or product goal. If this is purely mechanical, write `N/A`.

33+

Which issue does this close?

153416-

-

35+

Closes #

173618-

## Change Type (select all)

37+

Which issues, PRs, or discussions are related?

193820-

- [ ] Bug fix

21-

- [ ] Feature

22-

- [ ] Refactor required for the fix

23-

- [ ] Docs

24-

- [ ] Security hardening

25-

- [ ] Chore/infra

39+

Related #

264027-

## Scope (select all touched areas)

41+

Was this requested by a maintainer or owner?

284229-

- [ ] Gateway / orchestration

30-

- [ ] Skills / tool execution

31-

- [ ] Auth / tokens

32-

- [ ] Memory / storage

33-

- [ ] Integrations

34-

- [ ] API / contracts

35-

- [ ] UI / DX

36-

- [ ] CI/CD / infra

43+

<details>

44+

<summary>Linked context guidance</summary>

374538-

## Linked Issue/PR

46+

Link the issue, PR, discussion, maintainer request, or owner request that explains why this PR should exist. Maintainer context helps reviewers and automation distinguish intended work from drive-by churn.

394740-

- Closes #

41-

- Related #

42-

- [ ] This PR fixes a bug or regression

48+

</details>

43494450

## Real behavior proof (required for external PRs)

455146-

External contributors must show after-fix evidence from a real OpenClaw setup. Unit tests, mocks, lint, typechecks, snapshots, and CI are supplemental only. Screenshots are encouraged even for CLI, console, text, or log changes; terminal screenshots and copied live output count. Be mindful of private information like IP addresses, API keys, phone numbers, non-public endpoints, or other private details when providing evidence.

47-4852

- Behavior or issue addressed:

4953

- Real environment tested:

5054

- Exact steps or command run after this patch:

5155

- Evidence after fix (screenshot, recording, terminal capture, console output, redacted runtime log, linked artifact, or copied live output):

5256

- Observed result after fix:

5357

- What was not tested:

58+

- Proof limitations or environment constraints:

5459

- Before evidence (optional but encouraged):

556056-

## Root Cause (if applicable)

61+

<details>

62+

<summary>Real behavior proof guidance</summary>

63+64+

External contributors must show after-fix evidence from a real OpenClaw setup. Unit tests, mocks, lint, typechecks, snapshots, and CI are supplemental only.

65+66+

Screenshots are encouraged even for CLI, console, text, or log changes. Terminal screenshots, copied live output, redacted runtime logs, recordings, and linked artifacts count.

576758-

For bug fixes or regressions, explain why this happened, not just what changed. Otherwise write `N/A`. If the cause is unclear, write `Unknown`.

68+

If your environment cannot produce the ideal proof, explain that under `Proof limitations or environment constraints` so reviewers and ClawSweeper can direct the next step properly.

596960-

- Root cause:

61-

- Missing detection / guardrail:

62-

- Contributing context (if known):

70+

Be mindful of private information like IP addresses, API keys, phone numbers, non-public endpoints, or other private details when providing evidence.

637164-

## Regression Test Plan (if applicable)

72+

</details>

657366-

For bug fixes or regressions, name the smallest reliable test coverage that should catch this. Otherwise write `N/A`.

74+

## Tests and validation

677568-

- Coverage level that should have caught this:

69-

- [ ] Unit test

70-

- [ ] Seam / integration test

71-

- [ ] End-to-end test

72-

- [ ] Existing coverage already sufficient

73-

- Target test or file:

74-

- Scenario the test should lock in:

75-

- Why this is the smallest reliable guardrail:

76-

- Existing test that already covers this (if any):

77-

- If no new test is added, why not:

76+

Which commands did you run?

787779-

## User-visible / Behavior Changes

807881-

List user-visible changes (including defaults/config).

82-

If none, write `None`.

79+

What regression coverage was added or updated?

838084-

## Diagram (if applicable)

858186-

For UI changes or non-trivial logic flows, include a small ASCII diagram reviewers can scan quickly. Otherwise write `N/A`.

82+

What failed before this fix, if known?

878388-

```text

89-

Before:

90-

[user action] -> [old state]

918492-

After:

93-

[user action] -> [new state] -> [result]

94-

```

85+

If no test was added, why not?

958696-

## Security Impact (required)

87+

<details>

88+

<summary>Testing guidance</summary>

978998-

- New permissions/capabilities? (`Yes/No`)

99-

- Secrets/tokens handling changed? (`Yes/No`)

100-

- New/changed network calls? (`Yes/No`)

101-

- Command/tool execution surface changed? (`Yes/No`)

102-

- Data access scope changed? (`Yes/No`)

103-

- If any `Yes`, explain risk + mitigation:

90+

List focused commands, not every incidental check. CI is useful support, but external PRs still need real behavior proof above when behavior changes.

10491105-

## Repro + Verification

92+

</details>

10693107-

### Environment

94+

## Risk checklist

10895109-

- OS:

110-

- Runtime/container:

111-

- Model/provider:

112-

- Integration/channel (if any):

113-

- Relevant config (redacted):

96+

Did user-visible behavior change? (`Yes/No`)

11497115-

### Steps

11698117-

1.

118-

2.

119-

3.

99+

Did config, environment, or migration behavior change? (`Yes/No`)

120100121-

### Expected

122101123-

-

102+

Did security, auth, secrets, network, or tool execution behavior change? (`Yes/No`)

124103125-

### Actual

126104127-

-

105+

What is the highest-risk area?

128106129-

## Evidence

130107131-

Attach at least one:

108+

How is that risk mitigated?

132109133-

- [ ] Failing test/log before + passing after

134-

- [ ] Trace/log snippets

135-

- [ ] Screenshot/recording

136-

- [ ] Perf numbers (if relevant)

110+

<details>

111+

<summary>Risk guidance</summary>

137112138-

## Human Verification (required)

113+

Use this for author judgment that is not obvious from the diff. ClawSweeper can see touched files, but it cannot know which behavior you think is risky, why the risk is acceptable, or what mitigation reviewers should verify.

139114140-

What you personally verified (not just CI), and how:

115+

</details>

141116142-

- Verified scenarios:

143-

- Edge cases checked:

144-

- What you did **not** verify:

117+

## Current review state

145118146-

## Review Conversations

119+

What is the next action?

147120148-

- [ ] I replied to or resolved every bot review conversation I addressed in this PR.

149-

- [ ] I left unresolved only the conversations that still need reviewer or maintainer judgment.

150121151-

If a bot review conversation is addressed by this PR, resolve that conversation yourself. Do not leave bot review conversation cleanup for maintainers.

122+

What is still waiting on author, maintainer, CI, or external proof?

152123153-

## Compatibility / Migration

154124155-

- Backward compatible? (`Yes/No`)

156-

- Config/env changes? (`Yes/No`)

157-

- Migration needed? (`Yes/No`)

158-

- If yes, exact upgrade steps:

125+

Which bot or reviewer comments were addressed?

159126160-

## Risks and Mitigations

127+

<details>

128+

<summary>Review state guidance</summary>

161129162-

List only real risks for this PR. Add/remove entries as needed. If none, write `None`.

130+

Keep this as the durable state for review progress. If useful information appears in comments, fold the current next action or blocker back here so maintainers and ClawSweeper do not need to reconstruct state from comment history.

163131164-

- Risk:

165-

- Mitigation:

132+

</details>