惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
Jina AI
Jina AI
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
T
Troy Hunt's Blog
T
The Exploit Database - CXSecurity.com
Microsoft Security Blog
Microsoft Security Blog
V
Visual Studio Blog
F
Fortinet All Blogs
博客园_首页
P
Proofpoint News Feed
V
Vulnerabilities – Threatpost
The Cloudflare Blog
C
Cyber Attacks, Cyber Crime and Cyber Security
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
H
Heimdal Security Blog
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
A
About on SuperTechFans
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
AI
AI
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
S
Security Affairs
The Register - Security
The Register - Security
S
Security @ Cisco Blogs
Hugging Face - Blog
Hugging Face - Blog
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
博客园 - 聂微东
Schneier on Security
Schneier on Security
WordPress大学
WordPress大学
Google DeepMind News
Google DeepMind News
GbyAI
GbyAI
T
Tailwind CSS Blog
Hacker News: Ask HN
Hacker News: Ask HN
W
WeLiveSecurity
D
Docker
L
LangChain Blog
B
Blog RSS Feed
The Last Watchdog
The Last Watchdog
Cloudbric
Cloudbric
TaoSecurity Blog
TaoSecurity Blog
N
Netflix TechBlog - Medium
酷 壳 – CoolShell
酷 壳 – CoolShell
I
InfoQ
The Hacker News
The Hacker News
AWS News Blog
AWS News Blog
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
宝玉的分享
宝玉的分享
I
Intezer
云风的 BLOG
云风的 BLOG
V2EX - 技术
V2EX - 技术
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO

Recent Commits to openclaw:main

test: merge chat side-result checks · openclaw/openclaw@ddd2c2a test: merge cron history checks · openclaw/openclaw@f7eb746 test: merge responsive navigation shell checks · openclaw/openclaw@c2e4b47 docs(changelog): add codex oauth fixes · openclaw/openclaw@628e6cd test: merge navigation routing cases · openclaw/openclaw@5d8cecb Tests: mock channel registry bundled fallback · openclaw/openclaw@2b08233 Secrets: avoid broad web search discovery for single plugin config · openclaw/openclaw@a464f59 test: merge config view browser checks · openclaw/openclaw@20cf511 fix(status): align oauth health with runtime · openclaw/openclaw@eed7116 feat: add macOS screen snapshots for monitor preview (#67954) thanks … · openclaw/openclaw@f377db1 fix: report shared auth scopes in hello-ok (#67810) thanks @BunsDev · openclaw/openclaw@0b6c39b Auto-reply: avoid eager bundled route fallback · openclaw/openclaw@3ea1bf4 Tests: narrow session binding contract setup · openclaw/openclaw@54e4e16 fix(macOS): enable undo/redo in webchat composer text input (#34962) · openclaw/openclaw@00951dc Tests: speed up channel setup promotion · openclaw/openclaw@82b529a Docs: refresh agent instructions · openclaw/openclaw@5775fe2 fix(auth): serialize OAuth refresh across agents to fix #26322 (#67876) · openclaw/openclaw@8e79080 test: allow ollama public surface boundary test · openclaw/openclaw@7d4f1a6 Docs: add test performance guardrails · openclaw/openclaw@89706d3 Tests: restore context-engine usage proof · openclaw/openclaw@e4c4f95 Tests: slim context engine runtime coverage · openclaw/openclaw@74c198f ci: retry failed custom checkouts · openclaw/openclaw@0ee5baf test: trim duplicate provider auth onboarding cases · openclaw/openclaw@1ffc02e matrix: fix sessions_spawn --thread subagent session spawning (#67643) · openclaw/openclaw@1ce2596 test: reduce auth choice fixture churn · openclaw/openclaw@857b9cd test: mock health status config boundaries · openclaw/openclaw@9d5ab4a test: mock onboard config io boundary · openclaw/openclaw@299694d test: mock legacy state plugin boundaries · openclaw/openclaw@2713089 test: mock channel install boundaries · openclaw/openclaw@b945248 test: mock doctor preview channel boundaries · openclaw/openclaw@b1a3ad4 test: trim doctor command hotspots · openclaw/openclaw@c66f16a test: isolate agent auth and spawn hotspots · openclaw/openclaw@9285935 test: stabilize MCP startup disposal race · openclaw/openclaw@dd9d2eb test: merge browser contract server suites · openclaw/openclaw@5817a76 test: narrow ollama provider discovery setup · openclaw/openclaw@a0d9598 build: declare qa-lab aimock runtime dependency · openclaw/openclaw@24431e5 test: speed up safe-bins exec harness · openclaw/openclaw@ee856ab test: preserve tool helpers in embedded runner mocks · openclaw/openclaw@acd86a0 refactor: move memory embeddings into provider plugins · openclaw/openclaw@77e6e4c test: reuse system-run temp fixtures · openclaw/openclaw@7e9ff0f test: trim hotspot wait overhead · openclaw/openclaw@12a59b0 Check: avoid duplicate boundary prep · openclaw/openclaw@baf11b8 test: reduce hotspot fixture overhead · openclaw/openclaw@3a59edd feat(ui): overhaul settings and slash command UX (#67819) thanks @Bun… · openclaw/openclaw@2cfb660 QA Matrix: exit cleanly on failure · openclaw/openclaw@42805d2 QA Matrix: isolate scenario coverage · openclaw/openclaw@7e659e1 Matrix: refresh crypto bootstrap state · openclaw/openclaw@94081d8 QA Lab: add provider registry · openclaw/openclaw@bb7e982 Matrix: add plugin changelog · openclaw/openclaw@4acab55 test: trim more hotspot overhead · openclaw/openclaw@f485311 test: trim remaining hotspot tests · openclaw/openclaw@6ba8626 test: narrow hotspot mocks · openclaw/openclaw@dbc8179 test: isolate gemini embedding request helpers · openclaw/openclaw@cd330f5 test: trim memory and mcp hotspots · openclaw/openclaw@fd48dfa test: slim provider registry mocks · openclaw/openclaw@2e08c77 test: harden Parallels update smoke · openclaw/openclaw@1a98090 feat: default Anthropic to Opus 4.7 · openclaw/openclaw@628b454 fix: harden node-host shell payload mutability checks · openclaw/openclaw@75c551e fix: land node-host approval binding for native binaries (#66731) (th… · openclaw/openclaw@29919bb CI: add daily schedule to CodeQL workflow (#67645) · openclaw/openclaw@69d25f5 fix(gateway): capture config hash after plugin auto-enable to prevent… · openclaw/openclaw@8c11210 fix: repair sanitized replay tool results before send (#67620) (thank… · openclaw/openclaw@c3c7a99 fix: restrict HTML timeout short-circuit to transient statuses · openclaw/openclaw@de129a6 fix: keep TUI watchdog bound to active run (#67401) (thanks @xantorres) · openclaw/openclaw@3525273 Gateway/skills: dedupe skills prefix-match + drop dead fallback on log · openclaw/openclaw@d7f489f Extensions/lmstudio: back off inference preload after consecutive fai… · openclaw/openclaw@b555214 TUI/streaming: add watchdog that resets the activity indicator after … · openclaw/openclaw@f44ab20 Agents/tool-loop: enable unknown-tool stream guard by default · openclaw/openclaw@36ed367 Gateway/skills: invalidate session skills snapshot on config write · openclaw/openclaw@b23d59a fix: classify HTML provider error pages correctly (#67642) (thanks @s… · openclaw/openclaw@e588e90 fix(skills): remove unused model-usage import (#67641) · openclaw/openclaw@55f05df docs(changelog): credit codex fix superseded PRs · openclaw/openclaw@e485f24 fix(openai-codex): normalize stale transport metadata in resolution a… · openclaw/openclaw@90801ba CI: pin Docker-related GitHub Actions (#67632) · openclaw/openclaw@f697b01 Android: modernize WebView and discovery API usage (#67627) · openclaw/openclaw@44a6e50 fix(deps): bump hono to 4.12.14 and @hono/node-server to 1.19.14 (GHS… · openclaw/openclaw@fbccc18 fix(deps): bump dompurify to 3.4.0 (#67614) · openclaw/openclaw@2c2dc00 CI: add explicit permissions to all workflow jobs (fixes code-scannin… · openclaw/openclaw@01b7516 fix: register bundled TTS providers and route overrides correctly (#6… · openclaw/openclaw@6ea3cdd fix: align host tilde paths with OS home (#62804) (thanks @stainlu) · openclaw/openclaw@ecfaf64 fix: flush creds queue before reconnect socket open (#67464) (thanks … · openclaw/openclaw@405c63f fix: strip standalone <function> tool call tags from visible text (#6… · openclaw/openclaw@78df859 fix(agents): preserve cli session metadata before transcript persist … · openclaw/openclaw@898fd04 docs(changelog): move cli transcript entry · openclaw/openclaw@c1817c6 fix(agents): normalize cli transcript api field · openclaw/openclaw@3a3fae0 docs(changelog): note cli transcript persistence · openclaw/openclaw@6c343f1 fix(agents): persist cli transcript turns · openclaw/openclaw@b8ef507 fix(msteams): harden security-sensitive flows (#65841) · openclaw/openclaw@c56b56e [Dashboard] Fix exec approval modal overflow for long command content… · openclaw/openclaw@053c5b0 Docs: remove QA changelog entry · openclaw/openclaw@7fd5771 QA: fix private runtime source loading (#67428) · openclaw/openclaw@d5933af docs(gateway): correct protocol.md schema path, hello-ok example, aut… · openclaw/openclaw@489404d CI: pin Node 22 runners to 22.18.0 · openclaw/openclaw@4ffa621 models.authStatus: normalize provider ids + tighten env-backed escape… · openclaw/openclaw@f2fdb9d Update CHANGELOG.md · openclaw/openclaw@7694a92 test(parallels): clean up npm update guard jobs · openclaw/openclaw@045ea7b Plugins: prefer scanDir override paths · openclaw/openclaw@b2974da fix(dreaming): default storage.mode to "separate" so phase blocks sto… · openclaw/openclaw@8c392f0 fix(memory-core): skip dreaming transcript ingestion via session stor… · openclaw/openclaw@a1b01f0 fix: dedupe replayed exec.finished node events (#67281) · openclaw/openclaw@5dcf526
chore(lint): enable stricter oxlint rules · openclaw/openclaw@304e2c8
steipete · 2026-06-01 · via Recent Commits to openclaw:main

@@ -2,7 +2,7 @@

22

// Secret scanning alert handler for OpenClaw maintainers.

33

// Usage: node secret-scanning.mjs <command> [options]

445-

import { execFileSync, spawnSync } from "node:child_process";

5+

import { spawnSync } from "node:child_process";

66

import crypto from "node:crypto";

77

import fs from "node:fs";

88

import os from "node:os";

@@ -39,7 +39,9 @@ function gh(args, { json = true, allowFailure = false } = {}) {

3939

stderr: proc.stderr,

4040

};

4141

}

42-

if (!json) return proc.stdout;

42+

if (!json) {

43+

return proc.stdout;

44+

}

4345

try {

4446

return JSON.parse(proc.stdout);

4547

} catch {

@@ -70,7 +72,9 @@ export function loadBodyRedactionResult(locationType, resultFile) {

7072

if (!resultFile) {

7173

fail("Body notifications require a redaction result file from redact-body-if-needed");

7274

}

73-

if (!fs.existsSync(resultFile)) fail(`File not found: ${resultFile}`);

75+

if (!fs.existsSync(resultFile)) {

76+

fail(`File not found: ${resultFile}`);

77+

}

74787579

const result = JSON.parse(fs.readFileSync(resultFile, "utf8"));

7680

if (typeof result.notify_required !== "boolean") {

@@ -182,10 +186,11 @@ function fetchDiscussionComment(discussionNumber, discussionCommentDbId) {

182186

failOnGraphQLFailure(gql, `Failed to fetch discussion #${discussionNumber}`);

183187184188

const discussion = gql?.data?.repository?.discussion;

185-

if (!discussion)

189+

if (!discussion) {

186190

fail(

187191

`Discussion #${discussionNumber} not found — it may have been deleted. The alert cannot be processed via this skill.`,

188192

);

193+

}

189194190195

discussionId = discussion.id;

191196

@@ -205,15 +210,18 @@ function fetchDiscussionComment(discussionNumber, discussionCommentDbId) {

205210

`Failed to fetch replies for discussion comment ${topLevelComment.id}`,

206211

);

207212

const replies = replyPage?.data?.node?.replies;

208-

if (!replies)

213+

if (!replies) {

209214

fail(`Failed to paginate replies for discussion comment ${topLevelComment.id}`);

215+

}

210216211217

reply = findDiscussionCommentNode(replies.nodes, discussionCommentDbId);

212218

hasMoreReplies = replies.pageInfo.hasNextPage;

213219

replyCursor = replies.pageInfo.endCursor;

214220

}

215221216-

if (reply) return { discussionId, comment: reply };

222+

if (reply) {

223+

return { discussionId, comment: reply };

224+

}

217225

}

218226219227

hasNextPage = discussion.comments.pageInfo.hasNextPage;

@@ -241,7 +249,9 @@ function createDiscussionComment(discussionNodeId, body, replyToNodeId) {

241249

* Fetch alert metadata + locations. Never exposes .secret.

242250

*/

243251

function cmdFetchAlert(alertNumber) {

244-

if (!alertNumber) fail("Usage: fetch-alert <number>");

252+

if (!alertNumber) {

253+

fail("Usage: fetch-alert <number>");

254+

}

245255246256

const alert = gh(["api", `repos/${REPO}/secret-scanning/alerts/${alertNumber}?hide_secret=true`]);

247257

@@ -280,28 +290,35 @@ function cmdFetchAlert(alertNumber) {

280290

* Saves full body to a temp file. Prints metadata + file path to stdout.

281291

*/

282292

function cmdFetchContent(locationJson) {

283-

if (!locationJson) fail("Usage: fetch-content '<location-json>'");

293+

if (!locationJson) {

294+

fail("Usage: fetch-content '<location-json>'");

295+

}

284296

const location = JSON.parse(locationJson);

285297

const type = location.type;

286298

const details = location.details;

287299288300

if (type === "discussion_comment") {

289301

const commentUrl = details.discussion_comment_url;

290-

if (!commentUrl) fail("No discussion_comment_url in location details");

302+

if (!commentUrl) {

303+

fail("No discussion_comment_url in location details");

304+

}

291305292306

const urlMatch = commentUrl.match(/discussions\/(\d+)#discussioncomment-(\d+)/);

293-

if (!urlMatch) fail(`Cannot parse discussion comment URL: ${commentUrl}`);

307+

if (!urlMatch) {

308+

fail(`Cannot parse discussion comment URL: ${commentUrl}`);

309+

}

294310

const discussionNumber = urlMatch[1];

295311

const discussionCommentDbId = urlMatch[2];

296312297313

const { discussionId, comment } = fetchDiscussionComment(

298314

discussionNumber,

299315

discussionCommentDbId,

300316

);

301-

if (!comment)

317+

if (!comment) {

302318

fail(

303319

`Discussion comment #${discussionCommentDbId} not found in discussion #${discussionNumber}`,

304320

);

321+

}

305322306323

const bodyFile = tmpFile("body.md");

307324

fs.writeFileSync(bodyFile, comment.body || "");

@@ -334,7 +351,9 @@ function cmdFetchContent(locationJson) {

334351

details.issue_comment_url ||

335352

details.pull_request_comment_url ||

336353

details.pull_request_review_comment_url;

337-

if (!commentUrl) fail(`No comment URL in location details`);

354+

if (!commentUrl) {

355+

fail(`No comment URL in location details`);

356+

}

338357339358

const comment = gh(["api", commentUrl]);

340359

const bodyFile = tmpFile("body.md");

@@ -378,7 +397,9 @@ function cmdFetchContent(locationJson) {

378397

);

379398

} else if (type === "issue_body") {

380399

const issueUrl = details.issue_body_url || details.issue_url;

381-

if (!issueUrl) fail("No issue URL in location details");

400+

if (!issueUrl) {

401+

fail("No issue URL in location details");

402+

}

382403383404

const issue = gh(["api", issueUrl]);

384405

const bodyFile = tmpFile("body.md");

@@ -414,7 +435,9 @@ function cmdFetchContent(locationJson) {

414435

);

415436

} else if (type === "pull_request_body") {

416437

const prUrl = details.pull_request_body_url || details.pull_request_url;

417-

if (!prUrl) fail("No PR URL in location details");

438+

if (!prUrl) {

439+

fail("No PR URL in location details");

440+

}

418441419442

const pr = gh(["api", prUrl]);

420443

const bodyFile = tmpFile("body.md");

@@ -490,7 +513,9 @@ function cmdRedactBody(kind, number, bodyFile) {

490513

if (!kind || !number || !bodyFile) {

491514

fail("Usage: redact-body <issue|pr> <number> <redacted-body-file>");

492515

}

493-

if (!fs.existsSync(bodyFile)) fail(`File not found: ${bodyFile}`);

516+

if (!fs.existsSync(bodyFile)) {

517+

fail(`File not found: ${bodyFile}`);

518+

}

494519495520

const endpoint =

496521

kind === "pr" ? `repos/${REPO}/pulls/${number}` : `repos/${REPO}/issues/${number}`;

@@ -509,8 +534,12 @@ function cmdRedactBodyIfNeeded(kind, number, currentBodyFile, redactedBodyFile,

509534

"Usage: redact-body-if-needed <issue|pr> <number> <current-body-file> <redacted-body-file> <result-file>",

510535

);

511536

}

512-

if (!fs.existsSync(currentBodyFile)) fail(`File not found: ${currentBodyFile}`);

513-

if (!fs.existsSync(redactedBodyFile)) fail(`File not found: ${redactedBodyFile}`);

537+

if (!fs.existsSync(currentBodyFile)) {

538+

fail(`File not found: ${currentBodyFile}`);

539+

}

540+

if (!fs.existsSync(redactedBodyFile)) {

541+

fail(`File not found: ${redactedBodyFile}`);

542+

}

514543515544

const currentBody = fs.readFileSync(currentBodyFile, "utf8");

516545

const redactedBody = fs.readFileSync(redactedBodyFile, "utf8");

@@ -541,7 +570,9 @@ function cmdRedactBodyIfNeeded(kind, number, currentBodyFile, redactedBodyFile,

541570

* Delete a comment (and all its edit history).

542571

*/

543572

function cmdDeleteComment(commentId) {

544-

if (!commentId) fail("Usage: delete-comment <comment-id>");

573+

if (!commentId) {

574+

fail("Usage: delete-comment <comment-id>");

575+

}

545576

gh(["api", `repos/${REPO}/issues/comments/${commentId}`, "-X", "DELETE"], { json: false });

546577

console.log(JSON.stringify({ ok: true, deleted_comment_id: Number(commentId) }));

547578

}

@@ -551,7 +582,9 @@ function cmdDeleteComment(commentId) {

551582

* Delete a discussion comment via GraphQL (and all its edit history).

552583

*/

553584

function cmdDeleteDiscussionComment(nodeId) {

554-

if (!nodeId) fail("Usage: delete-discussion-comment <node-id>");

585+

if (!nodeId) {

586+

fail("Usage: delete-discussion-comment <node-id>");

587+

}

555588

const result = ghGraphQL(

556589

`mutation { deleteDiscussionComment(input: { id: "${nodeId}" }) { comment { id } } }`,

557590

);

@@ -566,9 +599,12 @@ function cmdDeleteDiscussionComment(nodeId) {

566599

* Create a new discussion comment via GraphQL.

567600

*/

568601

function cmdRecreateDiscussionComment(discussionNodeId, bodyFile, replyToNodeId) {

569-

if (!discussionNodeId || !bodyFile)

602+

if (!discussionNodeId || !bodyFile) {

570603

fail("Usage: recreate-discussion-comment <discussion-node-id> <body-file> [reply-to-node-id]");

571-

if (!fs.existsSync(bodyFile)) fail(`File not found: ${bodyFile}`);

604+

}

605+

if (!fs.existsSync(bodyFile)) {

606+

fail(`File not found: ${bodyFile}`);

607+

}

572608573609

const body = fs.readFileSync(bodyFile, "utf8");

574610

const newComment = createDiscussionComment(discussionNodeId, body, replyToNodeId);

@@ -586,8 +622,12 @@ function cmdRecreateDiscussionComment(discussionNodeId, bodyFile, replyToNodeId)

586622

* Create a new comment from a file.

587623

*/

588624

function cmdRecreateComment(issueNumber, bodyFile) {

589-

if (!issueNumber || !bodyFile) fail("Usage: recreate-comment <issue-number> <body-file>");

590-

if (!fs.existsSync(bodyFile)) fail(`File not found: ${bodyFile}`);

625+

if (!issueNumber || !bodyFile) {

626+

fail("Usage: recreate-comment <issue-number> <body-file>");

627+

}

628+

if (!fs.existsSync(bodyFile)) {

629+

fail(`File not found: ${bodyFile}`);

630+

}

591631592632

const result = gh([

593633

"api",

@@ -715,7 +755,9 @@ function cmdNotify(target, author, locationType, secretTypes, replyToNodeId) {

715755

* Close a secret scanning alert.

716756

*/

717757

function cmdResolve(alertNumber, resolution, comment) {

718-

if (!alertNumber) fail("Usage: resolve <alert-number> [resolution] [comment]");

758+

if (!alertNumber) {

759+

fail("Usage: resolve <alert-number> [resolution] [comment]");

760+

}

719761720762

const res = resolution || "revoked";

721763

const resComment = comment || "Content redacted and author notified to rotate credentials.";

@@ -773,8 +815,12 @@ function cmdListOpen() {

773815

* Print a formatted summary table from a JSON results file.

774816

*/

775817

function cmdSummary(jsonFile) {

776-

if (!jsonFile) fail("Usage: summary <json-file>");

777-

if (!fs.existsSync(jsonFile)) fail(`File not found: ${jsonFile}`);

818+

if (!jsonFile) {

819+

fail("Usage: summary <json-file>");

820+

}

821+

if (!fs.existsSync(jsonFile)) {

822+

fail(`File not found: ${jsonFile}`);

823+

}

778824779825

const results = JSON.parse(fs.readFileSync(jsonFile, "utf8"));

780826

const lines = [];